Mallox Ransomware Group Revamps Malware Variants, Evasion Tactics

The group continues to target SQL servers, adding the Remcos RAT, BatCloak, and Metasploit in an attack that shows advance obfuscation methods. [TechWeb]( Follow Dark Reading: [RSS]( August 08, 2023 LATEST SECURITY NEWS & COMMENTARY [Mallox Ransomware Group Revamps Malware Variants, Evasion Tactics]( The group continues to target SQL servers, adding the Remcos RAT, BatCloak, and Metasploit in an attack that shows advance obfuscation methods. [Dark Reading News Desk: Live at Black Hat USA 2023]( On Wednesday, Aug. 9, Dark Reading News Desk will return to Black Hat USA 2023. [Ransomware Victims Surge as Threat Actors Pivot to Zero-Day Exploits]( Threat actors such as the operators of the Cl0p ransomware family increasingly exploit unknown and day-one vulnerabilities in their attacks. [Apple Users See Big Mac Attack, Says Accenture]( Accenture's Cyber Threat Intelligence unit has observed a tenfold rise in Dark Web threat actors targeting macOS since 2019, and the trend is poised to continue. [Colorado Dept. of Higher Education Hit With Massive Data Breach]( Last week, the department uncovered a data breach that occurred back in June stemming from what it deems to be a cybersecurity ransomware incident. [Selling Software to the US Government? Know Security Attestation First]( Challenging new safety requirements are needed to improve security and work toward a more secure future. [(Sponsored Article) What C-Suite Leaders Need to Know About XDR]( Considering adopting extended detection and response (XDR) in your cybersecurity defense program? Here's what you need to know about the technology platform. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [How to Talk So Your CISO Will Listen]( Tailor your business project proposal to suit the language your company's CISO speaks, be it business, technical, or compliance. Do your research first and gather support from around the company. [Salesforce Zero-Day Exploited to Phish Facebook Credentials]( The cyberattacks used the legitimate Salesforce.com domain by chaining the vulnerability to an abuse of Facebook's Web games platform, slipping past email protections. [How To Deal With the Vagueness in New Cyber Regulations]( Recent regulations for privacy, AI, and breaches tend to be overly broad, suggesting that the rulemakers lack tech acumen. [MORE]( EDITORS' CHOICE [Google, Microsoft Take Refuge in Rust Language's Better Security]( More tech giants are turning to the Rust programming language for its built-in memory safety and other security features. LATEST FROM THE EDGE [Name That Edge Toon: How Now?]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY [Defenders Buckle Up for a Future of Detecting Deepfakes]( Today technology companies have high success rates against generative AI-created voices and videos, but future detection will be much more difficult. LATEST FROM DR GLOBAL [SANS Teaches Cybersecurity Leadership in Saudi Arabia]( Infosecurity learning modules will cover security planning, policy, and leadership. WEBINARS - [Where and When Automation Makes Sense For Enterprise Cybersecurity]( A shortage of skilled IT security professionals has made it tempting to try to automate everything. But security teams have to be able to determine which tasks are safe to automate. How does emerging automation technology work, and how can ... - [Best Practices and Tools for OT and IT Security]( For years, information technology and operations technology systems have existed in parallel, but that is no longer the case. As the attack against Colonial Pipeline illustrated, attacks against IT can potentially impact OT, and vice versa. OT environments have their ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... - [Everything You Need to Know About DNS Attacks]( - [How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment]( Concerns over API security and low-code/no-code use added to an already-full plate of application security challenges for many organizations over the last year. IT and security decision-makers are deeply concerned about compromises resulting from vulnerabilities in the software supply ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Akamai Research: Rampant Abuse of Zero-Day and One-Day Vulnerabilities Leads to 143% Increase in Victims of Ransomware]( [SecurityScorecard Launches Managed Cyber Risk Services to Mitigate Zero-Day and Critical Supply Chain Vulnerabilities]( [Cloud Security Market Worth $62.9B by 2028]( [Endor Labs Raises $70M to Reform Application Security and Eliminate Developer Productivity Tax]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How Supply Chain Attacks Work, and How to Stop Them]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117640&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.08.23&sp_cid=49431&utm_content=DR_NL_Dark%20Reading%20Daily_08.08.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#67 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)