Malicious packages on the Python Package Index (PyPI), claiming to provide API access to OpenAI’s ChatGPT and Anthropic’s Claude AI models, were discovered by Kaspersky researchers to contain the JarkaStealer infostealer malware, the cybersecurity company said in a blog post Thursday. The packages, named “gptplus” and “claudeai-eng,” were both uploaded by a user called … Read more
Nov 22, 2024Ravie LakshmananCyber Espionage / Malware Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future’s Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer … Read more
Cybercriminals have adopted a novel trick for infecting devices with malware: sending out physical letters that contain malicious QR codes. Switzerland’s National Cyber Security Centre (NCSC) has issued a warning to the public about letters sent through the post that pretend to come from the Swiss Federal Office of Meteorology and Climatology (MeteoSwiss) that encourage … Read more
COMMENTARY: As 2024 winds down, malware families such as BlackLotus, Emotet, Beep, and Dark Pink continue to present distinct challenges for organizations across various industries. Each malware family has been evolving in its tactics, increasingly focusing on evasion and exploiting trusted security mechanisms and understanding their behavior, motivations, and targets is essential for strengthening defenses. … Read more
The Zscaler ThreatLabz 2023 Enterprise IoT and OT Threat Report says the increasing frequency of malware attacks targeting IoT devices is a significant concern for OT security, as the mobility of malware can facilitate movement across different networks, potentially endangering critical OT infrastructure. Deepen Dasai “Weak enforcement of security standards for IoT device manufacturers coupled … Read more