Tag: rust
-
Neuer Rust-basierter Infostealer entdeckt – Warnung vor ‘EddieStealer” mit Tarnung als CAPTCHA-Prüfung
First seen on security-insider.de Jump to article: www.security-insider.de/neue-malware-eddiestealer-angriffe-auf-windows-systeme-via-captcha-seiten-a-eb4c4cafde7ac6eea4c7cf08b8f0e6c8/
-
North Korean crypto thieves deploy custom Mac backdoor
North Korean threat actors are targeting companies from the Web3 and crypto industries with a backdoor designed for macOS written in niche programming language Nim. The attackers are also using AppleScript for early stage payloads, including a fake Zoom update.”North Korean-aligned threat actors have previously experimented with Go and Rust, similarly combining scripts and compiled…
-
RIFT: Open-Source Rust Malware Analyzer Released by Microsoft
Tags: cyber, cybercrime, exploit, intelligence, malware, microsoft, open-source, programming, rust, threat, toolAs cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new open-source tool called RIFT to help security analysts combat this growing threat. Rust, renowned for its speed, memory safety, and robustness, is now being exploited for its advantages in creating malware…
-
RIFT: New open-source tool from Microsoft helps analyze Rust malware
Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/30/rift-open-source-microsoft-tool-analyze-rust-malware/
-
Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat
Tags: access, advisory, ai, api, attack, authentication, best-practice, cisa, computer, computing, crypto, cryptography, cyber, cybersecurity, data, defense, encryption, exploit, finance, framework, google, governance, government, group, hacker, healthcare, infrastructure, injection, intelligence, Internet, iran, login, mfa, military, mitigation, mitre, network, nist, passkey, password, programming, ransomware, risk, rust, service, software, strategy, tactics, technology, terrorism, threat, tool, training, vulnerability, warfareCheck out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Dive into five things that are top of mind for the…
-
Lerneffekte aus der aktuell effektivsten Ransomware Qilin
Qilin zählt inzwischen zu den aktivsten und wirkungsvollsten Ransomware-Operationen weltweit. Die Schadsoftware verbreitet sich zunehmend über etablierte Cybercrime-Netzwerke und spielt eine zentrale Rolle in aktuellen Bedrohungsmodellen. Die ersten Versionen wurden 2022 unter dem Namen “Agent” veröffentlicht und später vollständig in Rust neu entwickelt. Ab Ende 2023 gewann die Gruppe durch gezielte Angriffe auf VMware-ESXi-Systeme an…
-
Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users
Cybersecurity researchers have shed light on a previously undocumented Rust-based information stealer called Myth Stealer that’s being propagated via fraudulent gaming websites.”Upon execution, the malware displays a fake window to appear legitimate while simultaneously decrypting and executing malicious code in the background,” Trellix security researchers Niranjan Hegde, Vasantha Lakshmanan First seen on thehackernews.com Jump to…
-
New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers
Tags: browser, chrome, credentials, cyber, cybersecurity, data, google, login, malware, microsoft, programming, rust, threatA newly identified information-stealing malware, crafted in the Rust programming language, has emerged as a significant threat to users of Chromium-based browsers such as Google Chrome, Microsoft Edge, and others. Dubbed >>RustStealer
-
ClickFix used to spread novel Rust-based infostealer
Tags: rustFirst seen on scworld.com Jump to article: www.scworld.com/news/clickfix-used-to-spread-novel-rust-based-infostealer
-
From Code Red to Rust: Microsoft’s Security Journey
At this year’s Build developer conference, Microsoft reflects on what the company learned about securing features and writing secure code in the early 2000s. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/from-code-red-to-rust-microsoft-security-journey
-
Linux 6.15 Launches with Major Performance and Hardware Upgrades
The Linux 6.15 kernel, released on May 25, 2025, marks a pivotal moment in open-source development, introducing several groundbreaking features and technical advancements. Most notably, this release debuts the first Rust-written Direct Rendering Manager (DRM) driver, NOVA, targeting NVIDIA RTX 2000 “Turing” series and newer GPUs. The NOVA driver, written entirely in Rust, represents a…
-
Ransomware-Bande BlackBasta hat neuen Malware-Favoriten
Modularität für verschiedene Zwecke: Die Malware Skitnet verfügt über separate Plug-ins umAnmeldeinformationen zu sammeln,Berechtigungen auszuweiten,sich im Netzwerk lateral zu bewegen undRansomware bereitzustellen.Sie nutzt die Programmiersprachen Rust und Nim, um eine verdeckte Reverse Shell über das DNS-Protokoll zu realisieren. Dadurch ist eine unauffällige C2-Kommunikation möglich.Zusätzlich verwendet Skitnet Verschlüsselung, manuelles Mapping und dynamische API-Auflösung, um nicht entdeckt…
-
Skitnet malware: The new ransomware favorite
