GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps

GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps,

An Android banking trojan known as GodFather is being used to target users of more than 400 banking and cryptocurrency apps spanning across 16 countries.
This includes 215 banks, 94 crypto wallet providers, and 110 crypto exchange platforms serving users in the U.S., Turkey, Spain, Italy, Canada, and Canada, among others, Singapore-headquartered Group-IB said in a report shared with The Hacker

,

An Android banking trojan known as GodFather is being used to target users of more than 400 banking and cryptocurrency apps spanning across 16 countries.
This includes 215 banks, 94 crypto wallet providers, and 110 crypto exchange platforms serving users in the U.S., Turkey, Spain, Italy, Canada, and Canada, among others, Singapore-headquartered Group-IB said in a report shared with The Hacker

, ,
https://thehackernews.com/2022/12/godfather-android-banking-trojan.html

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations,

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA).
« The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint, » CrowdStrike researchers Brian Pitchford,

,

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA).
« The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint, » CrowdStrike researchers Brian Pitchford,

, ,
https://thehackernews.com/2022/12/ransomware-hackers-using-new-way-to.html

Ukraine’s DELTA Military System Users Under Attack from Info Stealing Malware

Ukraine’s DELTA Military System Users Under Attack from Info Stealing Malware

,

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense.
The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab and

,

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense.
The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab and

, ,
https://thehackernews.com/2022/12/ukraines-delta-military-system-users.html

Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users

Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users,

The threat actors behind the Windows banking malware known as Casbaneiro has been attributed as behind a novel Android trojan called BrasDex that has been observed targeting Brazilian users as part of an ongoing multi-platform campaign.
BrasDex features a « complex keylogging system designed to abuse Accessibility Services to extract credentials specifically from a set of Brazilian targeted apps,

,

The threat actors behind the Windows banking malware known as Casbaneiro has been attributed as behind a novel Android trojan called BrasDex that has been observed targeting Brazilian users as part of an ongoing multi-platform campaign.
BrasDex features a « complex keylogging system designed to abuse Accessibility Services to extract credentials specifically from a set of Brazilian targeted apps,

, ,
https://thehackernews.com/2022/12/beware-cybercriminals-launch-new.html

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War,

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war.
The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that’s attributed to Russia’s Federal Security Service (FSB).
Gamaredon,

,

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war.
The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that’s attributed to Russia’s Federal Security Service (FSB).
Gamaredon,

, ,
https://thehackernews.com/2022/12/russian-hackers-target-major-petroleum.html

A Guide to Efficient Patch Management with Action1

A Guide to Efficient Patch Management with Action1,

It’s no secret that keeping software up to date is one of the key best practices in cybersecurity. Software vulnerabilities are being discovered almost weekly these days. The longer it takes IT teams to apply updates issued by developers to patch these security flaws, the more time attackers have to exploit the underlying vulnerability. Once threat actors gain access to corporate IT ecosystems,

,

It’s no secret that keeping software up to date is one of the key best practices in cybersecurity. Software vulnerabilities are being discovered almost weekly these days. The longer it takes IT teams to apply updates issued by developers to patch these security flaws, the more time attackers have to exploit the underlying vulnerability. Once threat actors gain access to corporate IT ecosystems,

, ,
https://thehackernews.com/2022/12/a-guide-to-efficient-patch-management.html

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service,

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as

,

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as

, ,
https://thehackernews.com/2022/12/kmsdbot-botnet-suspected-of-being-used.html

Plus de 350 cryptos frauduleuses inondent le marché chaque jour

Plus de 350 cryptos frauduleuses inondent le marché chaque jour,

crypto blanchiment d'argent

Une quantité record de crypto-arnaques a vu le jour en 2022. D’après une enquête, le nombre de cryptomonnaies frauduleuses, uniquement destinées à piéger les investisseurs, augmente d’année en année.

,

crypto blanchiment d'argent

Une quantité record de crypto-arnaques a vu le jour en 2022. D’après une enquête, le nombre de cryptomonnaies frauduleuses, uniquement destinées à piéger les investisseurs, augmente d’année en année.

, ,
https://www.01net.com/actualites/plus-de-350-cryptos-frauduleuses-inondent-le-marche-chaque-jour.html

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

,

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game.
To that end, the company will pay a record $275 million monetary penalty for breaching the Children’s Online Privacy Protection Act (COPPA) by

,

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game.
To that end, the company will pay a record $275 million monetary penalty for breaching the Children’s Online Privacy Protection Act (COPPA) by

, ,
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems,

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic

,

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic

, ,
https://thehackernews.com/2022/12/microsoft-details-gatekeeper-bypass.html