Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts
A spear-phishing campaign dubbed "Ducktail" has been discovered targeting marketing and HR professionals through LinkedIn, with the aim of taking over Facebook Business accounts and abusing the Ads function to run...
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs
A dangerous malware variant called "Amadey Bot" that has been largely dormant for the past two years has surfaced again with new features that make it stealthier, more persistent,...
Rare ‘CosmicStrand’ UEFI Rootkit Swings into Cybercrime Orbit
A Windows firmware rootkit known as "CosmicStrand" has appeared in the cyberthreat firmament, targeting the Unified Extensible Firmware Interface (UEFI) to achieve stealth and persistence.
UEFI firmware is tasked with...
Qakbot Is Back With a New Trick: DLL Sideloading
Known for its constant evolution, Qakbot malware has returned with a new twist — the use of .DLL sideloading to execute the malicious file.
Researchers from Cyble recently warned that...
8 top SBOM tools to consider
To really secure software, you need to know what's inside its code. That's why a software bill of materials is essential today. It used to be that we didn't...
Hacker drains $1.08M from Audius following passing of malicious proposal
Proposals in crypto help communities make consensus-based decisions. However, for decentralized music platform Auduis, the passing of a malicious governance proposal resulted in the transfer of tokens worth $6.1...
ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused
Welcome to Dark Reading's weekly digest of the can't-miss stories of the week, featuring the lowdown on the Neopets breach and what it means for consumer-facing companies of all...
Phishing Bonanza: Social-Engineering Savvy Skyrockets as Malicious Actors Cash In
This week, it came to light that gaming platform Roblox was breached via a phishing/social-engineering attack that led to the theft of internal documents and the leaking of them online...
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments
The latest confirmations of the growing attacker interest in VMware ESXi environments are two ransomware variants that surfaced in recent weeks and have begun hitting targets worldwide.
One of the...
Google Chrome Zero-Day Weaponized to Spy on Journalists
A zero-day vulnerability in Google Chrome was used by the established spyware group Candiru to compromise users in the Middle East — specifically journalists in Lebanon.
Avast researchers said attackers...
