This Week’s Top 5 Cybersecurity News Stories November 2024 | 02
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus
A new malware campaign, CRON#TRAP, leverages a unique twist: infecting Windows systems with a hidden Linux virtual machine backdoor, granting attackers remote access.
Distributed through phishing emails masked as “OneAmerica surveys,” this stealthy tactic uses QEMU to run a concealed Linux instance on the host. The campaign underscores evolving threats requiring advanced detection and security strategies.
More details: The Hacker News.
2. North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
A sophisticated cyber campaign by North Korean threat actor BlueNoroff, dubbed Hidden Risk, is targeting cryptocurrency businesses, deploying multi-stage malware on macOS via fake crypto news PDFs.
Using signed, notarized apps, BlueNoroff gains persistent access by evading Apple’s macOS warnings. This campaign, aligned with other DPRK cyber initiatives, demonstrates the evolving, stealthy tactics in the cyber realm, especially around crypto-related industries.
More details: The Hacker News.
3. Schneider Electric confirms dev platform breach after hacker steals data
Schneider Electric confirmed a breach in its developer platform after a hacker, “Grep,” allegedly stole 40GB of data from their JIRA server. Gaining access via exposed credentials, Grep claims to have extracted 400,000 rows of user data, including 75,000 email addresses.
Now rebranded as the Hellcat ransomware gang, the group demands $125,000 to prevent data leaks, marking a new wave of extortion tactics targeting major firms.
More details: Bleeping Computer.