-
GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what’s called a Bring Your Own Vulnerable Driver (BYOVD) attack. Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese
-
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, banks, IT companies, and educational institutions. The first-ever compromise dates back to 2021.…
-
Election coverage: May 21 Oregon Primary
-
Major Portland metro manufacturer names new CFO
Michael Donfris comes to the Lake Oswego company from railroad service provider R.J. Corman.
-
Bremik Construction founders Brent Parry, Mike Greenslade retire after 20 years
The duo are leaving the company in the hands of an employee who began working there as an intern in 2008.
-
Renewable energy heavyweight acquires Marion County project, takes aim at Pacific Northwest
There’s a new player in the Pacific Northwest renewable energy and storage market — a big one.
-
Meet the founders behind Oregon City’s newest taproom
Toni Hart and Erin Patterson begin kicking around the idea of opening a taproom prior to Covid.
-
Oregon Community Foundation, Murdock Charitable Trust reveal combined $10M in grants
The money backs an array of organizations, primarily those that work with underrepresented groups.
-
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication. “On instances that use SAML single sign-on (SSO) authentication with the
-
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. “The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox as staging platforms to manage file uploads and downloads,” Securonix
