Security News > 2023 > September

A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer, indicating that it's being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light in April 2023.

Johnson & Johnson Health Care Systems has informed its CarePath customers that their sensitive information has been compromised in a third-party data breach involving IBM. IBM is a technology service provider for Janssen; specifically, it manages the CarePath application and database supporting its functions. IBM has published a separate announcement about the incident that says there are no indications the stolen data has been misused.

The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations. After numerous takedown attempts by the U.S. government, the Conti ransomware gang took control of the TrickBot operation and its development, using it to enhance more advanced and stealthy malware, such as BazarBackdoor and Anchor.

Initial access brokers are cybercriminals that focus on gaining privileged IT access to corporate environments, which they then auction off on specialized dark web forums. We wanted to better understand how IABs operate, so we did the only natural thing and spent weeks painstakingly translating posts from Russian into English to conduct an in-depth analysis on the corporate access economy.

The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365's email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere where it shouldn't have been - Microsoft's corporate environment. The signing key was included in the snapshot of the crashed process of a consumer signing system because of an unexpected race condition, and its presence in the crash dump wasn't detected by Microsoft's credential scanning methods.

Rogers customers, primarily those located in Downtown Toronto and parts of Ontario, are reporting outages this week affecting their internet service. Rogers customers took to X to voice their concerns about internet outages in their area.

While smart speakers are only supposed to listen after being invoked with a "Wake" phrase, their data collection and who they share that with may surprise. A profound difference was also found in the amount of data requested from smart device owners depending on whether the associated app was installed on an Android or iOS phone.

A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system's Gatekeeper, Malwarebytes researchers have discovered. "Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating legitimate websites and using ads on search engines such as Google to lure victims in," says Malwarebytes researcher Jérôme Segura.

This relatively low percentage reflects the current state of the industry, where vCISO services are still an emerging market. The vCISO landscape is expected to change dramatically by the end of 2024.

Data you don't control is open to causing you harm. The fact that nearly everyone in the US apparently likes "Instant gratification convenience over their long term security" suggests they have not yet had a piece ripped out of them.