Microsoft has confirmed that one of their employees was compromised by the Lapsus$ hacking group, allowing the threat actors to access and steal portions of their source code. Last night, the Lapsus$ gang released 37GB of source code stolen from Microsoft's Azure DevOps server. The source code is for various internal Microsoft projects, including for Bing, Cortana, and Bing Maps. READ MORE...
Researchers have discovered a previously unknown macOS malware variant called GIMMICK, which is believed to be a custom tool used by a Chinese espionage threat actor known as 'Storm Cloud.' The malware was discovered by researchers at Volexity, who retrieved it from the RAM of a MacBook Pro running macOS 11.6 (Big Sur), which was compromised in a late 2021 cyberespionage campaign. READ MORE...
It's not unusual to hear about malware created to affect automated teller machines (ATMs). Malware can be planted at the ATM's PC or its network, or attackers could launch a Man-in-the-Middle (MiTM) attack. Recently, a new rootkit, which the Mandiant Advanced Practices team have named CAKETAP, was found targeting Oracle Solaris systems running on ATM switch servers. This rootkit is a Unix kernel module that performs several malicious tasks to aid attackers in conducting fraudulent ATM transactions. READ MORE...
Cybersecurity researchers at Splunk have conducted an analysis to determine how long it takes various ransomware strains to encrypt files on compromised systems. The analysis focused on ten major ransomware families and the goal was to encrypt nearly 100,000 files with a total size of approximately 54 Gb. In addition to encryption speed and duration, the researchers also looked at how the ransomware used system resources. READ MORE...
Internet search engine Censys on Monday warned that a new wave of DeadBolt ransomware attacks has been targeting network-attached storage (NAS) devices made by QNAP. The DeadBolt ransomware is designed to encrypt files stored on vulnerable devices, instructing victims to pay a 0.03 bitcoin ($1,200) ransom in order to recover their files. QNAP warned customers about DeadBolt attacks in January. READ MORE...