THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps

Mar 24, 2023The Hacker NewsSaaS Security / Webinar Any app that can improve business operations is quickly added to the SaaS stack. However, employees don’t realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. Whether employees connect through Microsoft 365, Google Workspace, Slack, Salesforce, or […]

Continue Reading

Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies

Mar 24, 2023Ravie LakshmananCyber Attack / Hacking A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack […]

Continue Reading

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

Mar 23, 2023Ravie LakshmananBrowser Security / Artificial Intelligence Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI’s ChatGPT service to harvest Facebook session cookies and hijack the accounts. The “ChatGPT For Google” extension, a trojanized version of a legitimate open source browser add-on, attracted […]

Continue Reading

2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks

Mar 23, 2023The Hacker News In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication of attacks and the number of cybersecurity solutions introduced into the market. With this rise in threats, budgets, and solutions, […]

Continue Reading

Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers

Mar 23, 2023Ravie LakshmananCritical Infrastructure Security Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. “The initial attack […]

Continue Reading

German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics

Mar 23, 2023Ravie LakshmananCyber Attack / Browser Security German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users’ Gmail inboxes. The joint advisory comes from Germany’s domestic intelligence apparatus, the Federal Office for the Protection of the Constitution (BfV), […]

Continue Reading

ScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques

Mar 22, 2023Ravie LakshmananCyber Threat Intelligence The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware. According to multiple reports from AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler, the development is illustrative of the group’s continuous efforts to refine and […]

Continue Reading

CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems

Mar 22, 2023Ravie LakshmananICS/SCADA Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics’ InfraSuite Device Master, a real-time device monitoring software. All versions prior to […]

Continue Reading

Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware

Mar 22, 2023Ravie LakshmananDevOpsSec / Malware The NuGet repository is the target of a new “sophisticated and highly-malicious attack” aiming to infect .NET developer systems with cryptocurrency stealer malware. The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down. “The packages contained a PowerShell script […]

Continue Reading

Preventing Insider Threats in Your Active Directory

Mar 22, 2023The Hacker NewsPassword Security / Active Directory Active Directory (AD) is a powerful authentication and directory service used by organizations worldwide. With this ubiquity and power comes the potential for abuse. Insider threats offer some of the most potentials for destruction. Many internal users have over-provisioned access and visibility into the internal network. […]

Continue Reading

New ‘Bad Magic’ Cyber Threat Disrupt Ukraine’s Key Sectors Amid War

Mar 21, 2023Ravie LakshmananCyber War / Cyber Threat Amid the ongoing war between Russia and Ukraine, government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea have been attacked as part of an active campaign that drops a previously unseen, modular framework dubbed CommonMagic. “Although the initial vector of compromise is unclear, the details […]

Continue Reading

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw

Mar 21, 2023Ravie LakshmananCryptocurrency / Hacking Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. “The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload videos and run it […]

Continue Reading

Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen

Mar 20, 2023Ravie LakshmananCyber Threat / Malware A banking trojan dubbed Mispadu has been linked to multiple spam campaigns targeting countries like Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and delivering other payloads. The activity, which commenced in August 2022, is currently ongoing, Ocelot Team from Latin American cybersecurity firm […]

Continue Reading

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack

Mar 18, 2023Ravie LakshmananNetwork Security / Cyber Espionage The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. Threat intelligence firm Mandiant, which made the attribution, said the activity cluster is part of a broader campaign designed to deploy backdoors onto […]

Continue Reading

Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York

Mar 18, 2023Ravie LakshmananCyber Crime / Data Breach U.S. law enforcement authorities have arrested a New York man in connection with running the infamous BreachForums hacking forum under the online alias “Pompompurin.” The development, first reported by Bloomberg Law, comes after News 12 Westchester, earlier this week, said that federal investigators “spent hours inside and […]

Continue Reading

LockBit 3.0 Ransomware: Inside the Cyberthreat That’s Costing Millions

U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs) associated with the notorious LockBit 3.0 ransomware. “The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service (RaaS) model and is a continuation of previous versions of the ransomware, LockBit 2.0, and LockBit,” the authorities […]

Continue Reading