New malware uses Windows Subsystem for Linux as an attack vector
Security researchers have discovered a new type of malware that makes use of Windows Subsystem for Linux as a way to stealthily attack systems.
Attacks can be carried out using malicious Linux binaries using a technique that was previously just a theoretical proof-of-concept. The new attack vector was discovered by researchers from Black Lotus Labs who describe it as "the first instance of an actor abusing WSL to install subsequent payloads".
Confidential data leaked online following Gigabyte attack
Earlier this month Taiwanese hardware maker Gigabyte confirmed that it was under ransomware attack from a hacker group calling itself RansomEXX.
Now researchers at CyberNews have discovered that confidential data apparently belonging to Gigabyte has been leaked on a hacker forum.
Could the 'Face of Anonymous' go to jail?
We’ve seen the now infamous Guy Fawkes masks around for a long time. More so a few years ago, than in current times. The main group they belong to, 'Anonymous', has a reputation as hackers but members aren’t the people shutting down gas lines or airlines -- they prefer to think of themselves as ethical. Hacktivists if you will. You may disagree, authorities certainly do, and many members have been arrested.
A decade ago member Christopher Doyon was nabbed in San Francisco. He allegedly jumped bail and headed south of the border, where he has remained ever since. Producer Gary Lang traveled there and featured him in the Canadian documentary 'The Face of Anonymous' in 2020.
Attackers spend 11 days in a network before detection
The median attacker dwell time before detection is 11 days or 256 hours, according to data from Sophos. That's time in which they're free to conduct malicious activity, such as lateral movement, reconnaissance, credential dumping, data exfiltration, and more.
The company has released an 'Active Adversary Playbook' detailing attacker behaviors and the tools, techniques and procedures (TTPs) that Sophos' frontline threat hunters and incident responders saw in the wild in 2020.
New open source scanning tool is built for ethical hackers
Being able to find web vulnerabilities as soon as they emerge, before attackers can exploit them, is critical for organizations wanting to stay on top of web application security.
Saas security specialist Detectify is launching a new stand-alone application security tool that's specifically tailored for ethical hackers, making it easier for them to share their latest findings.
Millions of Nitro PDF users' passwords exposed in leaked database
It is a few months since Nitro PDF was hit by hackers in a huge data breach. While the stolen data was initially put up for sale, now it has been made available free of charge.
What this means is that a database containing over 77 million user records is now freely available for just about anyone to download. The database weighs in at around 14GB and includes not only names and email addresses, but also passwords.
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.