US Aerospace Contractor Hacked With 'PowerDrop' Backdoor | Researchers Spot a Different Kind of Magecart Campaign

Hackers used a little to do a lot, cracking a high-value target with hardly more than the living-off-the-land tools (PowerShell especially) found on any standard Windows computer. [TechWeb]( Follow Dark Reading: [RSS]( June 08, 2023 LATEST SECURITY NEWS & COMMENTARY [US Aerospace Contractor Hacked With 'PowerDrop' Backdoor]( Hackers used a little to do a lot, cracking a high-value target with hardly more than the living-off-the-land tools (PowerShell especially) found on any standard Windows computer. [Researchers Spot a Different Kind of Magecart Card-Skimming Campaign]( In addition to injecting a card skimmer into target Magento, WooCommerce, Shopify, and WordPress sites, the threat actor is also hijacking targeted domains to deliver the malware to other sites. [Microsoft Links MOVEit Attack to Cl0p as British Airways, BBC Fall]( Some billion-dollar organizations have already been identified as victims of the prolific ransomware group's latest exploit, amidst ongoing attacks. [Mass Exploitation of Zero-Day Bug in MOVEit File Transfer Underway]( With shades of the GoAnywhere attacks, a cyber threat actor linked to FIN11 is leveraging a bug in the widely used managed file transfer product to steal data from organizations in multiple countries. [Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace]( No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say. [Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort]( Russia's FSB intelligence agency says the zero-click attacks range far beyond Kaspersky, and it has blamed them on the United States' NSA. Those allegations are thus far uncorroborated. [Streamers Ditch Netflix for Dark Web After Password Sharing Ban]( Disgruntled users are pursuing offers for "full Netflix access" at steeply discounted rates. [ChatGPT Hallucinations Open Developers to Supply Chain Malware Attacks]( Attackers could exploit a common AI experience — false recommendations — to spread malicious code via developers that use ChatGPT to create software. [Cyber Essentialism & 'Doing Less With Less']( Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy. [The Case for a Federal Cyber-Insurance Backstop]( By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack. [After 'Inception' Attack, New Due Diligence Requirements Are Needed]( To stem supply chain attacks, forging a new dynamic of shared cybersecurity hygiene accountability is the right thing to do. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Where SBOMs Stand Today]( It's been two years since Executive Order 14028. By using SBOMs as a standard, organizations can manage software risks, protect their reputation, and improve their cybersecurity posture. [Want Sustainable Security? Find Middle Ground Between Tech & Education]( The winning recipe for sustainable security combines strategic user education and tactical automation of well-constructed processes. [Filling the Gaps: How to Secure the Future of Hybrid Work]( By enhancing remote management and adopting hardware-enforced security, productivity can continue without inviting extra cyber-risk. [MORE]( EDITORS' CHOICE [Cl0p Claims the MOVEit Attack; Here's How the Gang Did It]( A researcher guides Dark Reading through the most important bits of Cl0p's latest exploit. LATEST FROM DR GLOBAL ['PostalFurious' SMS Attacks Target UAE Citizens for Data Theft]( SMS campaigns targeting members of the public in the United Arab Emirates have been detected. LATEST FROM THE EDGE [Name That Edge Toon: Spring Chickens]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY [Defenders Buckle Up for a Future of Detecting Deepfakes]( Today technology companies have high success rates against generative AI-created voices and videos, but future detection will be much more difficult. WEBINARS - [The Future is CNAPP: Cloud Security From Prevention To Threat Detection]( Cloud-native development introduces unique attack vectors that are challenging to identify and are evolving rapidly. Join us as we take a deeper look into common cloud attack paths in the wild and discuss strategies for how to combat them before ... - [Secrets to a Successful Managed Security Service Provider Relationship]( Sometimes, the security team you have just isn't enough. To help keep up with security threats 24/7 - and to bolster skills the team may not have -- many enterprises are working with managed security service providers (MSSPs) and security providers ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Adopting a Defense-in-Depth Approach to IT Security]( - [The State of Cybersecurity: 2023 Trends Report]( - [Cymulate Named Innovation Leader, Frost & Sullivan's - Frost Radar BAS, 2022]( - [The 3 Approaches to Breach & Attack Simulation Technologies]( - [What Are the Top and Niche Use Cases for Breach and Attack Simulation Technology?]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [BioCatch Strengthens Collaboration With Microsoft Cloud for Financial Services]( [Radiflow's CIARA 4.0 Delivers Actionable Insights to Simplify the Management of OT Cyber-Risk at Industrial Facilities]( [BeyondID Launches Initiative to Accelerate Zero Trust With Okta Identity Engine]( [ILTA and Conversant Group Release Cybersecurity Benchmarking Survey of the Legal Industry]( [Red Sift Launches Relevance Detection as GPT-4-Powered Asset Discovery and Classification Solution]( [Netskope Intelligent SSE Selected by Transdev to Secure and Connect its Hybrid Workforce]( [Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members]( [With SEC Rule Changes on the Horizon, Research Reveals Only 14% of CISOs Have Traits Desired for Cyber Expert Board Positions]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Everything You Need to Know About DNS Attacks]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)