Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data,

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak.
The package, named SentinelOne and now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen

,

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak.
The package, named SentinelOne and now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen

, ,
https://thehackernews.com/2022/12/researchers-discover-malicious-pypi.html

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

,

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and « upscaled » campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. « In addition, there was a tenfold increase in TOR hidden services being used as C2 servers

,

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and « upscaled » campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. « In addition, there was a tenfold increase in TOR hidden services being used as C2 servers

, ,
https://thehackernews.com/2022/12/glupteba-botnet-continues-to-thrive.html

Cybercrime (and Security) Predictions for 2023

Cybercrime (and Security) Predictions for 2023,

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it’s up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. 
Here’s a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead. 
Increase in digital supply chain attacks 
With the

,

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it’s up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. 
Here’s a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead. 
Increase in digital supply chain attacks 
With the

, ,
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure,

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx.
Agenda, attributed to an operator named Qilin, is a ransomware-as-a-service (RaaS) group that has been linked to a spate of attacks primarily targeting manufacturing and IT industries across

,

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx.
Agenda, attributed to an operator named Qilin, is a ransomware-as-a-service (RaaS) group that has been linked to a spate of attacks primarily targeting manufacturing and IT industries across

, ,
https://thehackernews.com/2022/12/new-agenda-ransomware-variant-written.html

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India,

Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages.
The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries.
« The global

,

Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages.
The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries.
« The global

, ,
https://thehackernews.com/2022/12/facebook-cracks-down-on-spyware-vendors.html

Google Takes Gmail Security to the Next Level with Client-Side Encryption

Google Takes Gmail Security to the Next Level with Client-Side Encryption,

Google on Friday announced that its client-side encryption for Gmail is in beta to its Workspace and education customers to secure emails sent using the web version of the platform.
This development comes at a time when concerns about online privacy and data security are at an all-time high, and it is certainly welcomed by users who value the protection of their personal data.
To that end,

,

Google on Friday announced that its client-side encryption for Gmail is in beta to its Workspace and education customers to secure emails sent using the web version of the platform.
This development comes at a time when concerns about online privacy and data security are at an all-time high, and it is certainly welcomed by users who value the protection of their personal data.
To that end,

, ,
https://thehackernews.com/2022/12/gmail-encryption.html

Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities

Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities,

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems.
The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in versions 4.17.4, 4.16.8 and 4.15.13 released on December 15, 2022.
Samba is an open source Windows

,

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems.
The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in versions 4.17.4, 4.16.8 and 4.15.13 released on December 15, 2022.
Samba is an open source Windows

, ,
https://thehackernews.com/2022/12/samba-issues-security-updates-to-patch.html

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities,

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities.
Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites. It’s tracking the threat cluster as UNC4166

,

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities.
Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites. It’s tracking the threat cluster as UNC4166

, ,
https://thehackernews.com/2022/12/trojanized-windows-10-installer-used-in.html

Ex-Twitter employee Gets 3.5 Years Jail for Spying on Behalf of Saudi Arabia

Ex-Twitter employee Gets 3.5 Years Jail for Spying on Behalf of Saudi Arabia,

A former Twitter employee who was found guilty of spying on behalf of Saudi Arabia by sharing data pertaining to specific individuals has been sentenced to three-and-a-half years in prison.
Ahmad Abouammo, 45, was convicted earlier this August on various criminal counts, including money laundering, fraud, falsifying records, and being an illegal agent of a foreign government.
Abouammo was

,

A former Twitter employee who was found guilty of spying on behalf of Saudi Arabia by sharing data pertaining to specific individuals has been sentenced to three-and-a-half years in prison.
Ahmad Abouammo, 45, was convicted earlier this August on various criminal counts, including money laundering, fraud, falsifying records, and being an illegal agent of a foreign government.
Abouammo was

, ,
https://thehackernews.com/2022/12/ex-twitter-employee-gets-35-years-jail.html

Cyber Security Is Not a Losing Game – If You Start Right Now

Cyber Security Is Not a Losing Game – If You Start Right Now,

Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad. For example, just recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack. 
As usual, everyone cried « foul play » and suggested that proper cybersecurity measures should have been in place. And again, as usual, it all happens a bit too late.

,

Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad. For example, just recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack. 
As usual, everyone cried « foul play » and suggested that proper cybersecurity measures should have been in place. And again, as usual, it all happens a bit too late.

, ,
https://thehackernews.com/2022/12/cyber-security-is-not-losing-game-if.html