Hackers, dubbed “Scattered Spider”, are targeting insurance and financial enterprises with cloud service attacks to steal data and demand ransom. The hackers’ methods include searching services like GitHub for cloud access tokens accidentally left in source code by programmers. The stolen data is exfiltrated and a ransom demanded for its return. Admins can protect against such attacks by enabling multi-factor authentication (MFA) and ensuring staff can recognise phishing attempts.
New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth
An updated version of a malware loader, known as Hijack Loader, has been discovered with new features aimed at evading detection and maintaining persistence. The
