KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service,

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as

,

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered to other threat actors.
This is based on the different industries and geographies that were attacked, web infrastructure company Akamai said. Among the notable targets included FiveM and RedM, which are game modifications for Grand Theft Auto V and Red Dead Redemption 2, as well as

, ,
https://thehackernews.com/2022/12/kmsdbot-botnet-suspected-of-being-used.html

Plus de 350 cryptos frauduleuses inondent le marché chaque jour

Plus de 350 cryptos frauduleuses inondent le marché chaque jour,

crypto blanchiment d'argent

Une quantité record de crypto-arnaques a vu le jour en 2022. D’après une enquête, le nombre de cryptomonnaies frauduleuses, uniquement destinées à piéger les investisseurs, augmente d’année en année.

,

crypto blanchiment d'argent

Une quantité record de crypto-arnaques a vu le jour en 2022. D’après une enquête, le nombre de cryptomonnaies frauduleuses, uniquement destinées à piéger les investisseurs, augmente d’année en année.

, ,
https://www.01net.com/actualites/plus-de-350-cryptos-frauduleuses-inondent-le-marche-chaque-jour.html

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

,

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game.
To that end, the company will pay a record $275 million monetary penalty for breaching the Children’s Online Privacy Protection Act (COPPA) by

,

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game.
To that end, the company will pay a record $275 million monetary penalty for breaching the Children’s Online Privacy Protection Act (COPPA) by

, ,
https://thehackernews.com/2022/12/ftc-fines-fortnite-maker-epic-games-275.html

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems,

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic

,

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications.
The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic

, ,
https://thehackernews.com/2022/12/microsoft-details-gatekeeper-bypass.html

Mettez à jour votre Mac, Microsoft a trouvé une faille critique sur macOS

Mettez à jour votre Mac, Microsoft a trouvé une faille critique sur macOS,

macbook

Microsoft a trouvé un bug touchant macOS qui permet aux logiciels malveillants de contourner les contrôles de sécurité du système d’exploitation d’Apple. Nous vous recommandons vivement de mettre à jour votre Mac pour appliquer le correctif.

,

macbook

Microsoft a trouvé un bug touchant macOS qui permet aux logiciels malveillants de contourner les contrôles de sécurité du système d’exploitation d’Apple. Nous vous recommandons vivement de mettre à jour votre Mac pour appliquer le correctif.

, ,
https://www.01net.com/actualites/mettez-a-jour-votre-mac-microsoft-a-trouve-une-faille-critique-sur-macos.html

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data,

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak.
The package, named SentinelOne and now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen

,

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak.
The package, named SentinelOne and now taken down, is said to have been published between December 8 and 11, 2022, with nearly two dozen

, ,
https://thehackernews.com/2022/12/researchers-discover-malicious-pypi.html

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

,

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and « upscaled » campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. « In addition, there was a tenfold increase in TOR hidden services being used as C2 servers

,

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed and « upscaled » campaign, months after Google disrupted the malicious activity.
The ongoing attack is suggestive of the malware’s resilience in the face of takedowns, cybersecurity company Nozomi Networks said in a write-up. « In addition, there was a tenfold increase in TOR hidden services being used as C2 servers

, ,
https://thehackernews.com/2022/12/glupteba-botnet-continues-to-thrive.html

Cybercrime (and Security) Predictions for 2023

Cybercrime (and Security) Predictions for 2023,

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it’s up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. 
Here’s a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead. 
Increase in digital supply chain attacks 
With the

,

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it’s up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs. 
Here’s a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead. 
Increase in digital supply chain attacks 
With the

, ,
https://thehackernews.com/2022/12/cybercrime-and-security-predictions-for.html

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure,

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx.
Agenda, attributed to an operator named Qilin, is a ransomware-as-a-service (RaaS) group that has been linked to a spate of attacks primarily targeting manufacturing and IT industries across

,

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx.
Agenda, attributed to an operator named Qilin, is a ransomware-as-a-service (RaaS) group that has been linked to a spate of attacks primarily targeting manufacturing and IT industries across

, ,
https://thehackernews.com/2022/12/new-agenda-ransomware-variant-written.html

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India,

Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages.
The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries.
« The global

,

Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages.
The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S. and India, that targeted individuals in about 200 countries.
« The global

, ,
https://thehackernews.com/2022/12/facebook-cracks-down-on-spyware-vendors.html