In 2023, the flow of cryptocurrency into illicit addresses decreased by nearly 39% compared to the previous year, with sanctioned entities accounting for the majority of activity, according to Chainalysis.
These applications are found on Chinese pirating websites and contain modified disk image files that download and execute multiple payloads to compromise the victim’s machine.
Enterprise employees are increasingly accessing generative AI applications, posing a risk of exposing sensitive data, making it crucial for organizations to implement advanced data security measures.
Ransomware actors are exploiting TeamViewer to gain access to organization endpoints and attempt to deploy ransomware, highlighting the importance of maintaining strong security practices and using the latest software versions.
The AHA recommends strict IT help desk security protocols and immediate notification to financial institutions and the FBI to mitigate the risk of falling victim to these schemes.
In a recent incident, a malicious package called “oscompatible” was uploaded to the npm registry. The package was found to contain a sophisticated remote access trojan for Windows machines.
The new campaign by TA866 involved a large volume of emails with attached PDFs containing OneDrive URLs that initiated a multi-step infection chain leading to malware payload.
Attackers are using off-the-shelf images from Dockerhub to spread malware, with the 9Hits app visiting various websites and the XMRig miner disabled from visiting crypto-related sites to prevent analysis.
Continuous integration and delivery misconfigurations in TensorFlow could have been exploited for supply chain attacks, allowing malicious code injection and compromise of GitHub and PyPi releases.
Cyberattacks are the leading cause of technology outages for 40% of organizations, emphasizing the need for comprehensive disaster preparation beyond just cybersecurity measures, according to Veeam.