Lifeboat Foundation

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.

BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security researcher Ryan Robinson said in a report published Sunday.

Evidence shows that the loader is being used in several campaigns targeting both English and Russian-speaking individuals, primarily singling out users looking for generic cracked software as well as business professionals in finance and administration by passing it off as accounting software.

BrazenBamboo exploits an unpatched FortiClient flaw to steal VPN credentials using DEEPDATA malware. Fortinet users advised to stay alert.

The Semperis Hybrid Identity Protection conference kicked off today in New Orleans, gathering identity security experts, practitioners, and thought leaders to explore the evolving world of hybrid identity. This year’s conference, more relevant than ever, highlights a fundamental shift in how organizations approach identity—not just as a tool for managing user access but as a critical layer of cybersecurity that shapes an organization’s defensive posture. In an era of remote work, cloud adoption, and advanced cyber threats, identity has become the new perimeter, making events like HIP essential for fostering innovation, resilience, and collective knowledge in the industry.

Historically, identity management was an IT utility—a straightforward way to grant employees access to necessary resources. However, as digital transformations swept through organizations, the role of identity shifted dramatically. Identity is now central to security strategies, especially with the explosion of SaaS applications, remote access, and mobile workforces. For many organizations, identity is not just about provisioning accounts; it’s the first and last line of defense against unauthorized access and data breaches.

This transition has led to a realignment within organizations, where identity management is increasingly overseen by CISOs rather than traditional IT teams. CISOs recognize that identity management is a security function with direct implications on risk mitigation, compliance, and resilience.

AI be leveraged to improve cybersecurity and health equity #PopHealthIT

For Global Health Equity Week, HIMSS senior principal of cybersecurity and privacy Lee Kim describes some of the ways how privacy and security intersect with health access and patient engagement – and how artificial intelligence can help.

Your Social Security number is essential for finding employment, filing taxes and applying for credit. It can also be a nightmare to recover if thieves get a hold of your SSN and use it to apply for jobs, open accounts in your name and steal your tax refund.

Blocking electronic access to your SSN may feel extreme — it’s certainly inconvenient. But if you’ve been a victim of identity theft or your personal identifiable information was compromised in a recent data breach, like the hacks of Change Healthcare or National Public Data, where hundreds of millions of people were impacted, locking your SSN may protect you from future harm.

Blocking access or “locking” your SSN will make it extremely difficult for an identity thief to use your SSN for malicious actions. This, coupled with a credit freeze, can help stop identity thieves in their tracks.

Hackers are using a novel technique that abuses extended attributes for macOS files to deliver a new trojan that researchers call RustyAttr.

The threat actor is hiding malicious code in custom file metadata and also uses decoy PDF documents to help evade detection.

The new technique is similar to how the Bundlore adware in 2020 hid its payloads in resource forks to hide payloads for macOS. It was discovered in a few malware samples in the wild by researchers at cybersecurity company Group-IB.

Ymir ransomware exploits memory management to evade detection, targeting credentials for stealthy network breaches.

There is a way to merge multiple ZIP files into one and thus hide malware.

Scientists have developed an AI-based authentication scheme to enhance vehicle security in the Internet of Vehicles (IoV).

Scientists claim to have developed an artificial intelligence tool to consolidate the privacy of vehicles and their drivers.

How to preserve the privacy of the so-called Internet of Vehicles (IoV) has emerged as a major challenge due to geographical mobility of vehicles and insufficient resources, the scientists say.

Continue reading “AI-based authentication scheme can safeguard vehicles from cyber threats” »