#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Rust Programming Language | Breaking Cybersecurity News | The Hacker News

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

Aug 28, 2023 Supply Chain / Software Security
In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf," Phylum  said  in a report published last week. The names of the packages, now taken down, are as follows: postgress, if-cfg, xrvrv, serd, oncecell, lazystatic, and envlogger. It's not clear what the end goal of the campaign was, but the suspicious modules were found to harbor functionalities to capture the operating system information (i.e., Windows, Linux, macOS, or Unknown) and transmit the data to a hard-coded Telegram channel via the messaging platform's API. This suggests that the campaign may have been in its early stages and that the threat actor may have been casting a wide net to compromise as many developer machines as possible to deliver rogue updates with imp
New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

Dec 19, 2022 Data Security / Endpoint Security
A Rust variant of a ransomware strain known as  Agenda  has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after  BlackCat, Hive, Luna, and RansomExx . Agenda , attributed to an operator named Qilin, is a ransomware-as-a-service (RaaS) group that has been linked to a spate of attacks primarily targeting manufacturing and IT industries across different countries. A previous version of the ransomware, written in Go and customized for each victim, singled out healthcare and education sectors in countries like Indonesia, Saudi Arabia, South Africa, and Thailand. Agenda, like Royal ransomware , expands on the idea of partial encryption (aka intermittent encryption) by configuring parameters that are used to determine the percentage of file content to be encrypted. "This tactic is becoming more popular among ransomware actors as it lets them encrypt faster and avoid detections that heavily rely on read/write file operation
Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

Apr 10, 2024Webinar / Identity Security
We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think. Think of it like this: misconfigurations, forgotten accounts, and old settings are like cracks in your digital fortress walls. Hackers exploit these weaknesses to steal login information, gain sneaky access, and move around your systems unnoticed, whether they're in the cloud or on-site. This upcoming webinar,  " Today's Top 4 Identity Security Threat Exposures: Are You Vulnerable? "  isn't just for tech experts—it's about protecting your business.  We'll use real-world examples and insights from Silverfort's latest report to show you the hidden dangers of ITEs. You'll learn about: The Top 4 Identity Threats You Might Be Overlooking:  We'll name them and explain why they're
New RansomExx Ransomware Variant Rewritten in the Rust Programming Language

New RansomExx Ransomware Variant Rewritten in the Rust Programming Language

Nov 24, 2022
The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like  BlackCat ,  Hive , and  Luna . The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily designed to run on the Linux operating system, although it's expected that a Windows version will be released in the future. RansomExx, also known as Defray777 and Ransom X, is a  ransomware   family  that's known to be active since 2018. It has since been linked to a number of attacks on government agencies, manufacturers, and other high-profile entities like Embraer and GIGABYTE. "Malware written in Rust often benefits from lower [antivirus] detection rates (compared to those written in more common languages) and this may have been the primary reason to use the language," IBM Security X-Force researcher Charlotte Hammond  said  in a report published this week.
cyber security

UPCOMING WEBINAR: Implementing What's New in NIST CSF 2.0

websiteArmorPointCybersecurity / Webinar
Learn three practical steps to implement the latest version of the NIST CSF on 4/15 at 3pm ET. Register Today!
Android to Support Rust Programming Language to Prevent Memory Flaws

Android to Support Rust Programming Language to Prevent Memory Flaws

Apr 07, 2021
Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project (AOSP) with Rust for the past 18 months, with plans in the pipeline to scale this initiative to cover more aspects of the operating system. "Managed languages like Java and Kotlin are the best option for Android app development," Google  said . "The Android OS uses Java extensively, effectively protecting large portions of the Android platform from memory bugs. Unfortunately, for the lower layers of the OS, Java and Kotlin are not an option." Stating that code written in C and C++ languages requires robust isolation when parsing untrustworthy input, Google said the technique of containing such code within a tightly constrained and unprivileged sandbox can be expensive, causing latency issues and additional
Cybersecurity Resources