Skip to content Skip to footer

GitHub Repositories Used to Distribute RisePro Information Stealer Uncovered

Cybersecurity researchers have recently uncovered a disturbing information-stealing campaign dubbed "gitgub." This malicious campaign uses several GitHub repositories to distribute a dangerous information stealer called RisePro. In total, 17 repositories were discovered, all linked to 11 different accounts, which Microsoft has since taken down, GitHub's parent company. The repositories all appeared similarly and contained a…

Read More

There have been reports of ransomware attacks carried out by malicious actors exploiting vulnerabilities in JetBrains TeamCity.

GuidePoint Security's recent discovery reveals that the cybercriminals responsible for the BianLian ransomware have exploited vulnerabilities in JetBrains TeamCity software to carry out extortion attacks. The attack begins with exploiting a TeamCity server and deploying a PowerShell variant of the BianLian backdoor. Although the ransomware first surfaced in June 2022, it has shifted to conducting…

Read More

GhostSec and Stormous Ransomware Groups Conduct Double Extortion Attacks

In the world of cybercrime, the group known as GhostSec has emerged as a significant threat, with its latest activities being linked to a variant of the GhostLocker ransomware family, written in Golang. Researchers at Cisco Talos have reported that GhostSec and another ransomware group called Stormous are conducting double extortion ransomware attacks on various…

Read More

Emerging Malware Campaign Targets Misconfigured Servers: Cado Security

Cybersecurity researchers have identified an emerging malware campaign codenamed "Spinning YARN" that targets misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign is designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. Threat actors leverage these tools to issue exploit code, taking…

Read More

North Korean Threat Actors Exploit ConnectWise Flaws with TODDLERSHARK Malware

Security researchers have discovered that the North Korean cyber-espionage group Kimsuky, also known as APT43, has been exploiting the recently disclosed flaws in ConnectWise ScreenConnect to deliver a new malware called TODDLERSHARK. The malware overlaps with previously known malware such as BabyShark and ReconShark. It is designed to capture and exfiltrate sensitive information about the…

Read More

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

Look, you wanna be elite? You have to do a righteous hack.Phreak

Deitasoft © 2024. All Rights Reserved.