Hackers Use Rare Stealth Techniques to Down Asian Military, Gov't Orgs

A threat actor resembling APT41 performed "AppDomainManager Injection," which is like DLL sideloading, but arguably easier and stealthier.

Follow Dark Reading:

August 27, 2024

LATEST SECURITY NEWS & COMMENTARY Hackers Use Rare Stealth Techniques to Down Asian Military, Gov't Orgs A threat actor resembling APT41 performed "AppDomainManager Injection," which is like DLL sideloading, but arguably easier and stealthier. Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers. Microsoft to Host Windows Security Summit in CrowdStrike Outage Aftermath The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again. Seattle-Tacoma Airport Suffers System Outages Due to Possible Cyberattack As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions. Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors. MORE NEWS / MORE COMMENTARY HOT TOPICS Constantly Evolving MoonPeak RAT Linked to North Korean Spying The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs. NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams The release of new NIST quantum-proof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats. C-Suite Involvement in Cybersecurity Is Little More Than Lip Service Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity. Why End of Life for Applications Is the Beginning of Life for Hackers In the next year, more than 35,000 applications will move to end-of-life status. To manage risk effectively, we need to plan ahead. Name That Toon: Security Games Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. MORE PRODUCTS & RELEASES Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity MORE PRODUCTS & RELEASES EDITORS' CHOICE Patch Now: Second SolarWinds Critical Bug in Web Help Desk The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software. LATEST FROM THE EDGE White House Pledges $10 Million for Open Source Initiative The Open-Source Software Prevalence Initiative, announced at DEF CON, will examine how open source software is used in critical infrastructure. LATEST FROM DR TECHNOLOGY DARPA Announces AI Cyber Challenge Finalists Teams designed AI systems to secure open source infrastructure software to be used in industries like financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize. LATEST FROM DR GLOBAL India's Critical Infrastructure Suffers Spike in Cyberattacks The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity. WEBINARS Harnessing the Power of Automation to Boost Enterprise Cybersecurity Determining Exposure and Risk In The Event of a Breach View More Dark Reading Webinars >> WHITE PAPERS Purple AI Datasheet 5 Essential Insights into Generative AI for Security Leaders SANS 2024 Security Awareness Report How to Use Threat Intelligence to Mitigate Third-Party Risk Ten Elements of Insider Risk in Highly Regulated Industries Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks IT Risk & Compliance Platforms: A Buyer's Guide View More White Papers >> FEATURED REPORTS Threat Hunting's Evolution:From On-Premises to the Cloud State of Enterprise Cloud Security Managing Third-Party Risk Through Situational Awareness View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | Informa Tech | Privacy Statement | Terms & Conditions | Contact Us