Crypto client or cyber trap? [Research Saturday]
CyberWire Daily4 Jan 2025

Crypto client or cyber trap? [Research Saturday]

Karlo Zanki, Reverse Engineer at ReversingLabs, discussing their work on "Malicious PyPI crypto pay package aiocpa implants infostealer code." ReversingLabs' machine learning-based threat hunting system identified a malicious PyPI package, aiocpa, designed to exfiltrate cryptocurrency wallet information. Unlike typical attacks involving typosquatting, the attackers published a seemingly legitimate crypto client tool to build trust before introducing malicious updates. ReversingLabs used its Spectra Assure platform to detect behavioral anomalies and worked with PyPI to remove the package, highlighting the growing need for advanced supply chain security tools to counter increasingly sophisticated threats. The research can be found here: Malicious PyPI crypto pay package aiocpa implants infostealer code Learn more about your ad choices. Visit megaphone.fm/adchoices

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(3672)

Gone with the command.

Gone with the command.

International operation disrupts Amadey and StealC malware infrastructure. Australian spy chief warns nation-state hackers are prepositioning for future sabotage. Stealthy new backdoor may be tied to ...

25 Juni 25min

Klue me in on the breach.

Klue me in on the breach.

LastPass says Klue breach affected customer information, but passwords remain secure. Attackers begin exploiting Cisco Unified CM vulnerability. CISA flags actively exploited Ubiquiti and Lantronix fl...

24 Juni 28min

All eyes on AI.

All eyes on AI.

Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of Forti...

23 Juni 24min

The Klue is in the data trail.

The Klue is in the data trail.

Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Securit...

22 Juni 29min

Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]

Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]

Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground. In this week’s epi...

21 Juni 32min

Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]

Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]

For years, security teams had time between discovery and exploitation. Time to triage. Time to validate. Time to prioritize what to fix first. AI has compressed that window. Frontier models now discov...

21 Juni 25min

Peeling back Banana RAT. [Research Saturday]

Peeling back Banana RAT. [Research Saturday]

This week, we are joined by Tom Kellermann, Trend Micro's VP of AI Security and Threat Research, discussing their work on "Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud." Re...

20 Juni 28min

CyberWire Daily at 10: A decade of leaks, espionage, and influence operations. [Special Edition]

CyberWire Daily at 10: A decade of leaks, espionage, and influence operations. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss leaks, espionage and influence operations over the past 10 years. Togeth...

19 Juni 26min

Populärt inom Politik & nyheter

svenska-fall
motiv
de-fyras-gang
p3-krim
aftonbladet-krim
spar
tv4-nyheterna-story
rss-expressen-dok
flashback-forever
aftonbladet-daily
rss-sanning-konsekvens
svd-dokumentara-berattelser-2
rss-flodet
rss-vad-fan-hande
rss-krimreportrarna
rss-frandfors-horna
olyckan-inifran
svd-ledarredaktionen
kungligt
grans