Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

This dangerous APT has expanded its skills with some new tools - here's what we know

Mustang Panda gave CoolClient new bells and whistles, including clipboard monitoring.
Dark Reading

'VoidLink' Malware Poses Advanced Threat to Linux Systems

Linux systems may soon be facing a new threat with an advanced, cloud-first malware framework developed by China-affiliated actors that's aimed at establishing persistent access to cloud and container ...
Bleeping Computer

New VoidLink malware framework targets Linux cloud servers

A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for ...
IEEE

Rootkit Detection Using Hybrid Machine Learning Models and Deep Learning Model: Implementation

Abstract: Rootkits are a type of malicious software designed to exploit system vulnerabilities and evade detection by traditional security mechanisms. This study proposes a comprehensive approach for ...
IEEE

Improvise, Adapt, Overcome: Dynamic Resiliency Against Unknown Attack Vectors in Microgrid Cybersecurity Games

Abstract: Cyber-physical microgrids are vulnerable to rootkit attacks that manipulate system dynamics to create instabilities in the network. Rootkits tend to hide their access level within microgrid ...