Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybercrime actors and was spread via many methods such as email, Microsoft Teams, Skype, malvertising and fake updates. Proofpoint researchers are tracking […]
This post is also available in: 日本語 (Japanese) Executive Summary Unit 42 researchers have observed threat actors using malicious JavaScript samples to steal sensitive information by abusing popular survey sites, low-quality hosting and web chat APIs. In some campaigns, attackers created chatbots that they registered to someone noteworthy such as an Australian footballer. Other malware […]
First American Financial Corporation, the second-largest title insurance company in the US, has experienced a cyberattack and has taken some systems offline to contain the impact.
Dive Brief: The Cybersecurity and Infrastructure Security Agency is seeking comment on a global effort to improve software security through major changes in development practices. The request for information, released Wednesday, seeks input about how to best incorporate security into the software development life cycle. Specifically, CISA is asking for input on how to tackle […]
One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus administrator user. It was also found injecting sophisticated credit card skimming JavaScript into the website’s checkout page. This plugin includes an interesting sample of malicious code which goes to great […]
Cisco announced this morning that it intends to acquire Isovalent, a cloud-native security and networking startup that should fit well with the company’s core networking and security strategy. The companies did not share the purchase price. Isovalent has helped develop eBPF, a key open source technology that gives developers deep insight into the operating system […]
St Vincent’s – Australia’s largest not-for-profit health and aged care provider – has confirmed it has fallen victim to a cyber-attack and hackers have stolen some of its data. In a statement, St Vincent’s Health Australia confirmed it began responding to a cybersecurity incident on Tuesday. It discovered late on Thursday that data had been […]
The Federal Trade Commission (FTC) is proposing new restrictions on the use and disclosure of children’s personal data and wants to make it much harder for companies to exclude children from their services if they can’t monetize their data, the agency announced Wednesday. The proposed overhaul of the Children’s Online Privacy Protection Rule (COPPA) is […]
A hospital near Kansas City, Missouri, is struggling to provide care to patients this week after a cyberattack limited its systems. In an update on Wednesday, Liberty Hospital said it was still dealing with disruptions to its computer systems that began on Tuesday. The facility initially had to transfer some patients to other hospitals, but […]