Malware Uses Trigonometry to Track Mouse Strokes

The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected. [TechWeb]( Follow Dark Reading: [RSS]( November 21, 2023 LATEST SECURITY NEWS & COMMENTARY [Malware Uses Trigonometry to Track Mouse Strokes]( The latest LummaC2 infostealer version includes a novel anti-sandbox trick to avoid detonating when no human mouse movements are detected. [Amid Military Buildup, China Deploys Mustang Panda in the Philippines]( China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea. [How the Evolving Role of the CISO Impacts Cybersecurity Startups]( CISOs and vendors must work together to keep up with emerging threats and find solutions, says a group of CISOs and security entrepreneurs. [CISA Launches Pilot Program to Address Critical Infrastructure Threats]( CISA expects to extend this program to include up to 100 critical infrastructure entities in its first year. [(Sponsored Article) Security Is a Process, Not a Tool]( Process failures are the root cause of most serious cybersecurity incidents. We need to treat security as a process issue, not try to solve it with a collection of tools. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Hackers Weaponize SEC Disclosure Rules Against Corporate Targets]( Ransomware group BlackCat/ALPHV files SEC complaint against its latest victim, putting an audacious new twist on cyber extortion tactics. [Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass]( There's no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action. [Hands Off the Security Budget! Find Efficiencies to Reduce Risk]( Security budgets will benefit from new priorities, streamlined responses rather than wholesale cost-cutting in light of cyberattacks and increased regulatory requirements. [Steps CISOs Should Take Before, During & After a Cyberattack]( By creating a plan of action, organizations can better respond to attacks. [MORE]( EDITORS' CHOICE [Scattered Spider Casino Hackers Evade Arrest in Plain Sight]( The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes? LATEST FROM THE EDGE [Exploited Vulnerabilities Can Take Months to Make KEV List]( The Known Exploited Vulnerabilities (KEV) catalog is a high-quality source of information on software flaws being exploited in the wild, but updates are often delayed, so companies need other sources of threat intelligence. LATEST FROM DR TECHNOLOGY [Cybersecurity Investment Involves More Than Just Technology]( Organizations are also looking at threat intelligence, risk assessment, cyber insurance, and third-party risk management. LATEST FROM DR GLOBAL [Saudi Arabia Arms Public Sector With Google Cloud Services]( Chronicle CyberShield will be offered as a managed service with security monitoring and Mandiant incident response included. WEBINARS - [SecOps & DevSecOps in the Cloud]( Security teams today face the dual challenge of securing cloud-native applications as well as their software development processes that increasingly operate in the cloud. At the same time, attacks are rising against misconfigured cloud instances as well as a new ... - [Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods]( Inadequate authentication measures leave your digital identity vulnerable to cybercriminals. Tools like multi-factor authentication, biometrics, passwords, PINs, and tokens are all more vulnerable to attacks and social engineering than you realize. And one wrong move leaves you and your organization ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( [View More White Papers >>]( FEATURED REPORTS - [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( - [How to Deploy Zero Trust for Remote Workforce Security]( - [Everything You Need to Know About DNS Attacks]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Lasso Security Emerges From Stealth With $6M Seed Funding for Gen AI and Advanced LLM Cybersecurity]( [VicOne and Block Harbor Deliver Integrated Workflow-Based Cybersecurity System]( [CompTIA Advises Retailers to Check their Cybersecurity Preparedness Ahead of the Holiday Shopping Season]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Tips for a Streamlined Transition to Zero Trust]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=119471&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_11.21.23&sp_cid=50620&utm_content=DR_NL_Dark%20Reading%20Daily_11.21.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#3b If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)