APT37 combines cloud storage and USB implants to infiltrate air-gapped systems

Ali NematiMar 225 sec read8 views

North Korea-linked APT37 used Zoho WorkDrive and USB-based malware in a campaign called Ruby Jumper to infiltrate air-gapped systems, deploying tools like RESTLEAF and SNAKEDROPPER for surveillance and data exfiltration. This highlights the evolving threat landscape where attackers leverage cloud services and physical media to breach isolated networks, underscoring the need for enhanced endpoint security measures.

Read the full article at Security Affairs

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Comments

Kali Linux Enhances AI-driven Penetration Testing with Local Ollama, 5ire, and MCP Kali Server

Kali Linux introduced a local AI-driven penetration testing setup using Ollama, 5ire, and MCP Kali Server, eliminating reliance on third-party cloud s...Kali Linux introduced a local AI-driven penetration testing setup using Ollama, 5ire, and MCP Kali Server, eliminating reliance on third-party cloud services for privacy reasons. This development allows security professionals to perform autonomous, o...

Ali Nemati

CybersecurityOct 22, 202534 sec read

TCP #108: F5 BIG-IP + AWS Woes; Scaling 1 Million K8s Nodes; and Product News

Key highlights include Datadog's LLM-powered PR reviewer "BewAIre" that detects risky pull requests by analyzing author behavior, code diffs, and file...Key highlights include Datadog's LLM-powered PR reviewer "BewAIre" that detects risky pull requests by analyzing author behavior, code diffs, and file metadata; AI security startup Keycard raising $38M for task-level permissions in AI agents; Veeam a...

Ali Nemati

AI & Machine Learning1 day ago26 sec read

Your Stack Choice Is Coding Agent's Safety Net

The article discusses how modern development stacks should protect against errors when using AI agents for code generation. It emphasizes the importan...The article discusses how modern development stacks should protect against errors when using AI agents for code generation. It emphasizes the importance of type systems, declarative schemas, and enforced access control to minimize mistakes in areas l...

Ali Nemati

Cybersecurity1 day ago25 sec read

Google Cloud warns cloud misconfigurations and identity security gaps pose growing risks to critical infrastructure systems

Google Cloud's report highlights that basic security failures such as weak credentials and misconfigurations are major causes of cloud breaches, empha...Google Cloud's report highlights that basic security failures such as weak credentials and misconfigurations are major causes of cloud breaches, emphasizing the need for stronger identity management and continuous monitoring to protect against sophis...

Ali Nemati

Cybersecurity1 day ago23 sec read

AWS Security Hub is expanding to unify security operations across multicloud environments

AWS is expanding its Security Hub to unify security operations across multicloud environments, offering a single experience for managing risks and vul...AWS is expanding its Security Hub to unify security operations across multicloud environments, offering a single experience for managing risks and vulnerabilities. This expansion aims to simplify security management for enterprises by providing consi...

Ali Nemati

APT37 combines cloud storage and USB implants to infiltrate air-gapped systems

Related Articles

Kali Linux Enhances AI-driven Penetration Testing with Local Ollama, 5ire, and MCP Kali Server

TCP #108: F5 BIG-IP + AWS Woes; Scaling 1 Million K8s Nodes; and Product News

Your Stack Choice Is Coding Agent's Safety Net

Google Cloud warns cloud misconfigurations and identity security gaps pose growing risks to critical infrastructure systems

AWS Security Hub is expanding to unify security operations across multicloud environments