Since 2022, a stealthy Linux malware called "sedexp" has evaded detection using a persistence technique not yet included in the MITRE ATT&CK framework. The malware, which was discovered by researchers at the risk management company Stroz Friedberg, allows its operators to create reverse shells for remote access and further the attack. At this time, the researchers point out MITRE ATT&CK has not documented the persistence technique used, emphasizing that sedexp is an advanced threat hiding in plain sight.

Meta Platforms has announced that the same Iranian hacking group believed to have recently targeted both the Democratic and Republican presidential campaigns tried to compromise the WhatsApp accounts of staffers in the administrations of President Joe Biden and former President Donald Trump. Meta discovered the network of hackers who posed as tech support agents for AOL, Microsoft, Yahoo, and Google after suspicious WhatsApp messages were reported. Meta investigators connected the activity to the network blamed for Trump's recent campaign hacking.

The national association for amateur radio American Radio Relay League (ARRL) recently revealed that it paid out a $1 million ransom after a disruptive May 2024 ransomware attack.  The attack occurred on May 15 and resulted in multiple systems within ARRL’s internal network being encrypted, including desktops, laptops, and Windows and Linux servers.

Texas Dow Employees Credit Union (TDECU) started notifying over 500,000 individuals that their personal information was compromised in the MOVEit campaign last year.  Conducted by the Russian-speaking Cl0p ransomware group, the hack came to light on May 31, 2023, when Progress Software warned that hackers had exploited a zero-day in the MOVEit Transfer managed file transfer (MFT) software, tracked as CVE-2023-34362, to access customer data.

MIT researchers have proposed a way to make a smaller, more noise-tolerant quantum factoring circuit for cryptography. Quantum computers are expected to quickly break complex cryptographic systems that classical computers cannot, a promise based on a quantum factoring algorithm proposed by MIT professor Peter Shor in 1994. Although researchers have made progress in the last 30 years, they have yet to build a quantum computer that is powerful enough to run Shor's algorithm.

The 33rd USENIX Security Symposium awarded CyLab researchers Matt Fredrikson and Bryan Parno prestigious "Test of Time" awards for papers that have significantly impacted their fields. Fredrikson received the USENIX Security Test of Time Award for his co-authored paper titled "Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing," which initiated the study of privacy in pharmacogenetics.

After breaching a target's network, "Qilin," the ransomware group suspected to have been behind the recent Synnovis attack, stole credentials stored in Google Chrome. According to researchers at Sophos X-Ops who detected the activity, this is an unusual tactic for ransomware groups as Qilin not only conducted an extortion attack but also carried out a credentials-harvesting scheme. This article continues to discuss Qilin's theft of credentials stored in Google Chrome.

Researchers have discovered a new macOS malware strain called "TodoSwift" that resembles the known malicious software used by North Korean hacking groups. According to Kandji security researcher Christopher Lopez, TodoSwift behaves similarly to malware originating in North Korea (DPRK), such as "KANDYKORN" and "RustBucket." This article continues to discuss findings regarding the TodoSwift macOS malware.

THN reports "New macOS Malware TodoSwift Linked to North Korean Hacking Groups"