Security News

Noberus ransomware gets info-stealing upgrades, targets Veeam backup software
2022-09-25 08:50

An extensively updated version of the Exmatter data exfiltration tool was seen last month being used with Noberus in ransomware infections, and at least one affiliate using Noberus was detected using Eamfo, the info-stealing malware that connects to the SQL database where a victim's Veeam backup software installation stores credentials, according to researchers in Symantec's Threat Hunting Team. Coreid has continuously updated Noberus since it first emerged in November 2021, shortly after BlackMatter was retired in a suspected move by the ransomware gang to stay ahead of law enforcement.

BlackCat ransomware’s data exfiltration tool gets an upgrade
2022-09-22 10:00

The BlackCat ransomware isn't showing any signs of slowing down, and the latest example of its evolution is a new version of the gang's data exfiltration tool used for double-extortion attacks. BlackCat is considered a successor to Darkside and BlackMatter and is one of the most sophisticated and technically advanced Ransomware-as-a-service operations.

Week in review: Free online cybersec courses, Signal post-quantum upgrade, Patch Tuesday forecast
2022-09-11 08:00

Apple strengthens security and privacy in iOS 16Apple announced additional security and privacy updates for its newest mobile operating system. Government guide for supply chain security: The good, the bad and the uglyJust as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.'s most prestigious security agencies dropped a 60+ page recommended practice guide, Securing the Software Supply Chain for Developers.

Researchers publish post-quantum upgrade to the Signal protocol
2022-09-07 08:04

PQShield published a white paper that lays out the quantum threat to secure end-to-end messaging and explains how post-quantum cryptography can be added to the Signal secure messaging protocol to protect it from quantum attacks. The company is offering to license its end-to-end encrypted messaging IP to the Signal Foundation pro bono - if/when they plan to upgrade their system - to support the non-profit behind the free encrypted messaging app, Signal, in its mission to make secure communication accessible to everyone.

Hive Ransomware Upgrades to Rust for More Sophisticated Encryption Method
2022-07-06 22:12

The operators of the Hive ransomware-as-a-service scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method. "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem," Microsoft Threat Intelligence Center said in a report on Tuesday.

Windows 11 KB5014668 update fixes upgrade fails, game crashes
2022-06-23 21:45

Microsoft has released the optional KB5014668 cumulative update previews for Windows 11 with fixes for issues leading to game crashes and failed upgrades to the latest Windows version. This cumulative update is part of Microsoft's scheduled June 2022 monthly "C" updates that enables Windows customers to test upcoming fixes before they're released for all users on July 12th as part of the next Patch Tuesday.

Chinese-sponsored gang Gallium upgrades to sneaky PingPull RAT
2022-06-14 06:27

The Gallium group, believed to be a Chinese state-sponsored team, is going on the warpath with an upgraded remote access trojan that threat hunters say is difficult to detect. The backdoor, once in a compromised system, comes in three variants, each of which can communicate with the command-and-control system in one of three protocols: ICMP, HTTPS and raw TCP. All three PingPull variants have the same functionality, but each creates a custom string of code that it sends to the C2 server, which will use the unique string to identify the compromised system.

Future proofing: How companies can upgrade cyber defenses and be ready for tomorrow
2022-05-31 05:00

Today's threat landscape is constantly evolving. Threat actors and tactics are becoming more determined and advanced.

Tor project upgrades network speed performance with new system
2022-05-05 11:26

The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. Congestion Control "Will result in significant performance improvements in Tor, as well as increased utilization of our network capacity," say the maintainers of the project.

Unofficial Windows 11 upgrade installs info-stealing malware
2022-04-18 17:18

Hackers are luring unsuspecting users with a fake Windows 11 upgrade that comes with malware that steals browser data and cryptocurrency wallets. The hackers are preying on users that jump at installing Windows 11 without spending the time to learn that the OS needs to meet certain specifications.