Weekly our experts select relevant news in the cybersecurity industry. Over the last two weeks, we saw the “Researchers Uncover 700+ Malicious Open Source Packages”. Also, you will see the “CISA and FBI Release ESXiArgs Ransomware Recovery Guidance”.
For more articles, check out our #onpatrol4malware blog.
Phylum Discovers Revived Crypto Wallet Address Replacement Attack
Source: Phylum
Phylum’s automated risk detection platform began alerting us to a long series of suspicious publications which appear to be a revived attempt to deliver the same crypto wallet clipboard replacing malware. Read more.
Avoid Being a Downstream Victim of Service Provider Attacks
Source: Security Intelligence
Earlier this year, some customers of the cloud service provider DigitalOcean received emails instructing them to reset their passwords. These users hadn’t actually forgotten their passwords. Read more.
Bogus URL Shorteners Redirect Thousands of Hacked Sites in AdSense Fraud Campaign
Source: Securi
Late last year Securi reported on a malware campaign targeting thousands of WordPress websites to redirect visitors to bogus Q&A websites. Read more.
Researchers Uncover 700+ Malicious Open Source Packages
Source: Info Security
Security researchers have discovered another sizeable haul of malicious packages on the npm and PyPI open source registries, which could cause issues if unwittingly downloaded by developers. Read more.
Guide to Container Management on AWS
Source: Trend Micro
There are tools and services in the market that enable automation of the creation, deployment, maintenance, scaling, and monitoring of application or system containers. Read more.
CISA and FBI Release ESXiArgs Ransomware Recovery Guidance
Source: CISA
CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as ESXiArgs. Read more.
THREAT ALERT: GootLoader – SEO Poisoning and Large Payloads Leading to Compromise
Source: Cybereason Incident Response Team
The Cybereason Incident Response (IR) team investigated an incident which involved new deployment methods of the GootLoader malware loader through heavily-obfuscated JavaScript files. Read more.