Cybercriminals Team Up to Upgrade 'SapphireStealer' Malware

A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features. [TechWeb]( Follow Dark Reading: [RSS]( September 01, 2023 LATEST SECURITY NEWS & COMMENTARY [Cybercriminals Team Up to Upgrade 'SapphireStealer' Malware]( A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features. [Paramount, Forever 21 Data Breaches Set Stage for Follow-on Attacks]( The Forever 21 breach alone affects a half-million people, who could be a mix of consumers and employees; Paramount is staying mum on who exactly is impacted. [Insurance Costs Rise, Coverage Shrinks, but Policies Remain Essential]( The number of companies that have used their cyber insurance policies multiple times rises, but policy coverage grows more expensive and less comprehensive. [UN: Southeast Asia Gangs Are Trafficking Cybercrime Workers]( Cybercrime syndicates are forcing people into working for them, and it's a difficult issue to solve, involving digital platforms, political powers, and organized crime on a global scale. [Cyberattackers Swarm OpenFire Cloud Servers With Takeover Barrage]( The Kinsing threat group has launched more than 1,000 cyberattacks in less than two months, exploiting a security vulnerability in the internal corporate messaging app in order to upload the malware and a cryptominer. [Apple iPhone 14 Pro Offered Up to the Hacking Masses]( Since launching in 2019, the Security Device Research Program has discovered 130 critical vulnerabilities; applications are now open for Apple's 2024 iteration. [Adversaries Ride RocketMQ Bug to DreamBus Bot Resurgence]( Last seen in 2021, DreamBus Monero crypto bot is back and finding new life on vulnerable RocketMQ servers. [A Brief History of ICS-Tailored Attacks]( It's on the cyber defenders to learn from the past and make industrial control system networks hostile to attackers. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines]( "Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind. [4 Strategies to Safeguard the Finance Industry Against Deepfake Onslaught]( Through strategic measures and a united front, the finance industry can overcome the looming threat of deepfakes. [Meta Cripples China's Signature 'Spamouflage' Influence Op]( The social media giant is taking on Dragonbridge, the "largest known cross-platform covert influence operation in the world." [Should Senior IT Professionals Be Accountable for Professional Decisions?]( Everyone makes mistakes — but what if your mistakes risk the security of millions of people? [MORE]( EDITORS' CHOICE [APT Attacks From 'Earth Estries' Hit Gov't, Tech With Custom Malware]( A sophisticated threat actor managed to fly under the radar for three years, despite flexing serious muscle. LATEST FROM THE EDGE [Confusion Surrounds SEC's New Cybersecurity Material Rule]( Determining what to report and which details to disclose are complex questions with elusive answers. LATEST FROM DR TECHNOLOGIES [Authentication Outage Underscores Why 'Fail Safe' Is Key]( Duo's service outage last week, impacting schools and businesses, highlights how companies should build in resiliency and business continuity into their authentication schemes. LATEST FROM DR GLOBAL [UK Agrees to Support Kuwait's Cybersecurity Center]( The UK has agreed to help the Kuwaitis meet their stated goal of information-sharing and achieving globally coordinated incident response going forward. WEBINARS - [Passwords Are Passe: Next Gen Authentication for Today's Threats]( Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ... - [Protecting the Database: How to Secure Your Enterprise Data]( For many enterprises, the "crown jewels" are found in their database applications - virtual "crown jewels" of data in traditional database applications that are often linked to the Internet. What are the chief threats to today's databases? How can you ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Building Cyber Resiliency: Key Strategies for Proactive Security Operations]( - [Crucial Considerations when Enabling Secure Industrial Digital Transformation]( - [Essential SASE Must-haves]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Everything You Need to Know About DNS Attacks]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [National Cybersecurity Alliance Receives 200K Grant From Craig Newmark Philanthropies for HBCU Cybersecurity Program]( [Cygna Labs Corp. Announces Expansion of its DNS Firewall Service]( [3 out of 4 Cyberattacks in the Education Sector Are Associated With a Compromised On‑Premises User or Admin Account]( [Introducing SafeUTM: The Free Version of NGFW]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Secrets of Successful SecOps Data Analytics]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117958&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.01.23&sp_cid=49665&utm_content=DR_NL_Dark%20Reading%20Daily_09.01.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#7e If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)