FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
☐ ☆ ✇ The Hacker News

U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine

Par : [email protected] (Ravie Lakshmanan)
The U.S. Treasury Department on Thursday announced sanctions against four current and former Ukrainian government officials for engaging in "Russian government-directed influence activities" in the country, including gathering sensitive information about its critical infrastructure. The agency said the four individuals were involved in different roles as part of a concerted influence campaign to
☐ ☆ ✇ The Hacker News

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Par : [email protected] (Ravie Lakshmanan)
Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager (RCM) for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 (CVSS score: 9.0), the vulnerability stems from the fact that the debug mode has been incorrectly enabled
☐ ☆ ✇ The Hacker News

Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers

Par : [email protected] (Ravie Lakshmanan)
An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said the issues
☐ ☆ ✇ The Hacker News

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

Par : [email protected] (Ravie Lakshmanan)
A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise (BEC) attacks targeting more than 50,000 victims in recent years. The disruption of the BEC network is the result of a ten-day investigation dubbed Operation Falcon II undertaken by the Interpol along with
☐ ☆ ✇ The Hacker News

A Trip to the Dark Site — Leak Sites Analyzed

Par : [email protected] (The Hacker News)
Gone are the days when ransomware operators were happy with encrypting files on-site and more or less discretely charged their victims money for a decryption key. What we commonly find now is encryption with the additional threat of leaking stolen data, generally called Double-Extortion (or, as we like to call it: Cyber Extortion or Cy-X). This is a unique form of cybercrime in that we can
☐ ☆ ✇ The Hacker News

DoNot Hacking Team Targeting Government and Military Entities in South Asia

Par : [email protected] (Ravie Lakshmanan)
A threat actor with potential links to an Indian cybersecurity company has been nothing if remarkably persistent in its attacks against military organizations based in South Asia, including Bangladesh, Nepal, and Sri Lanka, since at least September 2020 by deploying different variants of its bespoke malware framework. Slovak cybersecurity firm ESET attributed the highly targeted attack to a
☐ ☆ ✇ The Hacker News

New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets

Par : [email protected] (Ravie Lakshmanan)
A new evasive crypto wallet stealer named BHUNT has been spotted in the wild with the goal of financial gain, adding to a list of digital currency stealing malware such as CryptBot, Redline Stealer, and WeSteal. "BHUNT is a modular stealer written in .NET, capable of exfiltrating wallet (Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, Litecoin wallets) contents, passwords stored in the
☐ ☆ ✇ The Hacker News

Microsoft: Hackers Exploiting New SolarWinds Serv-U Bug Related to Log4j Attacks

Par : [email protected] (Ravie Lakshmanan)
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247 (CVSS score: 5.3), the issue is an "input validation vulnerability that could allow attackers to build a query given some input and send that query
☐ ☆ ✇ The Hacker News

Cyber Threat Protection — It All Starts with Visibility

Par : [email protected] (The Hacker News)
Just as animals use their senses to detect danger, cybersecurity depends on sensors to identify signals in the computing environment that may signal danger. The more highly tuned, diverse and coordinated the senses, the more likely one is to detect important signals that indicate danger. This, however, can be a double-edged sword. Too many signals with too little advanced signal processing just
☐ ☆ ✇ The Hacker News

Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute Malware

Par : [email protected] (Ravie Lakshmanan)
Potential connections between a subscription-based crimeware-as-a-service (Caas) solution and a cracked copy of Cobalt Strike have been established in what the researchers suspect is being offered as a tool for its customers to stage post-exploitation activities. Prometheus, as the service is called, first came to light in August 2021 when cybersecurity company Group-IB disclosed details of
☐ ☆ ✇ The Hacker News

FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks

Par : [email protected] (Ravie Lakshmanan)
The financially motivated FIN8 actor, in all likelihood, has resurfaced with a never-before-seen ransomware strain called "White Rabbit" that was recently deployed against a local bank in the U.S. in December 2021. That's according to new findings published by Trend Micro, calling out the malware's overlaps with Egregor, which was taken down by Ukrainian law enforcement authorities in February
☐ ☆ ✇ The Hacker News

DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

Par : [email protected] (Ravie Lakshmanan)
An IRC (Internet Relay Chat) bot strain programmed in GoLang is being used to launch distributed denial-of-service (DDoS) attacks targeting users in Korea. "The malware is being distributed under the guise of adult games," researchers from AhnLab's Security Emergency-response Center (ASEC) said in a new report published on Wednesday. "Additionally, the DDoS malware was installed via downloader
☐ ☆ ✇ The Hacker News

Ukraine: Recent Cyber Attacks Part of Wider Plot to Sabotage Critical Infrastructure

Par : [email protected] (Ravie Lakshmanan)
The coordinated cyberattacks targeting Ukrainian government websites and the deployment of a data-wiper malware called WhisperGate on select government systems are part of a broader wave of malicious activities aimed at sabotaging critical infrastructure in the country. The Secret Service of Ukraine on Monday confirmed that the two incidents are related, adding the breaches also exploited the
☐ ☆ ✇ The Hacker News

Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts

Par : [email protected] (Ravie Lakshmanan)
Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification. "Using this technique, an attacker could use stolen credentials to compromise an organization's Box account and exfiltrate sensitive data without access to the victim's phone," Varonis researchers said
☐ ☆ ✇ The Hacker News

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

Par : [email protected] (Ravie Lakshmanan)
VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 and rendering it inoperable as part of a disruptive action that took place across Germany, the
☐ ☆ ✇ The Hacker News

Don't Use Public Wi-Fi Without DNS Filtering

Par : [email protected] (The Hacker News)
Providing public Wi-Fi is a great service to offer your customers as it becomes more and more standard in today's society. I like the fact that I do not have to worry about accessing the Internet while I am away, or spending a lot of money on an international connection, or just staying offline while I am away. With public Wi-Fi, modern life has become a constant connection to the Internet,
☐ ☆ ✇ The Hacker News

Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors

Par : [email protected] (Ravie Lakshmanan)
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. "The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in Hong Kong,
☐ ☆ ✇ The Hacker News

Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central

Par : [email protected] (Ravie Lakshmanan)
Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "may allow an attacker to read unauthorized data or write an arbitrary zip
☐ ☆ ✇ The Hacker News

Chrome Limits Websites' Direct Access to Private Networks for Security Reasons

Par : [email protected] (Ravie Lakshmanan)
Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases consisting of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification called
❌