Security News
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2'. They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022.
Five malicious packages were found on the Python Package Index, stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers. PyPI is a software repository for packages created in the Python programming language.
NET Core versions until it reaches the end of support next month.NET Native releases, warned this July, Microsoft will stop providing technical support or servicing updates after EOS. "We recommend moving to.NET 6 as soon as possible. If you are still using.NET Core 3.1 after the end of support date, you'll need to update your app to.NET 6 or.NET 7 to remain supported and continue to receive.NET updates," Whittaker said.
Roid malware developers are already adjusting their tactics to bypass a new 'Restricted setting' security feature introduced by Google in the newly released Android 13. Roid 13 was released this week, with the new operating system being rolled out to Google Pixel devices and the source code published on AOSP. As part of this release, Google attempted to cripple mobile malware that attempted to enable powerful Android permissions, such as AccessibilityService, to perform malicious, stealthy behavior in the background.
Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations. In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.
Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations. In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.
Russian software developers are reporting that their GitHub accounts are being suspended without warning if they work for or previously worked for companies under US sanctions. The GitHub accounts of Sberbank Technology, Sberbank AI Lab, and the Alfa Bank Laboratory had their code repositories initially disabled and are now removed from the platform.
The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families. TrickBot also has a long relationship with ransomware operations who partnered with the TrickBot group to receive initial access to networks infected by the malware.
The TrickBot malware operation has shut down after its core developers move to the Conti ransomware gang to focus development on the stealthy BazarBackdoor and Anchor malware families. TrickBot also has a long relationship with ransomware operations who partnered with the TrickBot group to receive initial access to networks infected by the malware.
Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy. This new campaign was discovered by security researchers 0day enthusiast and MalwareHunterTeam who saw the malicious dnSpy project initially hosted at https://github[.