Bumblebee Malware Buzzes Into Cyberattack Fray
At least three separate waves of cyberattacks are underway that feature a sophisticated new malware loader dubbed Bumblebee that fetches shell code and second-stage tools, such as Cobalt Strike, Sliver, and...
Businesses Rethink Endpoint Security for 2021
The mass movement to remote work has forced organizations to rethink their long-term plans for endpoint security. How will things look different next year?This year has put IT and...
Lazarus Lures Aspiring Crypto Pros With Fake Exchange Job Postings
Researchers are warning that Lazarus has expanded its campaign using fake jobs with cryptocurrency exchanges to trick macOS users into downloading malware.Just last month, researchers observed Lazarus using Coinbase...
McAfee Raises $740M in Second IPO
The security software giant and its investors sold 37 million shares priced at $20 each, putting McAfee's value around $8.6 billion.McAfee today made its return to the public market...
Ukrainian Member of Notorious FIN7 Cybercrime Group Sentenced
A Ukrainian man called a "pen tester" by his cohorts in the FIN7 cybercrime gang was sentenced to five years in prison for his role hacking for the operation.
Denys Iarmak,...
US Seizes 27 More IRGC-Controlled Domain Names
The action follows last month's seizure of 92 domain names used by Iran's Islamic Revolutionary Guard Corps to spread disinformation.The US Department of Justice (DoJ) today reported the seizure...
Former Conti Ransomware Members Join Initial Access Broker Group Targeting Ukraine
Former members of the Russia-linked Conti ransomware gang are repurposing their tactics to join in with an initial access broker (IAB) that's been targeting Ukraine in a series of...
Dark Reading to Upgrade Site Design, Performance
Improvements will make site content easier to navigate, faster, and more functional.Dark Reading will look different to readers in the days ahead, and that's a good thing.
In an effort...
Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps
Attackers are deploying malicious OAuth applications on compromised cloud tenants, with the goal of taking over Microsoft Exchange Servers to spread spam.
That's according to the Microsoft 365 Defender Research...
School Kid Uploads Ransomware Scripts to PyPI Repository as ‘Fun’ Project
An apparently school-age hacker based in Verona, Italy, has become the latest to demonstrate why developers need to pay close attention to what they download from public code repositories...
