PurpleUrchin Gang Embraces DevOps in Massive Cloud Malware Campaign

The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger. [TechWeb]( Follow Dark Reading: [RSS]( January 09, 2023 LATEST SECURITY NEWS & COMMENTARY [PurpleUrchin Gang Embraces DevOps in Massive Cloud Malware Campaign]( The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger. [Russia-Linked Turla APT Sneakily Co-Opts Ancient Andromeda USB Infections]( Using command-and-control servers from the decade-old Andromeda malware, the group is installing reconnaissance tools and a backdoor on previously infected systems to target Ukrainian victims. [From Ferrari to Ford, Cybersecurity Bugs Plague Automotive Safety]( Security vulnerabilities plague automakers, and as vehicles become more connected, a more proactive stance on cybersecurity will be required — alongside regulations. [Don't Be Blindsided by Software Bills of Materials]( It's imperative we collaborate and partner to improve software security. This may require developing tools and standards that can enrich SBOMs and provide deeper analysis. [Vice Society Releases Info Stolen From 14 UK Schools, Including Passport Scans]( In what's become a pattern, the cybercriminal ring stole data, demanded payment, and posted personal information when ransom was denied. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Five Guys Data Breach Puts HR Data Under a Heat Lamp]( Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack. [Rackspace Sunsets Email Service Downed in Ransomware Attack]( The hosting services provider shared new details on the breach that took down its Hosted Exchange Email service. [How to Ensure Cybersecurity Investments Remain a Priority Across Your Organization]( Collaboration across all business units is key to building a robust cybersecurity program. [MORE]( LATEST FROM THE EDGE [In Memoriam: Remembering Those Who Passed]( Security stands on the shoulders of giants. We take a moment to remember their contributions toward keeping people, data, and systems safe. EDITORS' CHOICE [200M Twitter Profiles, With Email Addys, Dumped on Dark Web for Free]( A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping. LATEST FROM DR TECHNOLOGY [2023 Will See Renewed Focus on Quantum Computing]( Adopting post-quantum cryptography has been discussed for years; now it's time for organizations to get to work. WEBINARS - [The Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them]( It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard "click and infect" attack ... - [A Roadmap to Zero Trust: Steps for Meaningful Progress Amongst the Hype]( Join this webinar as our Zero Trust experts discuss "quick wins" like: --Enforcing strong multifactor authentication and Zero Trust policies for critical applications. --Closing inbound ports open to the Internet. --Areas not always included in the Zero Trust conversation, like ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( - [How Hybrid Work Fuels Ransomware Attacks]( [View More White Papers >>]( FEATURED REPORTS - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [LogRhythm Enhances Security Analytics With Expanded Security Operations Capabilities]( [Check Point Research Reports a 38% Increase In 2022 Global Cyberattacks]( [Maternal & Family Health Services Issues Notice Of Cybersecurity Incident]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)