Hackers Hide Remcos RAT in GitHub Repository Comments

The tack highlights bad actors' interest in trusted development and collaboration platforms — and their users.

Follow Dark Reading:

October 10, 2024

LATEST SECURITY NEWS & COMMENTARY Hackers Hide Remcos RAT in GitHub Repository Comments The tack highlights bad actors' interest in trusted development and collaboration platforms — and their users. Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users A stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up "Microsoft" login pages of various kinds, with dynamic enterprise branding. 3 More Ivanti Cloud Vulns Exploited in the Wild The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor's Cloud Services Appliance (CSA). Cloud, AI Talent Gaps Plague Cybersecurity Teams Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives. Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity. Building Cyber Resilience in SMBs ​With ​Limited Resources ​​​With careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths​​. MORE NEWS / MORE COMMENTARY HOT TOPICS Ex-Uber CISO Requests a New, 'Fair' Trial Attorneys for Joseph Sullivan argue the jury didn't hear essential facts of the case during the original trial and that his conviction must be overturned. How Major Companies Are Honoring Cybersecurity Awareness Month The annual event reinforces best practices while finding new ways to build a culture where employees understand how their daily decisions affect company security. Find out how AWS, IBM, Intuit, SentinelOne, and Gallo are spreading the word. Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report The Chinese state-sponsored cyberattack threat managed to infiltrate the "lawful intercept" network connections that police use in criminal investigations. Your IT Systems Are Being Attacked. Are You Prepared? Company leadership needs to ensure technology teams are managing continuous monitoring, automated testing, and alignment with business needs across their enterprise. MORE PRODUCTS & RELEASES OpenGradient Raises $8.5M to Decentralize AI Infrastructure and Accelerate Secure, Open-Source AI 90% of Successful Attacks Seen in the Wild Resulted in Leaked Sensitive Data CYRISMA Secures $7M Growth Equity Financing led by Blueprint Equity MORE PRODUCTS & RELEASES EDITORS' CHOICE 5 Zero-Days in Microsoft's October Update to Patch Immediately Threat actors are actively exploiting two of the vulnerabilities, while three others are publicly known and ripe for attack. LATEST FROM THE EDGE Risk Strategies Drawn From the EU AI Act The EU AI Act provides a governance, risk, and compliance (GRC) framework that helps organizations take a risk-based approach to using AI. LATEST FROM DR TECHNOLOGY AI-Augmented Email Analysis Spots Latest Scams, Bad Content Multimodal AI systems can help enterprise defenders weed out fraudulent emails, even if the system has not seen that type of message before. LATEST FROM DR GLOBAL Australia Intros Its First National Cyber Legislation The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives. WEBINARS Simplify Data Security with Automation Social Engineering: New Tricks, New Threats, New Defenses View More Dark Reading Webinars >> WHITE PAPERS Product Review: Trend Vision One Cloud Security IDC White Paper: The Peril and Promise of Generative AI in Application Security Gartner Magic Quadrant for Application Security Testing The ROI of RevealX Against Ransomware Purple AI Datasheet SANS 2024 Security Awareness Report SANS Security Awareness Maturity Model View More White Papers >> FEATURED REPORTS Managing Third-Party Risk Through Situational Awareness 2024 InformationWeek US IT Salary Report View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | Informa Tech | Privacy Statement | Terms & Conditions | Contact Us