The Hacker News

Threat Actors Increasingly Abusing GitHub for Malicious Purposes

The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security

WIRED

To Beat Russia, Ukraine Needs a Major Tech Breakthrough

Ukraine’s top general says his country must innovate on the level of inventing gunpowder to “break military parity” with Russia. If it’s successful, it could change the future of war.

The Hacker News

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant

Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe. The attacks, which took place during 2020 and 2021 and likely went as far back as 2015, involved a revamped variant of a malware called Janicab that leverages a number of public services like WordPress

The Hacker News

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a previously undocumented custom malware dubbed Drokbk that uses GitHub as a dead drop resolver to exfiltrate data from an infected computer, or to receive commands. "The use of GitHub as a virtual dead drop helps the malware blend in," Secureworks principal researcher Rafe Pilling said. "All the

Naked Security

S3 Ep106: Facial recognition without consent – should it be banned?

Latest episode - listen (or read) now. Teachable moments for X-Ops professionals!

Naked Security

When cops hack back: Dutch police fleece DEADBOLT criminals (legally!)

Crooks: Show us the money! Cops: How about you show us the decryption keys first?

Naked Security

S3 Ep100: Browser-in-the-Browser – how to spot an attack [Audio + Text]

Latest episode - listen now! Cosmic rockets, zero-days, spotting cybercrooks, and unlocking the DEADBOLT...

Naked Security

DEADBOLT ransomware rears its head again, attacks QNAP devices

NAS devices make it easy for anyone to add high-capacity file servers to their network. Guess why cybercrooks love NAS devices too...

WIRED

The Ghost of Internet Explorer Will Haunt the Web for Years

Microsoft's legacy browser may be dead—but its remnants are not going anywhere, and neither are its lingering security risks.

The Hacker News

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks

Taiwanese network-attached storage (NAS) devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks. The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security incident response team.  "QNAP urges all NAS users to check and update QTS to the latest version as

Naked Security

S3 Ep76: Deadbolt, LAPSUS$, Zlib, and a Chrome 0-day [Podcast]

Latest episode - listen now!

Naked Security

Serious Security: DEADBOLT – the ransomware that goes straight for your backups

Some tips on how to keep your network safe - even (or perhaps especially!) if you think you're safe already.