Rhysida is a Windows-based ransomware operation that has come to prominence since May 2023, after being linked to a series of high profile cyber attacks in Western Europe, North and South America, and Australia. The group appears to have links to the notorious Vice Society ransomware gang.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Oh dear, a major leak of personal information that they didn’t know about…
CrowdStrike Counter Adversary Operations is committed to analyzing active exploitation campaigns and detecting and blocking zero-days to protect our customers. In July 2023, the CrowdStrike Falcon® Complete managed detection and response (MDR) team discovered an unknown exploit kit leveraging a still-unknown vulnerability affecting the Windows Error Reporting (WER) component.
AdLoad malware is still infecting Mac systems years after its first appearance in 2017. AdLoad, a package bundler, has been observed delivering a wide range of payloads throughout its existence. During AT&T Alien Labs’ investigation of its most recent payload, it was discovered that the most common component dropped by AdLoad during the past year has been a proxy application turning MacOS AdLoad victims into a giant, residential proxy botnet.
At Black Hat USA 2023, a session led by a team of security researchers, including Fredrik Heiding, Bruce Schneier, Arun Vishwanath, and Jeremy Bernstein, unveiled an intriguing experiment. They tested large language models (LLMs) to see how they performed in both writing convincing phishing emails and detecting them. This is the PDF technical paper.
Ali Solehdin – The Banking Exchange In 2022 alone, the Supplemental Nutrition Assistance Program (SNAP) distributed over $113.9 billion to nearly 22 million households across the United States. This figure represents an increase of over $5 billion from the year prior and nearly a $40 billion increase from 2020. Unfortunately, as the SNAP allocation has increased, criminals — from individuals to organized crime rings — have stolen an increasing share of these benefits.
Read also: A Bitfinex hacker pleads guilty, over €2M seized in a major crackdown on West African crime groups, and more.
As secrets have a role in most security incidents, Snyk is excited to partner with GitGuardian to help development and security teams scale their security programs and further reduce an application's attack surface at every stage of the code-to-cloud lifecycle. We recently spoke at GitGuardian's first digital conference, CodeSecDays, joining security leaders from Chainguard, Doppler, Kondukto, and more — who shared insights on software signing, open source security, and secrets management.
Record reports now include data visualizations to see trends over time in your records. Check it out → If you don't have records today, just hit reply to this email to learn more about records.
