Quotidien Shaarli

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks.

Kryptina's adoption by Mallox affiliates complicates malware tracking as ransomware operators blend different codebases into new variants.

• Kryptina evolved from a free tool on public forums to being actively used in enterprise attacks, particularly under the Mallox ransomware family.
• In May 2024, a Mallox affiliate leaked staging server data, revealing that their Linux ransomware was based on a modified version of Kryptina.
• The affiliate made superficial changes to source code and documentation, stripping Kryptina branding but retaining core functionality.
• The adoption of Kryptina by Mallox affiliates exemplifies the commoditization of ransomware tools, complicating malware tracking as affiliates blend different codebases into new variants.
• This original research was presented by the author at LABScon 2024 in Scottsdale, Arizona.

The U.S. intelligence community on Monday said Russia is responsible for recent videos shared on social media that sought to denigrate Vice President Kamala Harris, including one that tried to implicate her in a hit-and-run accident.

Spy agencies also assess that Russian influence actors were responsible for altering videos of the vice president's speeches — behavior consistent with Moscow’s broader efforts to boost former President Donald Trump’s candidacy and disparage Harris and the Democratic Party, an official with the Office of the Director of National Intelligence said during a press briefing.

North Korea's IT workforce presents a persistent and escalating cyber threat.