Tag: malicious code
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Windows fibers, little-known components of Windows OS, represent a largely undocumented code-execution pathway that exists exclusively in usermode – and is therefore largely overlooked...
Breaking News
China-Linked Threat Actor Hides Via ‘Peculiar’ Malware
Researchers have spotted Earth Freybug, a China-linked threat actor, using a new malware tool to bypass mechanisms organizations might have put in place to...
Top Three Data Privacy Issues Facing AI Today – The Daily Hodl
HodlX Guest Post Submit Your Post
AI (artificial intelligence) has caused frenzied excitement among consumers and businesses alike – driven by a passionate belief that LLMs...
AI bots hallucinate software packages and devs download them
In-depth Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.
Not only that but someone, having spotted...
Saudi Arabia, UAE Top List of APT-Targeted Nations in the Middle East
Sixteen advanced persistent threat (APT) groups targeted organizations in the Middle East over the past two years with cyberattacks focused on government agencies, manufacturing...
‘PhantomBlu’ Cyberattackers Backdoor Microsoft Office Users via OLE
A malicious email campaign is targeting hundreds of Microsoft Office users in US-based organizations to deliver a remote access trojan (RAT) that evades detection,...
In the rush to build AI apps, don’t leave security behind
Feature While in a rush to understand, build, and ship AI products, developers and data scientists are being urged to be mindful of security...
Is Your Business Ready for New Security Measure Integration?
New physical and digital threats seem to appear constantly. While most businesses respond by adopting the latest tools and technologies, not all of them...
Election cybersecurity: Protecting the ballot box and building trust in election integrity
Critical Infrastructure
What cyberthreats could wreak havoc on elections this year and how...
Japan Blames North Korea for PyPI Supply Chain Cyberattack
Japanese cybersecurity officials warned that North Korea's infamous Lazarus Group hacking team recently waged a supply chain attack targeting the PyPI software repository for...
CISO Corner: NSA Guidelines; a Utility SBOM Case Study; Lava Lamps
Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Each week, we'll offer articles...
How to Ensure Open Source Packages Are Not Landmines
Open source repositories are critical to running and writing modern applications, but beware — carelessness could detonate mines and inject backdoors and vulnerabilities in...
JetBrains TeamCity Mass Exploitation Underway, Rogue Accounts Thrive
Attacks targeting two security vulnerabilities in the TeamCity CI/CD platform have begun in earnest just days after its developer, JetBrains, disclosed the flaws on...