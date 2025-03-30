news
Security and More
OpenSSF (Linux Foundation) ☛ GuardDog: Strengthening Open Source Security Against Supply Chain Attacks
Datadog is a proud Open Source Security Foundation (OpenSSF) member, and we believe that being a part of this security community will lead us all to a safer place. Attackers are increasingly turning to supply chain attacks to distribute their malicious code, and the Open Source Vulnerabilities (OSV) database, to which OpenSSF is a leading contributor, is a valuable source of information that helps make everyone aware of packages that have been compromised or published with malicious intent.
Security Week ☛ Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe.
SANS ☛ A Tale of Two Phishing Sites, (Fri, Mar 28th)
In phishing and in malspam, as in any other field, one can see certain trends develop over time. For obvious reasons, most threat actors like to use techniques and approaches that are novel and, thus, more effective. This commonly leads to adoption of the same techniques and technologies by multiple threat actors at the same time, which applies even to the use of the same phishing kits. Still, the same kit may end up looking completely different in the hands of different actors, as the following example shows.
Scoop News Group ☛ Dihydroxyacetone Man’s ‘preparedness’ executive order would shift cyber defense burden where it doesn’t belong, experts say
The order says state and local governments should “own” addressing risks like cyberattacks. It’s a mismatch when a small town goes up against China, experts countered.
Silicon Angle ☛ F5 report finds bots now drive majority of web content traffic
A new report out today from application security firm F5 Inc. reveals that bots now generate more than half of all web content page requests, with generative artificial intelligence providers driving a sharp increase in automated traffic.
Security Week ☛ Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.
Security Week ☛ New Issuance Requirements Improve HTTPS Certificate Validation
HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation.
Security Week ☛ In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked
Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced.
Windows TCO / Windows Bot Nets
Security Week ☛ 9-Year-Old NPM Crypto Package Hijacked for Information Theft [Ed: NPM is Microsoft]
Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.
Security Week ☛ Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware
Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.
