FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
☐ ☆ ✇ The Hacker News

Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility

Par : [email protected] (Ravie Lakshmanan)
Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve persistence on compromised systems. The intrusions, which leverage brute-force attacks as an initial compromise vector, stand out for their use of the utility "sqlps.exe," the tech giant said in a series of tweets. The ultimate goals of the
☐ ☆ ✇ The Hacker News

U.S. Warns Against North Korean Hackers Posing as IT Freelancers

Par : [email protected] (Ravie Lakshmanan)
Highly skilled software and mobile app developers from the Democratic People's Republic of Korea (DPRK) are posing as "non-DPRK nationals" in hopes of landing freelance employment in an attempt to enable the regime's malicious cyber intrusions. That's according to a joint advisory from the U.S. Department of State, the Department of the Treasury, and the Federal Bureau of Investigation (FBI)
☐ ☆ ✇ The Hacker News

Microsoft Warns of "Cryware" Info-Stealing Malware Targeting Crypto Wallets

Par : [email protected] (Ravie Lakshmanan)
Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks. The tech giant dubbed the new threat "cryware," with the attacks resulting in the irreversible theft of virtual currencies by means of fraudulent transfers to an adversary-controlled wallet. "Cryware are information stealers that
☐ ☆ ✇ The Hacker News

Russian Conti Ransomware Gang Threatens to Overthrow New Costa Rican Government

Par : [email protected] (Ravie Lakshmanan)
The notorious Conti ransomware gang, which last month staged an attack on Costa Rican administrative systems, has threatened to "overthrow" the new government of the country. "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power," the group said on its official website. "We have our insiders in your government. We are also
☐ ☆ ✇ The Hacker News

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

Par : [email protected] (Ravie Lakshmanan)
A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. "Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its various payloads and perform its infection status updates to the server," researchers from Jamf Threat
☐ ☆ ✇ The Hacker News

Are You Investing in Securing Your Data in the Cloud?

Par : [email protected] (The Hacker News)
Traditional businesses migrating to the cloud need robust information security mechanisms. Gartner predicts that more than 95% of new digital workloads will continue to be deployed on cloud-native platforms by 2025. Robust cloud data security is imperative for businesses adopting rapid digital transformation to the cloud. While a traditional hosting model could be considered more secure, not all
☐ ☆ ✇ The Hacker News

U.S. Charges Venezuelan Doctor for Using and Selling Thanos Ransomware

Par : [email protected] (Ravie Lakshmanan)
The U.S. Justice Department on Monday accused a 55-year-old cardiologist from Venezuela of being the mastermind behind Thanos ransomware, charging him with the use and sale of the malicious tool and entering into profit sharing arrangements. Moises Luis Zagala Gonzalez, also known by the monikers Nosophoros, Aesculapius, and Nebuchadnezzar, is alleged to have both developed and marketed the
☐ ☆ ✇ The Hacker News

New Sysrv Botnet Variant Hijacking Windows and Linux with Crypto Miners

Par : [email protected] (Ravie Lakshmanan)
Microsoft is warning of a new variant of the srv botnet that's exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers. The cryptojacking botnet first emerged in December 2020. "Sysrv-K scans the
☐ ☆ ✇ The Hacker News

Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer

Par : [email protected] (Ravie Lakshmanan)
More than 200 Android apps masquerading as fitness, photo editing, and puzzle apps have been observed distributing spyware called Facestealer to siphon user credentials and other valuable information.  "Similar to Joker, another piece of mobile malware, Facestealer changes its code frequently, thus spawning many variants," Trend Micro analysts Cifer Fang, Ford Quin, and Zhengyu Dong said in a
☐ ☆ ✇ The Hacker News

Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability

Par : [email protected] (Ravie Lakshmanan)
Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw
☐ ☆ ✇ The Hacker News

Fake Clickjacking Bug Bounty Reports: The Key Facts

Par : [email protected] (The Hacker News)
Are you aware of fake clickjacking bug bounty reports? If not, you should be. This article will get you up to speed and help you to stay alert. What are clickjacking bug bounty reports? If we start by breaking up the term into its component parts, a bug bounty is a program offered by an organization, in which individuals are rewarded for finding and reporting software bugs. These programs are
☐ ☆ ✇ The Hacker News

Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF

Par : [email protected] (Ravie Lakshmanan)
A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's executed while an iPhone is "off." The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and ultra-wideband (UWB) continue to operate while
☐ ☆ ✇ The Hacker News

Researchers Warn of "Eternity Project" Malware Service Being Sold via Telegram

Par : [email protected] (Ravie Lakshmanan)
An unidentified threat actor has been linked to an actively in-development malware toolkit called the "Eternity Project" that lets professional and amateur cybercriminals buy stealers, clippers, worms, miners, ransomware, and a distributed denial-of-service (DDoS) bot. What makes this malware-as-a-service (MaaS) stand out is that besides using a Telegram channel to communicate updates about the
☐ ☆ ✇ The Hacker News

Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity

Par : [email protected] (Ravie Lakshmanan)
The European Parliament announced a "provisional agreement" aimed at improving cybersecurity and resilience of both public and private sector entities in the European Union. The revised directive, called "NIS2" (short for network and information systems), is expected to replace the existing legislation on cybersecurity that was established in July 2016. The revamp sets ground rules, requiring
☐ ☆ ✇ The Hacker News

Ukrainian Hacker Jailed for 4-Years in U.S. for Selling Access to Hacked Servers

Par : [email protected] (Ravie Lakshmanan)
A 28-year-old Ukrainian national has been sentenced to four years in prison for siphoning thousands of server login credentials and selling them on the dark web for monetary gain as part of a credential theft scheme. Glib Oleksandr Ivanov-Tolpintsev, who pleaded guilty to his offenses earlier this February, was arrested in Poland in October 2020, before being extradited to the U.S. in September
☐ ☆ ✇ The Hacker News

Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off

Par : [email protected] (The Hacker News)
Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications. The 2022 Ultimate Advanced CyberSecurity Professional Certification Bundle helps you collect the full house, with five
☐ ☆ ✇ The Hacker News

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

Par : [email protected] (Ravie Lakshmanan)
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below - CVE-2022-22282 (CVSS score: 8.2) - Unauthenticated Access
☐ ☆ ✇ The Hacker News

Google Created 'Open Source Maintenance Crew' to Help Secure Critical Projects

Par : [email protected] (Ravie Lakshmanan)
Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this information, developers
☐ ☆ ✇ The Hacker News

New Saitama backdoor Targeted Official from Jordan's Foreign Ministry

Par : [email protected] (Ravie Lakshmanan)
A spear-phishing campaign targeting Jordan's foreign ministry has been observed dropping a new stealthy backdoor dubbed Saitama. Researchers from Malwarebytes and Fortinet FortiGuard Labs attributed the campaign to an Iranian cyber espionage threat actor tracked under the moniker APT34, citing resemblances to past campaigns staged by the group. "Like many of these attacks, the email contained a
❌