The botnet’s operators provide customers with access to an infected network of Docker containers so they can conduct DDoS attacks.
The post ShadowV2 DDoS Service Lets Customers Self-Manage Attacks appeared first on SecurityWeek.
NPM package caught using QR Code to fetch cookie-stealing malware
Newly discovered npm package ‘fezbox’ employs QR codes to hide a second-stage payload to steal cookies from a user’s web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a compromised machine. […]
Scattered Spider Suspect Arrested in US
The juvenile suspect surrendered on September 17 and was booked on computer intrusion, extortion, and identity theft charges.
The post Scattered Spider Suspect Arrested in US appeared first on SecurityWeek.
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security
GitHub on Monday announced that it will be changing its authentication and publishing options “in the near future” in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack.
This includes steps to address threats posed by token abuse and self-replicating malware by allowing local publishing with required two-factor authentication (2FA),
This includes steps to address threats posed by token abuse and self-replicating malware by allowing local publishing with required two-factor authentication (2FA),
Automotive Titan Stellantis Discloses Data Breach
The company says customer contact information was stolen from a third-party service provider’s platform.
The post Automotive Titan Stellantis Discloses Data Breach appeared first on SecurityWeek.
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells
Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam.
The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker CL-UNK-1037, where “
The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker CL-UNK-1037, where “
Airport disruptions in Europe caused by a ransomware attack
The disruptions over the weekend at several major European airports were caused by a ransomware attack targeting the check-in and boarding systems. […]
American Archive of Public Broadcasting fixes bug exposing restricted media
A vulnerability in the American Archive of Public Broadcasting’s website allowed downloading of protected and private media for years, with the flaw quietly patched this month. […]
Automaker giant Stellantis confirms data breach after Salesforce hack
Automotive manufacturing giant Stellantis has confirmed that attackers stole some of its North American customers’ data after gaining access to a third-party service provider’s platform. […]
New EDR-Freeze tool uses Windows WER to suspend security software
A new method and proof-of-concept tool called EDR-Freeze demonstrates that evading security solutions is possible from user mode with Microsoft’s Windows Error Reporting (WER) system. […]