Welcome to another Lunch Time breakout:
Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years
A shellcode-based packer dubbed TrickGate has been successfully operating without attracting notice for over six years, while enabling threat actors to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil over the years.
“TrickGate managed to stay under the radar for years because it is transformative – it undergoes changes periodically
Read more….
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine.
“The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting files,” cybersecurity company ESET revealed in its latest APT Activity Report shared with The Hacker
Read more….
Serious Security: The Samba logon bug caused by outdated crypto
Enjoy our Serious Security deep dive into this real-world example of why cryptographic agility is important!
Read more….
GitHub code-signing certificates stolen (but will be revoked this week)
There was a breach, so the bad news isn’t great, but the good news isn’t too bad…
Read more….
Follow for more…
amoran.io 