New Python-based Ransomware Targeting JupyterLab Web Notebooks

New Python-based Ransomware Targeting JupyterLab Web Notebooks,

Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser.
« The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path on the

,

Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser.
« The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path on the

, ,
https://thehackernews.com/2022/03/new-python-based-ransomware-targeting.html

Hackers Increasingly Using ‘Browser-in-the-Browser’ Technique in Ukraine Related Attacks

Hackers Increasingly Using ‘Browser-in-the-Browser’ Technique in Ukraine Related Attacks

,

A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict.
The method, which masquerades as a legitimate domain by simulating a browser window within the browser, makes it possible to mount convincing social

,

A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict.
The method, which masquerades as a legitimate domain by simulating a browser window within the browser, makes it possible to mount convincing social

, ,
https://thehackernews.com/2022/03/hackers-increasingly-using-browser-in.html

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security,

A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account.
According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit (JDK) versions 9 and later and is a bypass for another

,

A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account.
According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit (JDK) versions 9 and later and is a bypass for another

, ,
https://thehackernews.com/2022/03/unpatched-java-spring-framework-0-day.html

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices,

Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library.
« An infinite loop vulnerability in OpenSSL has been reported to affect certain QNAP NAS, » the company said in an advisory published on March 29, 2022. « If exploited, the vulnerability allows

,

Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library.
« An infinite loop vulnerability in OpenSSL has been reported to affect certain QNAP NAS, » the company said in an advisory published on March 29, 2022. « If exploited, the vulnerability allows

, ,
https://thehackernews.com/2022/03/qnap-warns-of-openssl-infinite-loop.html

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread,

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets.
« Mars Stealer is being distributed via social engineering techniques, malspam campaigns, malicious software cracks, and keygens, » Morphisec malware researcher Arnold Osipov said in a report

,

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets.
« Mars Stealer is being distributed via social engineering techniques, malspam campaigns, malicious software cracks, and keygens, » Morphisec malware researcher Arnold Osipov said in a report

, ,
https://thehackernews.com/2022/03/researchers-expose-mars-stealer-malware.html

Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles,

A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what’s called a replay attack.
The attack is made possible, thanks to a vulnerability in its remote keyless system (CVE-2022-27254) that affects Honda Civic LX, EX, EX-L, Touring, Si, and Type R models manufactured

,

A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what’s called a replay attack.
The attack is made possible, thanks to a vulnerability in its remote keyless system (CVE-2022-27254) that affects Honda Civic LX, EX, EX-L, Touring, Si, and Type R models manufactured

, ,
https://thehackernews.com/2022/03/hondas-keyless-access-bug-could-let.html

Improve Your Hacking Skills with 9 Python Courses for Just $39

Improve Your Hacking Skills with 9 Python Courses for Just $39,

For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests. It also has a use in the “soft” side of cybersecurity — like scraping the web for compromised data and detecting bugs. 
Featuring nine full-length video courses, The Complete 2022 Python Programmer Bundle helps you

,

For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests. It also has a use in the “soft” side of cybersecurity — like scraping the web for compromised data and detecting bugs. 
Featuring nine full-length video courses, The Complete 2022 Python Programmer Bundle helps you

, ,
https://thehackernews.com/2022/03/improve-your-hacking-skills-with-9.html

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data,

The LAPSUS$ data extortion gang announced their return on Telegram after a week-long « vacation, » leaking what they claim is data from software services company Globant.
« We are officially back from a vacation, » the group wrote on their Telegram channel – which has nearly around 54,000 members as of writing – posting images of extracted data and credentials belonging to the company’s DevOps

,

The LAPSUS$ data extortion gang announced their return on Telegram after a week-long « vacation, » leaking what they claim is data from software services company Globant.
« We are officially back from a vacation, » the group wrote on their Telegram channel – which has nearly around 54,000 members as of writing – posting images of extracted data and credentials belonging to the company’s DevOps

, ,
https://thehackernews.com/2022/03/lapsus-claims-to-have-breached-it-firm.html

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are jointly warning of attacks against internet-connected uninterruptible power supply (UPS) devices by means of default usernames and passwords.
« Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are jointly warning of attacks against internet-connected uninterruptible power supply (UPS) devices by means of default usernames and passwords.
« Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are

, ,
https://thehackernews.com/2022/03/cisa-warns-of-ongoing-cyber-attacks.html

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances,

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition.
Tracked as CVE-2022-22274 (CVSS score: 9.4), the issue has been described as a stack-based buffer overflow in the web management interface of SonicOS that

,

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition.
Tracked as CVE-2022-22274 (CVSS score: 9.4), the issue has been described as a stack-based buffer overflow in the web management interface of SonicOS that

, ,
https://thehackernews.com/2022/03/critical-sonicos-vulnerability-affects.html