Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks

Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks,

Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems.
These sophisticated attacks exploit a critical vulnerability (CVE-2022-31199) in the widely used Netwrix Auditor server and its associated agents.
This

,

Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems.
These sophisticated attacks exploit a critical vulnerability (CVE-2022-31199) in the widely used Netwrix Auditor server and its associated agents.
This

, ,
https://thehackernews.com/2023/07/cybersecurity-agencies-sound-alarm-on.html

Iranian Hackers’ Sophisticated Malware Targets Windows and macOS Users

Iranian Hackers’ Sophisticated Malware Targets Windows and macOS Users

,

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware.
« TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho, » Proofpoint said in a new report.
« When given the opportunity, TA453

,

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware.
« TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho, » Proofpoint said in a new report.
« When given the opportunity, TA453

, ,
https://thehackernews.com/2023/07/iranian-hackers-sophisticated-malware.html

Surviving the 800 Gbps Storm: Gain Insights from Gcore’s 2023 DDoS Attack Statistics

Surviving the 800 Gbps Storm: Gain Insights from Gcore’s 2023 DDoS Attack Statistics

,

Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the

,

Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the

, ,
https://thehackernews.com/2023/07/surviving-800-gbps-storm-gain-insights.html

Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability

Researchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation Vulnerability

,

Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host.
Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.
« As StackRot is a Linux kernel vulnerability found in the memory

,

Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host.
Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.
« As StackRot is a Linux kernel vulnerability found in the memory

, ,
https://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html

How Pen Testing can Soften the Blow on Rising Costs of Cyber Insurance

How Pen Testing can Soften the Blow on Rising Costs of Cyber Insurance,

As technology advances and organizations become more reliant on data, the risks associated with data breaches and cyber-attacks also increase. The introduction of data privacy laws, such as the GDPR, has made it mandatory for organizations to disclose breaches of personal data to those affected. As such, it has become essential for businesses to protect themselves from the financial and

,

As technology advances and organizations become more reliant on data, the risks associated with data breaches and cyber-attacks also increase. The introduction of data privacy laws, such as the GDPR, has made it mandatory for organizations to disclose breaches of personal data to those affected. As such, it has become essential for businesses to protect themselves from the financial and

, ,
https://thehackernews.com/2023/07/how-pen-testing-can-soften-blow-on.html

Silentbob Campaign: Cloud-Native Environments Under Attack

Silentbob Campaign: Cloud-Native Environments Under Attack,

Cybersecurity researchers have unearthed an attack infrastructure that’s being used as part of a « potentially massive campaign » against cloud-native environments.
« This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials

,

Cybersecurity researchers have unearthed an attack infrastructure that’s being used as part of a « potentially massive campaign » against cloud-native environments.
« This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials

, ,
https://thehackernews.com/2023/07/silentbob-campaign-cloud-native.html

INTERPOL Nabs Hacking Crew OPERA1ER’s Leader Behind $11 Million Cybercrime

INTERPOL Nabs Hacking Crew OPERA1ER’s Leader Behind $11 Million Cybercrime

,

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced.
« The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 countries in Africa, Asia, and Latin America, » the agency said.

,

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced.
« The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 countries in Africa, Asia, and Latin America, » the agency said.

, ,
https://thehackernews.com/2023/07/interpol-nabs-hacking-crew-opera1ers.html

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors,

A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages.
The malware « possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for

,

A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages.
The malware « possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for

, ,
https://thehackernews.com/2023/07/redenergy-stealer-as-ransomware-threat.html

Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone

Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone,

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social stigma, or, at the very least, be embarrassing. In a developer’s or application security engineer’s professional life, the consequences of exposing secrets

,

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social stigma, or, at the very least, be embarrassing. In a developer’s or application security engineer’s professional life, the consequences of exposing secrets

, ,
https://thehackernews.com/2023/07/secrets-secrets-are-no-fun-secrets.html

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware,

The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation.
« A npm package’s manifest is published independently from its tarball, » Darcy Clarke, a former GitHub and npm engineering manager

,

The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation.
« A npm package’s manifest is published independently from its tarball, » Darcy Clarke, a former GitHub and npm engineering manager

, ,
https://thehackernews.com/2023/07/nodejs-users-beware-manifest-confusion.html