Google is rolling out a red team charged with testing the security of AI systems by running simulated but realistic attacks to uncover vulnerabilities or other weaknesses that could be exploited by cybercriminals.

The post Google Launches Red Team to Secure AI Systems Against Attacks appeared first on Security Boulevard.

Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G.

The post ‘China’ Azure Breach: MUCH Worse Than Microsoft Said appeared first on Security Boulevard.

The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub.

The post GitHub Developers Targeted by North Korea’s Lazarus Group appeared first on Security Boulevard.

Dell Technologies added orchestration capabilities to its data protection software that makes it simpler for IT teams to schedule backup.

The post Dell Adds Orchestration Capabilities to Data Protection Platform appeared first on Security Boulevard.

Kevin is Free: Hackers’ hacker dies, aged 59.

The post R.I.P. Kevin Mitnick, 1963–2023 appeared first on Security Boulevard.

Miscreants have ramped up their use of QR codes to phish for credentials, according to INKY threat researchers.

The post The Rise of QR Codes Spurs Rise in ‘Fresh Phish’ appeared first on Security Boulevard.

A new peer-to-peer (P2P) worm, P2PInfect, is spreading across instances of the Redis open source database software in the cloud.

The post New P2P Worm Puts Windows and Linux Redis Servers in its Sights appeared first on Security Boulevard.

FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware     

According to the Symantec Threat Hunter Team, the financially motivated threat actor known as FIN8 has been observed using an updated version of a malware called Sardonic to deliver the BlackCat ransomware. The update on the Sardonic malware is an attempt on the part of the e-crime group to diversify its focus and maximize profits from infected entities. [1] 

The C++ based Sardonic backdoor has the ability to harvest system information and execute commands, and has a plugin system designed to load and execute additional malware payloads delivered as DLLs. Unlike the previous variant of Sardonic, which was designed in C++, the latest iteration packs in significant alterations, with most of the source code rewritten in C and modified so as to deliberately avoid similarities. 

In the latest incident analyzed by Symantec, Sardonic malware is embedded into a PowerShell script that was deployed into the targeted system after obtaining initial access. The script is designed to launch a .NET loader, which then decrypts and executes an injector module to ultimately run the implant. Successful infection leads to the deployment of BlackCat ransomware.    

The post FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware appeared first on Security Boulevard.

A threat actor that goes by the name of “La_Citrix” inadvertently infected his own computer. Cyberthreat research firm sent his information on to law enforcement.

The post Attacker ID’ed After Infecting Own Computer With Malware appeared first on Security Boulevard.

Distributed DDoS attacks are becoming increasingly sophisticated and complex, making an already-expanding threat landscape even more challenging.

The post An ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare Says appeared first on Security Boulevard.