[BleepingComputer] E-commerce giant suffers major data breach in Codecov incident

E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack. Mercari is a Japanese public company and an online marketplace that has recently expanded its operations to the United States and United Kingdom. […] Source: Read More (BleepingComputer)

Read More

[HackerNews] Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware

Microsoft on Thursday warned of a “massive email campaign” that’s pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. “This RAT is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them,” the Microsoft Security Intelligence team said in […]

Read More

[SANS ISC] Locking Kernel32.dll As Anti-Debugging Technique, (Fri, May 21st)

For bad guys, the implementation of techniques to prevent Security Analysts to perform their job is key! The idea is to make our life more difficult (read: “frustrating”). There are plenty of techniques that can be implemented[1] but it’s an ever-ongoing process. Note that this topic is covered in the SANS FOR610[2] training. An anti-debugging […]

Read More