Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War,

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war.
The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that’s attributed to Russia’s Federal Security Service (FSB).
Gamaredon,

,

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war.
The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that’s attributed to Russia’s Federal Security Service (FSB).
Gamaredon,

, ,
https://thehackernews.com/2022/12/russian-hackers-target-major-petroleum.html

A Guide to Efficient Patch Management with Action1

A Guide to Efficient Patch Management with Action1,

It’s no secret that keeping software up to date is one of the key best practices in cybersecurity. Software vulnerabilities are being discovered almost weekly these days. The longer it takes IT teams to apply updates issued by developers to patch these security flaws, the more time attackers have to exploit the underlying vulnerability. Once threat actors gain access to corporate IT ecosystems,

,

It’s no secret that keeping software up to date is one of the key best practices in cybersecurity. Software vulnerabilities are being discovered almost weekly these days. The longer it takes IT teams to apply updates issued by developers to patch these security flaws, the more time attackers have to exploit the underlying vulnerability. Once threat actors gain access to corporate IT ecosystems,

, ,
https://thehackernews.com/2022/12/a-guide-to-efficient-patch-management.html

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service,

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as

,

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as

, ,
https://thehackernews.com/2022/12/kmsdbot-botnet-suspected-of-being-used.html

Plus de 350 cryptos frauduleuses inondent le marché chaque jour

Plus de 350 cryptos frauduleuses inondent le marché chaque jour,

crypto blanchiment d'argent

Une quantité record de crypto-arnaques a vu le jour en 2022. D’après une enquête, le nombre de cryptomonnaies frauduleuses, uniquement destinées à piéger les investisseurs, augmente d’année en année.

,

crypto blanchiment d'argent

Une quantité record de crypto-arnaques a vu le jour en 2022. D’après une enquête, le nombre de cryptomonnaies frauduleuses, uniquement destinées à piéger les investisseurs, augmente d’année en année.

, ,
https://www.01net.com/actualites/plus-de-350-cryptos-frauduleuses-inondent-le-marche-chaque-jour.html

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

,

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game.
To that end, the company will pay a record $275 million monetary penalty for breaching the Children’s Online Privacy Protection Act (COPPA) by

,

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game.
To that end, the company will pay a record $275 million monetary penalty for breaching the Children’s Online Privacy Protection Act (COPPA) by

, ,
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems,

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic

,

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic

, ,
https://thehackernews.com/2022/12/microsoft-details-gatekeeper-bypass.html

Mettez à jour votre Mac, Microsoft a trouvé une faille critique sur macOS

Mettez à jour votre Mac, Microsoft a trouvé une faille critique sur macOS,

macbook

Microsoft a trouvé un bug touchant macOS qui permet aux logiciels malveillants de contourner les contrôles de sécurité du système d’exploitation d’Apple. Nous vous recommandons vivement de mettre à jour votre Mac pour appliquer le correctif.

,

macbook

Microsoft a trouvé un bug touchant macOS qui permet aux logiciels malveillants de contourner les contrôles de sécurité du système d’exploitation d’Apple. Nous vous recommandons vivement de mettre à jour votre Mac pour appliquer le correctif.

, ,
https://www.01net.com/actualites/mettez-a-jour-votre-mac-microsoft-a-trouve-une-faille-critique-sur-macos.html

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data,

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak.
The package, named SentinelOne and now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen

,

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak.
The package, named SentinelOne and now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen

, ,
https://thehackernews.com/2022/12/researchers-discover-malicious-pypi.html

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

,

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and « upscaled » campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. « In addition, there was a tenfold increase in TOR hidden services being used as C2 servers

,

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and « upscaled » campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. « In addition, there was a tenfold increase in TOR hidden services being used as C2 servers

, ,
https://thehackernews.com/2022/12/glupteba-botnet-continues-to-thrive.html

Cybercrime (and Security) Predictions for 2023

Cybercrime (and Security) Predictions for 2023,

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it’s up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. 
Here’s a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead. 
Increase in digital supply chain attacks 
With the

,

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it’s up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. 
Here’s a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead. 
Increase in digital supply chain attacks 
With the

, ,
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html