A popular Python package was compromised recently and replaced with a malicious version apparently designed to help the attacker obtain AWS credentials.
PyPI Served Malicious Version of Popular ‘Ctx’ Python Package
Semperis Banks $200 Million to Scale Enterprise ID Protection Tech
Enterprise identity protection vendor Semperis has banked $200 million in a new round of funding that values the company north of $1 billion.
Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware
Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community.
Conti Ransomware Operation Shut Down After Brand Becomes Toxic
The Conti ransomware operation has undergone some significant organizational structure changes in the past months after the brand became toxic due to its affiliation with the Russian government.
IBM Dives Into TrickBot Gang’s Malware Crypting Operation
Researchers with IBM Security’s X-Force division have analyzed 13 crypters employed by the cybercrime group behind the infamous TrickBot and Conti malware.
LimaCharlie Banks $5.45 Million in Seed Funding
LimaCharlie, a California company supplying tools to run an MSSP or SOC on a pay-as-you-use model, has attracted $5.45 million in seed round financing.
Researchers Devise New Type of Bluetooth LE Relay Attacks
Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations.
‘Sysrv’ Botnet Targeting Recent Spring Cloud Gateway Vulnerability
A new variant of the Sysrv botnet has added a recent Spring Cloud Gateway vulnerability to its exploit portfolio, Microsoft warns.
The Sysrv botnet has been active since at least late 2020, looking to exploit known security bugs in access interfaces in order to compromise Windows and Linux systems and install a Monero cryptominer on them.
Iran-Linked OilRig APT Caught Using New Backdoor
The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan’s foreign ministry, according to new research published this week.
‘IceApple’ Post-Exploitation Framework Created for Long-Running Operations
CrowdStrike has detailed a new post-exploitation framework that could be the work of a state-sponsored threat actor, one likely linked to China.
