Cybercriminals target graphic designers with GPU miners
Cybercriminals are abusing Advanced Installer, a legitimate Windows tool used for creating software packages, to drop cryptocurrency-mining malware including PhoenixMiner and lolMiner on infected machines.
Eight vulnerabilities in Open Automation Software Platform could lead to information disclosure, improper authentication
OAS Platform allows various devices, including PLCs, servers, files, databases and internet-of-things platforms to communicate with one another and share data when they otherwise would be unable to because of their various protocols.
New open-source infostealer, and reflections on 2023 so far
A new open-source information stealer called ‘SapphireStealer’ has been observed across public malware repositories with increasing frequency. Plus, watch a new series of videos on the year so far in the threat landscape.
SapphireStealer: Open-source information stealer enables credential and data theft
SapphireStealer appears to be delivered as part of a multi-stage infection process, with threat actors leveraging open-source malware downloaders like FUD-Loader to deliver SapphireStealer to potential victims.
What's in a name? Strange behaviors at top-level domains creates uncertainty in DNS
Confusion over whether some name is a public DNS name or another private resource can cause sensitive data to fall into the hands of unintended recipients.
Years into these games’ histories, attackers are still creating “Fortnite” and “Roblox”-related scams
The latest activity from Lazarus Groups, .gov domains scamming people out of "V-Bucks" and more in this week's edition.
Lazarus Group's infrastructure reuse leads to discovery of new malware
Lazarus Group appears to be changing its tactics, increasingly relying on open-source tools and frameworks in the initial access phase of their attacks, as opposed to strictly employing them in the post-compromise phase.
Lazarus Group exploits ManageEngine vulnerability to deploy QuiteRAT
This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.
Three vulnerabilities in NVIDIA graphics driver could cause memory corruption
The driver is vulnerable to memory corruption if an adversary sends a specially crafted shader packer, which can lead to a memory corruption problem in the driver.