In this episode of Cybersecurity Today, host David Shipley covers a range of cyber threats including the Venom Spider malware targeting HR professionals, the emergence of the Noodlofile info stealer disguised as an AI video generator, and misinformation campaigns amid the India-Pakistan conflict. Additionally, the episode discusses warnings from U.S. agencies about cyberattacks on the oil and gas sector, and highlights a recent interview with whistleblower Daniel Brules about security lapses at the National Labor Relations Board.
00:00 Introduction and Overview
00:33 Venom Spider Targets HR Professionals
02:12 Fake AI Video Generators and Noodlofile Malware
03:41 Misinformation Amid India-Pakistan Conflict
05:40 US Oil and Gas Infrastructure Under Threat
07:22 Conclusion and Final Thoughts
Episode Transcript
Cyber criminals.
Target HR professionals with venomspider malware, fake AI video generators,
drop new noodle file info, stealermalware, rumors of a massive cyber
attack, fly alongside missiles inthe India Pakistan conflict and cs.
A warns of a cyber attacks targetingthe US oil and gas infrastructure.
(00:27):
This is Cybersecurity today, andI'm your host, David Shipley.
Threat actors are targetingorganizations by disguising their
malware payloads as resume submissionsto human resources departments.
Sean Nichols from SC Media reported thisweekend that a privately run malware
operation known as Venom Spider, hasbeen targeting HR professionals by way of
(00:49):
phony resume submissions and fake personalwebsites pretending to be job seekers.
The threat actors are believed tobe financially motivated using the
malware to harvest user credentials andaccount details from infected systems.
In the past, venom Spider looked forlow hanging fruit, typically going after
e-commerce sites and payment portals.
(01:10):
However, the threat actors havebroadened their horizons and have
pivoted to targeting HR portalsand job hunting services such as
LinkedIn as the initial threat factor.
The turn in venom spider's tacticswas reported by Arctic Wolf.
Going after HR teams with resumethemed blurs is a tried and
true cyber criminal tactic.
(01:32):
Some of the earliest stories onthis go back to 2017 when ransomware
gangs turned to fake job applicationsto distribute their malware.
In addition to specific trainingfor HR teams who handle submitted
resumes via email or online portals.
Providing tools to help theseteams, either in the form of safer
submission methods or additionalscanning and scrutiny for files
(01:54):
sent to them is well warranted.
It's also a reminder to everyonelistening that attackers recycle tactics,
and it's not just about focusing yourdefensive efforts on the latest and
greatest trends in threat actor activity.
What's old often becomes new again.
Fake AI powered video generationtools are being used to distribute
(02:16):
a new information stealing malwarefamily called Noodlofile file under
the guise of generated media content.
The websites use enticing names likeDream Machine and are advertised on
high visibility groups on Facebook.
Posing is advanced artificialintelligence tools that generate
videos based on uploaded user files.
(02:36):
Reports build Toollessfor bleeping computer.
Although the use of AI tools to delivermalware isn't a new concept, and it's been
adopted by cybersecurity criminals who arequite experienced, the discovery of the
latest campaign by Morphos SEC introducesa new info stealer into the mix.
As a reminder, the recent DisneySlack data breach was also the
(02:58):
result of someone dowNoodlofileadingwhat they thought was an AI tool.
Noodlofile file is a new informationstealer malware that targets data
stored on web browsers like accountcredentials, session cookies, tokens,
and cryptocurrency wallet files.
New low file Steeler represents a newaddition to the malware ecosystem.
(03:19):
Previously undocumented in publicmalware trackers or reports.
This Steeler combines browser credentialtheft wallet, exfiltration, and
optional remote access deployment.
End explain the morphy SEC researchers.
Stolen data is exfiltrated viaTelegram bot, which serves as a covert
command and control, or C two server.
(03:41):
Giving attackers real-time access tostolen information admits the chaos of
the current India Pakistan conflict.
Rumors of impending cyber attacks onIndia's financial services sector have
been circulating across social mediain a massive misinformation campaign.
India's business today reported Fridaythat a wave of misinformation was
(04:02):
circulated on social media platforms,particularly WhatsApp warning users
of a supposed nationwide cyber attack.
The viral message falsely claimed that aransomware attack attributed to Pakistan
will lead to all ATMs in the countrybeing shut down for two to three days.
The message also references a so-calledvideo titled quote, dance of the Hillary
(04:26):
End Quote, which it alleges containsa virus capable of formatting users'
mobile devices upon being opened.
Indian authorities have confirmedthat no such threat is known to exist.
India's Press Information Bureau,or PIB has officially debunked the
claims labeling as entirely false.
PIB urged the public not to believeor forward these kinds of messages
(04:50):
emphasizing the importance of verifyinginformation before sharing it.
Officials continue to encourage users torely on trusted sources for cybersecurity
updates, and to report suspicious contentto help curb the spread of misinformation.
This latest misinformation campaigncomes in the heels of rumors that
Pakistan's military had hackedup to 70% of India's power grid.
(05:13):
Another claim that Indiahas strongly rebuked.
Interestingly, India appeared toengage its financial services sector
ahead of its military action lastweek with the Indian Express reporting
that major banks have been warned tostep up their cybersecurity efforts.
On Friday evening, India's financeminister also chaired a review meeting
on cybersecurity preparedness ofbanks and financial institutions.
(05:40):
Cybersecurity and infrastructure securityagency, or CISA, along with the FBI,
department of Energy and EnvironmentalProtection Agency has warned organizations
of cyber tax targeting operationaltechnology and industrial control systems
in the US oil and natural gas sector.
According to the government agencies,while cyber criminals usually implement
(06:00):
basic and elementary intrusion techniquesfor attacks on such infrastructure,
the presence of poor cyber hygieneand exposed assets can lead to
severe impact, including operationaldisruptions and physical damage.
Swedish Schwar reports for CISO online,Gabriel Hempel, security operations
(06:20):
strategist and threat intelligenceresearcher for the Exabeam 10 18
team echoed the advisory's concern inan interview with CSO online quote.
There's definitely some systemic negligentin addressing known vulnerabilities.
End quote, Hempel said, quote, theenergy sector and a lot of critical
infrastructure often relies onlegacy systems, either not having
(06:42):
the means or the knowledge toproperly lock down their landscape.
End quote.
A reminder for Canadian listeners thatCanada failed to pass cyber critical
infrastructure legislation this spring forits oil and gas sector, and that Canada
suffered a major breach in the last fewyears where a Russian threat actor tried
to actually cause a physical incident.
(07:04):
CISA's warning comes as it faces anearly 20% budget cut and a strategy
shift at the federal level to shiftmore responsibility to the state level.
Both of these moves could leave thenation more at risk from hostile actors
targeting critical infrastructure.
Finally, if you haven't listened toJim's phenomenal weekend interview
(07:25):
with Daniel Brules, the former NationalLabor Relations Board IT staffer,
and now high profile whistlebloweron security issues related to Doge.
You should take 30 minutes and catch up.
Jim and Daniel dive into a seriesof significant security lapses
that defy logic and reason.
We are always interested in youropinion, and you can contact us at
(07:48):
editorial@technewsday.ca or leavea comment under the YouTube video.
I've been your host, DavidShipley, sitting in for Jim Love,
who will be back on Wednesday.
Thanks for listening.
I.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
Ridiculous History
History is beautiful, brutal and, often, ridiculous. Join Ben Bowlin and Noel Brown as they dive into some of the weirdest stories from across the span of human civilization in Ridiculous History, a podcast by iHeartRadio.