Researchers with cybersecurity company ESET have observed a new macOS malware sample developed by the infamous North Korean advanced persistent threat (APT) actor Lazarus.
Russian Man Extradited to US for Laundering Ryuk Ransomware Money
A Russian national has been extradited from the Netherlands to the United States, where he faces charges related to his alleged role in the Ryuk ransomware operation.
The suspect is 29-year-old Denis Mihaqlovic Dubnikov, whose trial is scheduled to begin on October 4.
Apple Patches New macOS, iOS Zero-Days
Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.
Apple confirmed in-the-wild exploitation of the vulnerabilities in separate advisories warning about code execution flaws in fully patched iPhone, iPad and macOS devices.
Vulnerability Broker Applies Pressure on Software Vendors Shipping Faulty, Incomplete Patches
Trend Micro’s Zero Day Initiative, a major player in the vulnerability disclosure ecosystem, is ramping up the pressure on software vendors that consistently ship faulty security patches.
81% of Malware Seen on USB Drives in Industrial Facilities Can Disrupt ICS: Honeywell
Microsoft Announces Disruption of Russian Espionage APT
Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting.
Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware
China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS systems, Trend Micro reports.
Twilio Hacked After Employees Tricked Into Giving Up Login Credentials
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.
Cyberspying Aimed at Industrial Enterprises in Russia and Ukraine Linked to China
A recent cyberespionage operation aimed at industrial enterprises and public institutions in Eastern Europe and Afghanistan has been linked to a threat actor that is likely sponsored by the Chinese government.
Ghost Security Snags $15M Investment for API Security Tech
Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.
The Austin-based company emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures.
