Emojis Control the Malware in Discord Spy Campaign

Pakistani hackers are spying (▀̿Ĺ̯▀Ì¿ Ì¿) on the highly sensitive organizations in India by using emojis (Ծ_Ծ) as malicious commands (⚆ᗝ⚆) and the old Dirty Pipe Linux flaw. [TechWeb]( Follow Dark Reading: [RSS]( June 18, 2024 LATEST SECURITY NEWS & COMMENTARY [Emojis Control the Malware in Discord Spy Campaign]( Pakistani hackers are spying (▀̿Ĺ̯▀̿ Ì¿) on the highly sensitive organizations in India by using emojis (Ô¾_Ô¾) as malicious commands (⚆ᗝ⚆) and the old Dirty Pipe Linux flaw. [China's 'Velvet Ant' APT Nests Inside Multiyear Espionage Effort]( The campaign is especially notable for the remarkable lengths to which the threat actor went to maintain persistence on the target environment. [Scattered Spider Boss Cuffed in Spain Boarding a Flight to Italy]( Accused of hacking into more than 45 companies in the US, a 22-year-old British man was arrested by Spanish police and found to be in control of more than $27 million in Bitcoin. [LA County Dept. of Public Health Data Breach Impacts 200K]( Threat actors were able to breach the department using the credentials accessed through phishing emails. [Addressing Misinformation in Critical Infrastructure Security]( As the lines between the physical and digital realms blur, widespread understanding of cyber threats to critical infrastructure is of paramount importance. [Name That Toon: Future Shock]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Space: The Final Frontier for Cyberattacks]( A failure to imagine — and prepare for — threats to outer-space related assets could be a huge mistake at a time when nation-states and private companies are rushing to deploy devices in a frantic new space race. [CISO Corner: Apple's AI Privacy Promises; CEOs in the Hot Seat]( Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Rockwell's dire ICS warning; a red alert on biometrics; cybersecurity for the Hajj season. [Why Trading Privacy for 'Free' Web Services Must End]( Meta's new subscription model points out the need for clearer and stricter regulations — ones that prioritize consumer privacy and control of personal data. ['Sleepy Pickle' Exploit Subtly Poisons ML Models]( A model can be perfectly innocent, yet still dangerous if the means by which it's packed and unpacked are tainted. [MORE]( PRODUCTS & RELEASES [KnowBe4 Launches PhishER Plus Threat Intel Feature]( [DataBee Launches Innovations for Enhanced Threat Monitoring and Zero Trust Implementation]( [Aim Security Closes $18M Series A to Secure Generative AI Enterprise Adoption]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Apple Intelligence Could Introduce Device Security Risks]( The company focused heavily on data and system security in the announcement of its generative AI platform, Apple Intelligence, but experts worry that companies will have little visibility into data security. LATEST FROM THE EDGE [Some Skills Should Not Be Ceded to AI]( AI tools keep trying to take away all the fun jobs. Here are just a few of the reasons for cybersecurity folks (and others) to skip the writing cheats. LATEST FROM DR TECHNOLOGY [Chorology.ai Tackles Data Governance]( The company emerged from stealth with an AI-powered platform designed to give organizations visibility into unmanaged data. LATEST FROM DR GLOBAL [Bug Bounty Programs, Hacking Contests Power China's Cyber Offense]( With the requirement that all vulnerabilities first get reported to the Chinese government, once-private vulnerability research has become a goldmine for China's offensive cybersecurity programs. WEBINARS - [Empowering Developers, Automating Security: The Future of AppSec]( - [Preventing Attackers From Wandering Through Your Enterprise Infrastructure]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [SecOps Checklist]( - [Shining a light in the dark: observability and security, a SANS profile]( - [Shining a light in the dark: observability and security, a SANS profile]( - [A Short Primer on Container Scanning]( - [ESG E-Book: Taking a Holistic Approach to Securing Cloud-Native Application Development]( - [The Cloud Threat Landscape: Security learnings from analyzing 500+ cloud environments]( - [The Future of Cloud Security: Attack Paths & Graph-based Technology]( [View More White Papers >>]( FEATURED REPORTS - [2024 InformationWeek US IT Salary Report]( - [2023 Global Threat Report]( - [EMA: AI at your fingertips: How Elastic AI Assistant simplifies cybersecurity]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=124091&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_06.18.24&sp_cid=53971&utm_content=DR_NL_Dark%20Reading%20Daily_06.18.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#c0 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)