Tags: access, api, awareness, cybersecurity, data, detection, dns, encryption, malware, phishing, powershell, programming, ransomware, risk, rust, tool, trainingMalware employs advanced obfuscation: According to a Prodaft description, Skitnet uses Rust and Nim programming languages to execute a stealthy reverse shell over DNS, which is a method of covert C2 Communication using the DNS protocol instead of HTTP or other typical channels.Additionally, the malware leverages encryption, manual mapping, and dynamic API resolution to evade…
-
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
Tags: access, api, apt, attack, authentication, backdoor, backup, breach, business, china, cloud, control, cve, cyber, data, data-breach, detection, dns, encryption, endpoint, espionage, exploit, finance, firewall, fortinet, google, government, group, infection, infrastructure, intelligence, Internet, ivanti, linux, malicious, malware, mandiant, military, network, open-source, programming, rat, remote-code-execution, reverse-engineering, risk, rust, sap, service, strategy, tactics, threat, tool, update, vmware, vpn, vulnerability, windows, zero-dayExecutive Summary EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs (advanced persistent threat) launched high-temp exploitation campaigns against critical infrastructure networks by targeting SAP NetWeaver Visual Composer. Actors leveraged CVE-2025-31324 [1], an unauthenticated file upload vulnerability that enables remote code execution (RCE). This assessment is based on a publicly…
-
Sudo-rs make me a sandwich, hold the buffer overflows
Ubuntu 25.10 fitted with Rust-written admin tool by default for memory safety’s sake First seen on theregister.com Jump to article: www.theregister.com/2025/05/08/ubuntu_2510_makes_rusk_sudo_default/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43
Tags: attack, backdoor, botnet, china, crypto, fraud, infrastructure, international, malware, nfc, rust, supply-chainSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation New Rust Botnet >>RustoBot
-
Introducing Rust in SonarQube
The popularity of the Rust programming language is growing. Rustaceans have been asking for SonarQube to support Rust and now it’s here! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/introducing-rust-in-sonarqube/
-
New “ReaderUpdate” macOS Malware Evolves with Nim and Rust Variants
Security researchers at SentinelOne have discovered that ReaderUpdate, a macOS malware loader platform that has been active since at least 2020, has significantly evolved with new variants written in multiple programming languages. The malware, which previously went relatively unnoticed by many vendors, now includes versions written in Crystal, Nim, Rust, and most recently Go, in…
-
New ReaderUpdate malware variants target macOS users
New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. ReaderUpdate is a macOS malware loader that has been active since 2020, the malicious code…
-
macOS Users Warned of New Versions of ReaderUpdate Malware
macOS users are targeted with multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages. The post macOS Users Warned of New Versions of ReaderUpdate Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/macos-users-warned-of-new-versions-of-readerupdate-malware/
-
Researchers Compare Malware Development in Rust vs C and C++
Security researcher Nick Cerne from Bishop Fox has published findings comparing malware development in Rust versus traditional C/C++ languages. The research demonstrates how Rust provides inherent anti-analysis features that make malware more difficult to reverse engineer. According to Cerne’s analysis, languages like Rust, Go, and Nim have become increasingly popular among malware authors for two…
-
New Rust-Based Linux Kernel Module Unveiled to Detect Rootkits
A recent development in Linux kernel security has led to the creation of a Rust-based kernel module designed to detect rootkits, a type of malware that can hide itself and other malicious activities from system administrators. This project, part of an internship at Thalium, focuses on enhancing malware detection capabilities within Linux systems, which are…
-
Ubuntu 25.10 plans to swap GNU coreutils for Rust
Tags: rustIt’s easier to replace bits of userland than the kernel First seen on theregister.com Jump to article: www.theregister.com/2025/03/19/ubuntu_2510_rust/
-
New Linux Kernel Code Written in Rust Aims to Eliminate Memory Safety Bugs
The integration of Rust into the Linux kernel is a significant step forward in enhancing memory safety, a critical aspect of kernel development. This effort, known as Rust for Linux, began in 2021 with the publication of an RFC by Miguel Ojeda, the project’s primary maintainer. The goal is not to rewrite the entire kernel…
-
Strap in, get ready for more Rust drivers in Linux kernel
Likening memory safety bugs to smallpox may not soothe sensitive C coders First seen on theregister.com Jump to article: www.theregister.com/2025/03/10/rust_drivers_expected_to_become/
-
Rust vs. C, Linux’s Uncivil War
Kernel Panic in the Rust Belt. Memory safety: GOOD. Cheese motion: BAD. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/rust-linux-war-richixbw/