Windows Virus | Breaking Cybersecurity News | The Hacker News

North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat (APT) as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the infiltrations to a North Korean hacker group tracked as  ScarCruft , also known as  APT37 , Reaper Group, InkySquid, and Ricochet Chollima. "The actor utilized three types of malware with similar functionalities: versions implemented in PowerShell, Windows executables and Android applications," the company's Global Research and Analysis Team (GReAT)  said  in a new report published today. "Although intended for different platforms, they share a similar command and control scheme based on HTTP communication. Therefore, the malware operators can control the whole malware family through one set of command and control scripts." Likely active since at least 2012, ScarC...

Cybersecurity researchers have uncovered an ongoing malware campaign that heavily relies on AutoHotkey (AHK) scripting language to deliver multiple remote access trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm on target Windows systems. At least four different versions of the campaign have been spotted starting February 2021, according to researchers from Morphisec Labs. "The RAT delivery campaign starts from an AutoHotKey (AHK) compiled script," the researchers  noted . "This is a standalone executable that contains the following: the AHK interpreter, the AHK script, and any files it has incorporated via the  FileInstall  command. In this campaign, the attackers incorporate malicious scripts/executables alongside a legitimate application to disguise their intentions." AutoHotkey is an open-source custom scripting language for Microsoft Windows that's meant to provide easy hotkeys for macro-creation and software automation, enablin...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

If you use Linux on your company's desktop or server computers, you're likely familiar with the security advantages the open-source operating system offers over Windows and Mac. What many people don't realize, however, is that Linux can also rescue a computer crippled by malware. Malware is a frequent issue in the Windows world, and it can be devastating. When a Windows virus strikes, it can become difficult or even impossible to continue using the affected machine. Moreover, prolonged use can further the infection. Here's how Linux can help you recover from such a situation without ever installing it permanently on your PC. Step 1: Get a LiveCD or Live USB LiveCDs and USBs are great because they let you boot a machine directly from the CD or USB stick without accessing the computer's boot records. They allow you to test Linux and can be used when Windows fails. The fastest way to get a LiveCD or USB is to download the .iso file of the Linux distribution you wan...