Showing only posts tagged malware. Show all posts.

Backdoor in XZ Utils That Almost Happened

Source

Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery …

xz Utils Backdoor

Source

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica : Malicious code added to xz …

PyPI halted new users and projects while it fended off supply-chain attack

Source

Enlarge / Supply-chain attacks, like the latest PyPI discovery, insert malicious code into seemingly functional software packages used by developers. They're becoming increasingly common. (credit: Getty Images) PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads …

Fujitsu says it found malware on its corporate network, warns of possible data breach

Source

Enlarge (credit: Getty Images) Japan-based IT behemoth Fujitsu said it has discovered malware on its corporate network that may have allowed the people responsible to steal personal information from customers or other parties. “We confirmed the presence of malware on several of our company's work computers, and as a …

LLM Prompt Injection Worm

Source

Researchers have demonstrated a worm that spreads through prompt injection. Details : In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the database of an email assistant using retrieval-augmented generation (RAG), a way for LLMs to pull in extra data from …

Hugging Face, the GitHub of AI, hosted code that backdoored user devices

Source

Enlarge (credit: Getty Images) Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of malware on end-user machines, researchers from security firm JFrog said Thursday in a report that’s a likely harbinger of what’s to come. In all, JFrog researchers said, they …

Russia-based LockBit ransomware hackers attempt comeback

Source

Gang sets up new site on dark web and releases rambling statement explaining how it was infiltrated by law enforcement agencies The LockBit ransomware gang is attempting a comeback days after its operations were severely disrupted by a coordinated international crackdown. The Russia-based group has set up a new …

Seized ransomware network LockBit rewired to expose hackers to world

Source

Four arrested and LockBit victims will get help to recover data after joint operation in UK, US and Europe The entire “command and control” apparatus for the ransomware group LockBit is now in possession of law enforcement, the UK’s National Crime Agency has revealed, after it emerged that …

Prolific cybercrime gang disrupted by joint UK, US and EU operation

Source

LockBit’s website under control of security agencies from both sides of Atlantic, according to post LockBit, a notorious cybercrime gang that holds its victims’ data to ransom, has been disrupted in a rare international law enforcement operation by Britain’s National Crime Agency, the FBI, Europol and a …

Man arrested in Malta in global operation to shut down cybercrime network targeting Australians

Source

Federal police warn they will track down alleged criminals using Warzone trojan software Follow our Australia news live blog for latest updates Get our morning and afternoon news emails, free app or daily news podcast A man has been arrested as part of an international operation to shut down …

Dozens in Jordan targeted by authorities using NSO spyware, report finds

Source

Findings suggest Jordan is relying on cyberweapon to quash dissent and its use is ‘staggeringly widespread’ About three dozen journalists, lawyers and human rights workers in Jordan have been targeted by authorities using powerful spyware made by Israel’s NSO Group amid a broad crackdown on press freedoms and …

Chinese malware removed from SOHO routers after FBI issues covert commands

Source

Enlarge / A Wi-Fi router. (credit: Getty Images | deepblue4you ) The US Justice Department said Wednesday that the FBI surreptitiously sent commands to hundreds of infected small office and home office routers to remove malware China state-sponsored hackers were using to wage attacks on critical infrastructure. The routers—mainly Cisco and …

Ars Technica used in malware campaign with never-before-seen obfuscation

Source

Enlarge (credit: Getty Images) Ars Technica was recently used to serve second-stage malware in a campaign that used a never-before-seen attack chain to cleverly cover its tracks, researchers from security firm Mandiant reported Tuesday. A benign image of a pizza was uploaded to a third-party website and was then …

« newer articles | page 2