Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards

Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards,

The Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions.
Russian cybersecurity firm Kaspersky said it detected three versions of Prilex (06.03.8080, 06.03.8072, and 06.03.8070) that are capable of targeting NFC-enabled credit cards, taking its

,

The Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions.
Russian cybersecurity firm Kaspersky said it detected three versions of Prilex (06.03.8080, 06.03.8072, and 06.03.8070) that are capable of targeting NFC-enabled credit cards, taking its

, ,
https://thehackernews.com/2023/02/prilex-pos-malware-evolves-to-block.html

Auditing Kubernetes with Open Source SIEM and XDR

Auditing Kubernetes with Open Source SIEM and XDR,

Container technology has gained traction among businesses due to the increased efficiency it provides. In this regard, organizations widely use Kubernetes for deploying, scaling, and managing containerized applications. Organizations should audit Kubernetes to ensure compliance with regulations, find anomalies, and identify security risks. The Wazuh open source platform plays a critical role in

,

Container technology has gained traction among businesses due to the increased efficiency it provides. In this regard, organizations widely use Kubernetes for deploying, scaling, and managing containerized applications. Organizations should audit Kubernetes to ensure compliance with regulations, find anomalies, and identify security risks. The Wazuh open source platform plays a critical role in

, ,
https://thehackernews.com/2023/02/auditing-kubernetes-with-open-source.html

Hackers Abused Microsoft’s « Verified Publisher » OAuth Apps to Breach Corporate Email Accounts

Hackers Abused Microsoft’s « Verified Publisher » OAuth Apps to Breach Corporate Email Accounts

,

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations’ cloud environments and steal email.
« The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting

,

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations’ cloud environments and steal email.
« The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting

, ,
https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software

Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software,

Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software, nearly two months after three security vulnerabilities were brought to light in the same product.
Firmware security firm Eclypsium said the two shortcomings were held back until now to provide AMI additional time to engineer appropriate mitigations.
The issues, collectively

,

Two more supply chain security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software, nearly two months after three security vulnerabilities were brought to light in the same product.
Firmware security firm Eclypsium said the two shortcomings were held back until now to provide AMI additional time to engineer appropriate mitigations.
The issues, collectively

, ,
https://thehackernews.com/2023/02/additional-supply-chain-vulnerabilities.html

You Don’t Know Where Your Secrets Are

You Don’t Know Where Your Secrets Are

,

Do you know where your secrets are? If not, I can tell you: you are not alone.
Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don’t know either. No matter the organization’s size, the certifications, tools, people, and processes: secrets are not visible in 99% of cases.
It might sound ridiculous at first: keeping secrets is an obvious first thought when

,

Do you know where your secrets are? If not, I can tell you: you are not alone.
Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don’t know either. No matter the organization’s size, the certifications, tools, people, and processes: secrets are not visible in 99% of cases.
It might sound ridiculous at first: keeping secrets is an obvious first thought when

, ,
https://thehackernews.com/2023/01/you-dont-know-where-your-secrets-are.html

Facebook : cette faille critique de la double authentification aurait pu faire beaucoup de dégâts

Facebook : cette faille critique de la double authentification aurait pu faire beaucoup de dégâts,

facebook

Décelée dans le cadre d’un programme de Bug Bounty organisé par Meta en 2022, la faille a finalement été corrigée avant d’avoir pu être exploitée.

,

facebook

Décelée dans le cadre d’un programme de Bug Bounty organisé par Meta en 2022, la faille a finalement été corrigée avant d’avoir pu être exploitée.

, ,
https://www.01net.com/actualites/facebook-une-faille-critique-pour-la2f-corrigee-par-meta.html

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector,

The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine.
« The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting files, » cybersecurity company ESET revealed in its latest APT Activity Report shared with The Hacker

,

The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine.
« The NikoWiper is based on SDelete, a command line utility from Microsoft that is used for securely deleting files, » cybersecurity company ESET revealed in its latest APT Activity Report shared with The Hacker

, ,
https://thehackernews.com/2023/01/new-report-reveals-nikowiper-malware.html

Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years

Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years,

A shellcode-based packer dubbed TrickGate has been successfully operating without attracting notice for over six years, while enabling threat actors to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil over the years.
« TrickGate managed to stay under the radar for years because it is transformative – it undergoes changes periodically

,

A shellcode-based packer dubbed TrickGate has been successfully operating without attracting notice for over six years, while enabling threat actors to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil over the years.
« TrickGate managed to stay under the radar for years because it is transformative – it undergoes changes periodically

, ,
https://thehackernews.com/2023/01/researchers-uncover-packer-that-helped.html

Alerte malware sur le Play Store : ces 20 apps Android sont frauduleuses

Alerte malware sur le Play Store : ces 20 apps Android sont frauduleuses,

google play store android

Une vague de malwares s’est propagée sur le Play Store. Dans le code de 20 applications Android, des chercheurs ont découvert des virus capables de siphonner les données personnelles et l’argent des utilisateurs.

,

google play store android

Une vague de malwares s’est propagée sur le Play Store. Dans le code de 20 applications Android, des chercheurs ont découvert des virus capables de siphonner les données personnelles et l’argent des utilisateurs.

, ,
https://www.01net.com/actualites/alerte-malware-play-store-20-apps-android-frauduleuses.html

Les cybercriminels recrutent, et ça paye (très) bien

Les cybercriminels recrutent, et ça paye (très) bien,

developpeur ecran ordinateur

La petite entreprise des cybercriminels ne connait pas la crise. Comme le montre cette nouvelle étude de Kaspersky, qui a analysé le marché de l’emploi sur le dark web, la criminalité en ligne recrute et n’hésite pas à proposer des salaires mensuels très élevés.

,

developpeur ecran ordinateur

La petite entreprise des cybercriminels ne connait pas la crise. Comme le montre cette nouvelle étude de Kaspersky, qui a analysé le marché de l’emploi sur le dark web, la criminalité en ligne recrute et n’hésite pas à proposer des salaires mensuels très élevés.

, ,
https://www.01net.com/actualites/les-cybercriminels-recrutent-et-ca-paye-tres-bien.html