Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release. “APT40 has previously targeted organizations in various […]
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a “complex and persistent” supply chain attack. “This attack stands out due to the high variability across packages,” Phylum said in an analysis published last week. “The attacker has cleverly hidden […]
Some 170 releases in, find out why Coco Bryce thinks his latest sums up everything he’s done so far The post Coco Bryce interview – “It’s a culmination of everything I’ve done over the past 25 or so years” first appeared on Juno Daily.
Reloop’s new MixTour Pro DJ controller, first announced back at NAMM in January, will finally be available in stores this month, with supplies hitting Europe round about now, and the US in the next few weeks. The Laidback Luke connection The MixTour Pro is a notable release for a few reasons, most of which have […]
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed
An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. “Approximately 3,300 unique users were found with accounts on known CSAM sources,” Recorded Future said in a proof-of-concept […]
The emails falsely accuse recipients of sexual offences, using names and seals of authorities to appear authentic. Citizens are advised not to respond to such emails and report them to authorities.
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said. The cybersecurity firm, which infiltrated the ransomware group, noted that its
Avast researchers have identified a cryptographic weakness in the DoNex ransomware and its previous versions, enabling them to create a decryptor for files encrypted by these variants.