Miscreants turn to ad tech to measure malware metrics
Cyber criminals are using ad networks to optimize their malware campaigns and increase the likelihood of users falling for their social engineering attacks.
The DarkGate PDF malware campaign uses ad tools to deliver malicious URLs to victims, evading detection and collecting analytics on who clicks their links. [ more ]
Volume of unique malware samples threatens to overwhelm defenders | Computer Weekly
BlackBerry's latest Global threat intelligence report reveals that cybercriminals are using a more diverse range of malware than ever before, with over 380,000 malicious samples observed.
The high volume of unique malware samples can overwhelm and bypass traditional security operations centers (SOCs) easily, increasing the need for advanced anti-malware protection.
BlackBerry recommends leveraging AI and ML capabilities for advanced anti-malware protection to ease the pressure on security teams. [ more ]
Threat actors look to stolen credentials | Computer Weekly
Cyber criminals are increasingly using valid accounts to breach corporate networks, necessitating a focus on distinguishing between legitimate and malicious user activity. [ more ]
Apple iPhone security alert renews spyware concerns | Computer Weekly
Apple issued a security alert warning users of targeted mercenary spyware attacks. Threat notifications are crucial for informing individuals targeted by such malicious activities. [ more ]
Council Post: Five Steps To Get Your Network Security Ready For The Future
Remote work blurs the line between work and home networks, challenging traditional security perimeters.
Sophisticated threats like advanced persistent threats and insiders present significant security challenges in a borderless network environment. [ more ]
AI models trained on quality exploit data have the potential to generate malware that could evade detection by current security filters.
The most advanced generative AI tools will be in the hands of the most capable attackers, potentially increasing the effectiveness of cyber attacks. [ more ]
Miscreants absolutely love using GitHub to sling malware
GitHub's popularity and utility make it immune to Chinese censorship, but also attractive to criminals for distributing malware.
GitHub's advantageous features for malware authors include being seldom blocked by corporate networks, familiarity to attackers, and low costs for hosting and account creation. [ more ]
UK government denies China/Russia nuke plant hack claim
The UK government has denied the report that the Sellafield nuclear complex has been compromised by malware for years.
The government claims that there is no evidence to suggest that Sellafield's networks have been attacked by state-actors as described in the Guardian report. [ more ]
North Korean Software Supply Chain Attack Hits North America, Asia
North Korean threat group Diamond Sleet (Zinc) breached a Taiwanese software company and used their systems to distribute malware.
The hackers added malicious code to a legitimate application installer and signed it with a valid CyberLink certificate.
Microsoft has not observed any direct interaction with compromised systems but warns that the threat actor is known for stealing data and establishing persistent access. [ more ]
Delete These 14 Android Apps Infested By Dangerous Malware
Xamalicious malware has infected 14 Android apps, putting over 300,000 users at risk of losing their personal data.
The infected apps have been removed from the Play Store, but users who have already downloaded them need to manually delete them and conduct a full phone security check. [ more ]