breaking news

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

GlobalDefenseBot
3 minutes

Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya. Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military […]

The post North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya appeared first on Security Affairs.

breaking news

A new sophisticated SkidMap variant targets unsecured Redis servers

GlobalDefenseBot
3 minutes

A new campaign targets Redis servers, this time the malware employed in the attacks is a new variant of the SkidMap malware. Skidmap is a piece of crypto-miner detected by Trend Micro in September 2019 while it was targeting Linux machines. The malicious code used kernel-mode rootkits to evade detection, it differs from similar miners because […]

The post A new sophisticated SkidMap variant targets unsecured Redis servers appeared first on Security Affairs.

Elite North Korean Hackers Breach Russian Missile Developer

CySecBot
1 minute

By Waqas
North Korean hackers from OpenCarrot and Lazarus breached NPO Mashinostroyeniya, a major Russian missile developer, for at least five months last year.
This is a post from HackRead.com Read the original post: Elite North Korean Hackers Breach …

Navigating the gray zone of ransomware payment practices

CySecBot
1 minute

Ransomware remains a lucrative tool for cybercriminals as attackers continue to target a wide array of businesses. In response to this growing threat, an increasing number of organizations are compelled to meet ransom demands, perceiving it as their on…

VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools

CySecBot
1 minute

By Deeba Ahmed
Threat researchers at ReversingLabs, a software supply chain security and malware analysis platform, have discovered a malicious new PyPI…
This is a post from HackRead.com Read the original post: VMCONNECT: Malicious PyPI Package M…

breaking news

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

GlobalDefenseBot
2 minutes

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach. CDHE did not disclose the number of impacted individuals. CDHE discovered the ransomware […]

The post Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack appeared first on Security Affairs.

breaking news

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

GlobalDefenseBot
4 minutes

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.   Reptile Rootkit employed in attacks against Linux systems in South Korea New PaperCut flaw in […]

The post Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition appeared first on Security Affairs.

breaking news

Reptile Rootkit employed in attacks against Linux systems in South Korea

GlobalDefenseBot
3 minutes

Researchers observed threat actors that are using an open-source rootkit called Reptile in attacks aimed at systems in South Korea. Reptile is an open-source kernel module rootkit that was designed to target Linux systems, unlike other rootkits, it also offers a reverse shell. The malware supports port knocking, it opens a specific port on an infected system […]

The post Reptile Rootkit employed in attacks against Linux systems in South Korea appeared first on Security Affairs.

Hackers Deliver Updated STRRAT Malware Using Weaponized PDF Files

CySecBot
1 minute

A versatile Java-based RAT that is capable of keylogging and credential theft from browsers and email clients emerged in 2020 that is dubbed “STRRAT.” The most recent updated version of STRRAT evolved dramatically, and since its discovery, …

breaking news

Malicious packages in the NPM designed for highly-targeted attacks

GlobalDefenseBot
3 minutes

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data. On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were developed to exfiltrate sensitive developer source code and other confidential information. All of these packages […]

The post Malicious packages in the NPM designed for highly-targeted attacks appeared first on Security Affairs.