Recently, Check Point Research observed threat actors using GitHub to achieve initial infections by utilizing new methods.
Previously, GitHub was used to distribute malicious software directly, with a malicious script downloading either raw encrypted scripting code or malicious executables. Their tactics have now changed and evolved. Threat actors now operate a network of “Ghost” accounts that distribute malware via malicious links on their repositories and encrypted archives as releases. This network not only distributes malware but also provides various other activities that make these “Ghost” accounts appear as normal users.
Read more…
Source: Check Point
Related:
- Pharma giant Cencora hit by major cyberattack
February 28, 2024
Cencora has confirmed suffering a data breach earlier this month which resulted in the theft of sensitive, personal data. Cencora is a drug wholesale company and a contract research firm that was previously known as Amerisource Bergen. It was formed in 2001, after the merger of Bergen Brunswig and AmeriSource. Read more… Source: MSN News
- Most data breaches on enterprise attack the supply chain
February 28, 2024
The vast majority of data breaches happening in the enterprise occurred through the software and technology supply chain. This is according to the Global Third-Party Cybersecurity Breach Report, a new research paper published by the SecurityScorecard security organization. As per the report, 75% of all third-party breaches targeted the software and technology supply chains, mostly because ...
- Lockbit cybercrime gang says it is back online following global police bust
February 26, 2024
Lockbit, the cybercrime gang that was knocked offline by a comprehensive international police operation earlier this month, says it has restored its servers and is back in business. The group, notorious on the internet’s criminal underground for using malicious software called ransomware to digitally extort its victims, was the target of an unprecedented international law enforcement ...
- Charlotte Cowles’s $50,000 Scam Article, Anyone Can Become a Victim
February 23, 2024
“You must follow my directions very carefully. We do not have much time.” These are some of the words scammers used to influence and ultimately defraud Charlotte Cowles, a financial columnist at New York Magazine, in an elaborate imposter scam that cost Cowles and her family $50,000. In this one line alone, there are two classic ...
- Canada: RCMP confirms ‘alarming’ cyber event targeting its networks
February 23, 2024
The Royal Canadian Mounted Police confirmed to CTV News on Friday that it was dealing with a cyber event that targeted its networks, forcing it to launch a criminal investigation into the breach. “At this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” RCMP media ...
- China’s top anti-espionage authority warns of secret leaks through smart wearable devices
February 23, 2024
China’s top anti-espionage authority warned on Friday that various smart wearable devices may become “cyber spies” used by foreign intelligence agencies to carry out espionage activities, posing a threat to national security. The Ministry of State Security (MSS) said on its official WeChat account on Friday that when smart wearable devices are connected to smartphones via ...