RustDoor | Breaking Cybersecurity News | The Hacker News

Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known implant called RustDoor. The software supply chain attack, tracked as CVE-2024-4978 (CVSS score: 8.7), impacts JAVS Viewer v8.3.7, a component of the  JAVS Suite 8  that allows users to create, manage, publish, and view digital recordings of courtroom proceedings, business meetings, and city council sessions. Cybersecurity firm Rapid7  said  it commenced an investigation earlier this month after discovering a malicious executable called "fffmpeg.exe" (note the three Fs) in the Windows installation folder of the software, tracing it to a binary named "JAVS Viewer Setup 8.3.7.250-1.exe" that was downloaded from the official JAVS site on March 5, 2024. "Analysis of the installer JAVS Viewer Setup 8.3.7.250-1.exe showed that it was signed with an unexpected Authenticode ...

Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was  first documented  by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It's distributed by masquerading itself as a Visual Studio update. While prior evidence uncovered at least three different variants of the backdoor, the exact initial propagation mechanism remained unknown. That said, the Romanian cybersecurity firm subsequently told The Hacker News that the malware was used as part of a targeted attack rather than a shotgun distribution campaign, noting that it found additional artifacts that are responsible for downloading and executing RustDoor. "Some of these first stage downloaders claim to be PDF files with job offerings, but in reality, are scripts that downl...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...