Rust | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have uncovered further links between BlackCat (aka ALPHV) and BlackMatter ransomware families, the former of which emerged as a replacement following international scrutiny last year. "At least some members of the new  BlackCat  group have links to the BlackMatter group, because they modified and reused a custom exfiltration tool [...] and which has only been observed in BlackMatter activity," Kaspersky researchers  said  in a new analysis. The tool, dubbed Fendr, has not only been upgraded to include more file types but also used by the gang extensively to steal data from corporate networks in December 2021 and January 2022 prior to encryption, in a popular tactic called double extortion. The findings come less than a month after Cisco Talos researchers  identified  overlaps in the tactics, techniques, and procedures (TTPs) between BlackCat and BlackMatter, describing the new ransomware variant as a case of "vertical business expansion.&qu

The maintainers of the Rust programming language have released a security update for a high-severity vulnerability that could be abused by a malicious party to purge files and directories from a vulnerable system in an unauthorized manner. "An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete," the Rust Security Response working group (WG)  said  in an  advisory  published on January 20, 2021. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability. The flaw, which is tracked as  CVE-2022-21658  (CVSS score: 7.3), has been credited to security researcher Hans Kratz, with the team pushing out a fix in  Rust version 1.58.1  shipped last week. Specifically, the issue stems from an improperly implemented check to prevent recursive deletion of symbolic links (aka  symlinks ) in a standard library function named "std::fs::remove_dir_all." This results

Details have emerged about what's the first Rust-language-based ransomware strain spotted in the wild that has already amassed "some victims from different countries" since its launch last month. The ransomware, dubbed  BlackCat , was  disclosed  by MalwareHunterTeam. "Victims can pay with Bitcoin or Monero," the researchers said in a series of tweets detailing the file-encrypting malware. "Also looks they are giving credentials to intermediaries" for negotiations. BlackCat, akin to many other variants that have sprung before it, operates as a ransomware-as-a-service (RaaS), wherein the core developers recruit affiliates to breach corporate environments and encrypt files, but not before stealing the said documents in a double extortion scheme to pressure the targets into paying the requested amount or risk exposure of the stolen data should the companies refuse to pay up. Security researcher Michael Gillespie  called  it a "very sophisticated

Cybersecurity researchers on Monday disclosed a new malspam campaign distributing a fresh variant of a malware loader called "Buer" written in Rust, illustrating how adversaries are constantly honing their malware toolsets to evade analysis. Dubbed "RustyBuer," the malware is propagated via emails masquerading as shipping notices from DHL Support, and is said to have affected no fewer than 200 organizations across more than 50 verticals since early April. "The new Buer variant is written in Rust, an efficient and easy-to-use programming language that is becoming increasingly popular," Proofpoint researchers  said  in a report shared with The Hacker News. "Rewriting the malware in Rust enables the threat actor to better evade existing Buer detection capabilities." First introduced in August of 2019,  Buer  is a modular malware-as-a-service offering that's sold on underground forums and used as a first-stage downloader to deliver additiona

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project (AOSP) with Rust for the past 18 months, with plans in the pipeline to scale this initiative to cover more aspects of the operating system. "Managed languages like Java and Kotlin are the best option for Android app development," Google  said . "The Android OS uses Java extensively, effectively protecting large portions of the Android platform from memory bugs. Unfortunately, for the lower layers of the OS, Java and Kotlin are not an option." Stating that code written in C and C++ languages requires robust isolation when parsing untrustworthy input, Google said the technique of containing such code within a tightly constrained and unprivileged sandbox can be expensive, causing latency issues and additional