Cybercriminals are tricking GitHub into sending out fraudulent email notifications, luring software developers into downloading malware, experts have warned. Security researchers Socket, who said they observed a large-scale, coordinated spam campaign targeting developers on various projects.
GitHub has a section called “Discussions”, which is essentially a forum for discussing various projects. When a developer participates in, or monitors a topic, they get notified via email when something gets posted.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DDoS Attacks That Employ TCP Amplification Cause Network Congestion, Secondary Outages
November 14, 2019
Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification. Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection attacks, specifically SYN-ACK reflection attacks, against companies across the world. The scope of the impact was ...
- McAfee antivirus software impacted by code execution vulnerability
November 12, 2019
Researchers have revealed a serious code execution vulnerability impacting all editions of McAfee software. On Tuesday, the SafeBreach Labs cybersecurity team said that CVE-2019-3648 can be used to bypass McAfee’s self-defense mechanisms, potentially leading to further attacks on a compromised system. The vulnerability exists due to a failure to validate whether or not loading DLLs have been signed, and a path ...
- Emotet resurgence packs in new binaries, Trickbot functions
November 6, 2019
Emotet, a Banking Trojan turned devastating modular threat, has returned with upgraded functions in a new wave of attacks. The malware, first discovered in 2014, has evolved over the past few years from a relatively basic, singular threat into a customizable modular package used to deploy additional payloads against financial institutions, the enterprise, and consumers worldwide. Emotet, believed to ...
- Kaspersky identifies mysterious APT mentioned in 2017 Shadow Brokers leak
November 5, 2019
In 2017, a mysterious group of hackers known as the Shadow Brokers published online a data dump called “Lost in Translation.” The data dump — believed to have been obtained from the US National Security Agency (NSA) — contained a collection of exploits and hacking tools, including the now-infamous EternalBlue, the exploit that provided the steam ...
- Buran Ransomware; the Evolution of VegaLocker
November 5, 2019
McAfee’s Advanced Threat Research Team observed how a new ransomware family named ‘Buran’ appeared in May 2019. Buran works as a RaaS model like other ransomware families such as REVil, GandCrab (now defunct), Phobos, etc. The author(s) take 25% of the income earned by affiliates, instead of the 30% – 40%, numbers from notorious malware families ...
- Wizard Spider Upgrades Ryuk Ransomware to Reach Deep into LANs
November 4, 2019
The Ryuk ransomware has added two features to enhance its effectiveness: The ability to target systems that are in “standby” or sleep mode; and the use of Address Resolution Protocol (ARP) pinging to find drives on a company’s LAN. Both are employed after the initial network compromise of a victim organization. Ryuk, which is distributed by ...