Blog – Page 1040 – Cyber Mike

New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders.

“This memory-only dropper decrypts and executes a PowerShell-based downloader,” Google-owned Mandiant said. “This PowerShell-based downloader is being tracked as PEAKLIGHT.”

Some of

Russian laundering millions for Lazarus hackers arrested in Argentina

The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires, who is facing money laundering charges related to cryptocurrency proceeds of the notorious North Korean hackers’ Lazarus Group.’ […]

Greasy Opal’s CAPTCHA solver still serving cybercrime after 16 years

A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account security solutions and allows bot-led CAPTCHA solving at scale. […]

In Other News: FAA Improving Cyber Rules, ATM Withdrawals With Android Malware, Data Theft via Slack AI

Noteworthy stories that might have slipped under the radar: FAA improving cyber rules for airplanes, NGate Android malware used to steal cash from ATMs, abusing Slack AI to steal data.

The post In Other News: FAA Improving Cyber Rules, ATM Withdrawals With Android Malware, Data Theft via Slack AI appeared first on SecurityWeek.

Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say

Kentucky man attempted to fake his death to avoid paying child support obligations by hacking into state registries and falsifying official records.

The post Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say appeared first on SecurityWeek.

Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform

Let’s be honest. The world of cybersecurity feels like a constant war zone. You’re bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It’s exhausting, isn’t it?
But what if there was a better way?
Imagine having every essential cybersecurity tool at your fingertips, all within a single, intuitive platform, backed by expert support 24/7. This is

Focus on What Matters Most: Exposure Management and Your Attack Surface

Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s insights first-hand, watch Intruder’s on-demand webinar. To learn more about reducing your attack surface, reach out to their team today.
Attack surface management vs exposure management
Attack surface management (ASM) is the ongoing

US, Allies Release Guidance on Event Logging and Threat Detection

Government agencies in the US and allied countries have released guidance on how organizations can define a baseline for event logging best practices.

The post US, Allies Release Guidance on Event Logging and Threat Detection appeared first on SecurityWeek.

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints.
The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report.
The attack, detected in July

Degraded Performance Issue Sparks Concern Among CrowdStrike Customers

CrowdStrike has addressed a cloud service issue causing degraded performance and boot times for some of its customers.

The post Degraded Performance Issue Sparks Concern Among CrowdStrike Customers appeared first on SecurityWeek.

Cyber News