#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

RustDoor | Breaking Cybersecurity News | The Hacker News

Category — RustDoor
JAVS Courtroom Recording Software Backdoored - Deploys RustDoor Malware

JAVS Courtroom Recording Software Backdoored - Deploys RustDoor Malware

May 24, 2024 Supply Chain Attack / Malware
Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known implant called RustDoor. The software supply chain attack, tracked as CVE-2024-4978 (CVSS score: 8.7), impacts JAVS Viewer v8.3.7, a component of the  JAVS Suite 8  that allows users to create, manage, publish, and view digital recordings of courtroom proceedings, business meetings, and city council sessions. Cybersecurity firm Rapid7  said  it commenced an investigation earlier this month after discovering a malicious executable called "fffmpeg.exe" (note the three Fs) in the Windows installation folder of the software, tracing it to a binary named "JAVS Viewer Setup 8.3.7.250-1.exe" that was downloaded from the official JAVS site on March 5, 2024. "Analysis of the installer JAVS Viewer Setup 8.3.7.250-1.exe showed that it was signed with an unexpected Authenticode ...
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

Feb 16, 2024 Endpoint Security / Cryptocurrency
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was  first documented  by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It's distributed by masquerading itself as a Visual Studio update. While prior evidence uncovered at least three different variants of the backdoor, the exact initial propagation mechanism remained unknown. That said, the Romanian cybersecurity firm subsequently told The Hacker News that the malware was used as part of a targeted attack rather than a shotgun distribution campaign, noting that it found additional artifacts that are responsible for downloading and executing RustDoor. "Some of these first stage downloaders claim to be PDF files with job offerings, but in reality, are scripts that downl...
Navigating the Future: Key IT Vulnerability Management Trends

Navigating the Future: Key IT Vulnerability Management Trends 

Feb 11, 2025Vulnerability / Threat Detection
As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws. Staying informed on these trends can help MSPs and IT teams remain one step ahead of potential cyber-risks. The Kaseya Cybersecurity Survey Report 2024 navigates this new frontier of cyber challenges. The data is clear: Organizations are becoming increasingly reliant on vulnerability assessments and plan to prioritize these investments in 2025. Companies are increasing the frequency of vulnerability assessments  In 2024, 24% of respondents said they conduct vulnerability assessments more than four times per year, up from 15% in 2023. This shift highlights a growing recognition of the need for continuous monitoring and quick response to emerging t...
Expert Insights / Articles Videos
Cybersecurity Resources