InfoSec Dot - Issue #71. DarkCrystal RAT Strikes Ukraine🖥️🎭 | Nakivo Under Attack🎯⚠️ | VenomRAT Hidden in VHDs🕵️💀

In partnership with

Hello, Cybersecurity Enthusiasts!

In this edition, we uncover a major darknet marketplace wallet reawakening after nine years, moving $400M in BTC and sparking laundering concerns. We also analyze the Chinese hackers' breach of Juniper Networks, highlighting vulnerabilities in enterprise infrastructure.

Additionally, we dive into Bank of America's massive data breach, exposing customer information, and explore Switzerland’s new 24-hour cyberattack reporting rule, signaling tighter regulations for critical sectors.

Stay ahead with these vital updates to fortify your security posture.

Optimize global IT operations with our World at Work Guide

Explore this ready-to-go guide to support your IT operations in 130+ countries. Discover how:

• Standardizing global IT operations enhances efficiency and reduces overhead

• Ensuring compliance with local IT legislation to safeguard your operations

• Integrating Deel IT with EOR, global payroll, and contractor management optimizes your tech stack

Leverage Deel IT to manage your global operations with ease.

Download free guide

🗓️ What’s New

Dark Crystal RAT Targets Ukraine

CERT-UA warns of a new cyber espionage campaign deploying the Dark Crystal RAT to compromise Ukrainian organizations. Attackers leverage phishing emails to deliver the malware, aiming to exfiltrate sensitive data. Read More (2 Mins)

Shadow IT Risks in Remote Work

The rise of remote work has fueled Shadow IT, as employees use unauthorized apps and services, creating security blind spots. Experts urge businesses to enforce stronger policies and monitoring to mitigate risks. Read More (3 Mins)

NIST’s HQC Encryption: A Post-Quantum Shield

NIST has selected the HQC algorithm for post-quantum encryption, aiming to protect sensitive data from future quantum threats. Organizations are urged to prepare for the next era of cryptographic security. Read More (3 Mins)

Akira Ransomware Decryptor Released

Security researchers have unveiled a GPU-powered decryptor for Akira ransomware, offering victims a chance to recover their files without paying hackers. Experts recommend immediate action to mitigate ongoing risks. Read More (4 Mins)

SVenomRAT Hidden in Virtual Disks

Hackers are embedding VenomRAT malware inside virtual hard disk (VHD) files, bypassing security measures to gain remote control over infected systems. Users are urged to be cautious when opening unfamiliar VHD files. Read More (3 Mins)

Apache Tomcat RCE Exploit Goes Public

Exploit code for a critical Apache Tomcat remote code execution (RCE) vulnerability has surfaced on a Chinese forum, raising concerns over widespread exploitation. Admins are urged to patch immediately to prevent attacks. Read More (2 Mins)

Nakivo Backup Vulnerability Added to KEV List!

CISA has flagged a critical Nakivo Backup & Replication vulnerability in its Known Exploited Vulnerabilities (KEV) catalog. Security teams are urged to apply patches immediately as attackers actively target unpatched systems. Read More (2 Mins)

🔗 Quick Links

• ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers

• Amazon Launches A Quantum Semiconductor Chip

• GitHub accounts targeted with fake security alerts

• Sperm bank California Cryobank confirms data breach

• Malware campaign 'DollyWay' breached 20,000 WordPress sites

• Google to Acquire Cloud Security Giant Wiz for $32 Billion in Cash

If you like this issue, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

If you have specific feedback or anything interesting you’d like to share, please let me know by replying to this email.

Regards,

Dot