Nov 23, 2024Ravie LakshmananArtificial Intelligence / Cryptocurrency The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters with ties to the … Read more
Malicious packages on the Python Package Index (PyPI), claiming to provide API access to OpenAI’s ChatGPT and Anthropic’s Claude AI models, were discovered by Kaspersky researchers to contain the JarkaStealer infostealer malware, the cybersecurity company said in a blog post Thursday. The packages, named “gptplus” and “claudeai-eng,” were both uploaded by a user called … Read more
Nov 22, 2024Ravie LakshmananCyber Espionage / Malware Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future’s Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer … Read more
Cybercriminals have adopted a novel trick for infecting devices with malware: sending out physical letters that contain malicious QR codes. Switzerland’s National Cyber Security Centre (NCSC) has issued a warning to the public about letters sent through the post that pretend to come from the Swiss Federal Office of Meteorology and Climatology (MeteoSwiss) that encourage … Read more
COMMENTARY: As 2024 winds down, malware families such as BlackLotus, Emotet, Beep, and Dark Pink continue to present distinct challenges for organizations across various industries. Each malware family has been evolving in its tactics, increasingly focusing on evasion and exploiting trusted security mechanisms and understanding their behavior, motivations, and targets is essential for strengthening defenses. … Read more