Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages

Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages,

NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors.
« The packages were part of a new attack vector, with attackers spamming the open-source ecosystem with packages containing links to phishing campaigns, » researchers from Checkmarx and Illustria said in a report published Wednesday.
Of the 144,294

,

NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors.
« The packages were part of a new attack vector, with attackers spamming the open-source ecosystem with packages containing links to phishing campaigns, » researchers from Checkmarx and Illustria said in a report published Wednesday.
Of the 144,294

, ,
https://thehackernews.com/2022/12/hackers-bombard-open-source.html

FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms

FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms,

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service (DDoS) attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity.
It also charged six suspects – Jeremiah Sam Evans Miller (23), Angel Manuel Colon Jr. (37), Shamar Shattock (19), Cory Anthony Palmer

,

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service (DDoS) attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity.
It also charged six suspects – Jeremiah Sam Evans Miller (23), Angel Manuel Colon Jr. (37), Shamar Shattock (19), Cory Anthony Palmer

, ,
https://thehackernews.com/2022/12/fbi-charges-6-seizes-48-domains-linked.html

Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems

Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems,

Phishing campaigns involving the Qakbot malware are using Scalable Vector Graphics (SVG) images embedded in HTML email attachments.
The new distribution method was spotted by Cisco Talos, which said it identified fraudulent email messages featuring HTML attachments with encoded SVG images that incorporate HTML script tags.
HTML smuggling is a technique that relies on using legitimate features of

,

Phishing campaigns involving the Qakbot malware are using Scalable Vector Graphics (SVG) images embedded in HTML email attachments.
The new distribution method was spotted by Cisco Talos, which said it identified fraudulent email messages featuring HTML attachments with encoded SVG images that incorporate HTML script tags.
HTML smuggling is a technique that relies on using legitimate features of

, ,
https://thehackernews.com/2022/12/hacking-using-svg-files-to-smuggle-qbot.html

« Mon téléphone est cassé » : attention à cette redoutable arnaque par SMS

« Mon téléphone est cassé » : attention à cette redoutable arnaque par SMS,

voler argent billet euros

Les personnes mal intentionnées ne manquent pas d’imagination pour piéger leurs victimes, comme le prouve cette nouvelle arnaque de « l’urgence familiale », aussi simple qu’efficace. On vous explique tout.

,

voler argent billet euros

Les personnes mal intentionnées ne manquent pas d’imagination pour piéger leurs victimes, comme le prouve cette nouvelle arnaque de « l’urgence familiale », aussi simple qu’efficace. On vous explique tout.

, ,
https://www.01net.com/actualites/mon-telephone-est-casse-attention-a-cette-redoutable-arnaque-par-sms.html

New GoTrim Botnet Attempting to Break into WordPress Sites’ Admin Accounts

New GoTrim Botnet Attempting to Break into WordPress Sites’ Admin Accounts

,

A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of the targeted systems.
« This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses ‘:::trim:::’ to split data communicated to and from the C2 server, » Fortinet FortiGuard Labs researchers

,

A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of the targeted systems.
« This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses ‘:::trim:::’ to split data communicated to and from the C2 server, » Fortinet FortiGuard Labs researchers

, ,
https://thehackernews.com/2022/12/new-gotrim-botnet-attempting-to-break.html

Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems

Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems,

Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware.
The tech giant said its investigation revealed the activity was restricted to a number of developer program accounts and that no further compromise was detected.
Cryptographically signing malware is

,

Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware.
The tech giant said its investigation revealed the activity was restricted to a number of developer program accounts and that no further compromise was detected.
Cryptographically signing malware is

, ,
https://thehackernews.com/2022/12/ransomware-attackers-use-microsoft.html

Why PCI DSS 4.0 Should Be on Your Radar in 2023

Why PCI DSS 4.0 Should Be on Your Radar in 2023,

Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard (PCI DSS), created by leading credit card companies, establishes best practices for protecting consumers’ information. By adhering to these standards, businesses can ensure that their customer’s personal and financial information is secure. 
The PCI DSS

,

Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard (PCI DSS), created by leading credit card companies, establishes best practices for protecting consumers’ information. By adhering to these standards, businesses can ensure that their customer’s personal and financial information is secure. 
The PCI DSS

, ,
https://thehackernews.com/2022/12/why-pci-dss-40-should-be-on-your-radar.html

December 2022 Patch Tuesday: Get Latest Security Updates from Microsoft and More

December 2022 Patch Tuesday: Get Latest Security Updates from Microsoft and More,

Tech giant Microsoft released its last set of monthly security updates for 2022 with fixes for 49 vulnerabilities across its software products.
Of the 49 bugs, six are rated Critical, 40 are rated Important, and three are rated Moderate in severity. The updates are in addition to 24 vulnerabilities that have been addressed in the Chromium-based Edge browser since the start of the month.

,

Tech giant Microsoft released its last set of monthly security updates for 2022 with fixes for 49 vulnerabilities across its software products.
Of the 49 bugs, six are rated Critical, 40 are rated Important, and three are rated Moderate in severity. The updates are in addition to 24 vulnerabilities that have been addressed in the Chromium-based Edge browser since the start of the month.

, ,
https://thehackernews.com/2022/12/december-2022-patch-tuesday-get-latest.html

Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability

Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability,

The U.S. National Security Agency (NSA) on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller (ADC) and Gateway to take over affected systems.
The critical remote code execution vulnerability, identified as CVE-2022-27518, could allow an unauthenticated attacker to execute commands remotely on vulnerable devices and

,

The U.S. National Security Agency (NSA) on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller (ADC) and Gateway to take over affected systems.
The critical remote code execution vulnerability, identified as CVE-2022-27518, could allow an unauthenticated attacker to execute commands remotely on vulnerable devices and

, ,
https://thehackernews.com/2022/12/hackers-actively-exploiting-citrix-adc.html

Attention, des applications Android « zombies » se propagent sur les smartphones

Attention, des applications Android « zombies » se propagent sur les smartphones,

Android malware virus

Des applications dites « zombies » se propagent sur les smartphones Android. D’après ThreatFabric, les pirates utilisent un programme malveillant pour cacher un malware dans le code d’applications populaires. Celui-ci s’empare ensuite de données sensibles…

,

Android malware virus

Des applications dites « zombies » se propagent sur les smartphones Android. D’après ThreatFabric, les pirates utilisent un programme malveillant pour cacher un malware dans le code d’applications populaires. Celui-ci s’empare ensuite de données sensibles…

, ,
https://www.01net.com/actualites/android-applications-zombies-propagent-smartphones.html