Les États-Unis voient Kaspersky comme une menace pour leur sécurité nationale

Les États-Unis voient Kaspersky comme une menace pour leur sécurité nationale,

L’éditeur est la première entreprise non chinoise à rejoindre une liste qui épingle des fournisseurs high-tech pour les « risques inacceptables » qu’ils représentent. Un coup fatal pour son image de marque.

,

L’éditeur est la première entreprise non chinoise à rejoindre une liste qui épingle des fournisseurs high-tech pour les « risques inacceptables » qu’ils représentent. Un coup fatal pour son image de marque.

, ,
https://www.01net.com/actualites/les-etats-unis-voient-kaspersky-comme-une-menace-pour-leur-securite-nationale-2055686.html

Privid: A Privacy-Preserving Surveillance Video Analytics System

Privid: A Privacy-Preserving Surveillance Video Analytics System,

A group of academics has designed a new system known as « Privid » that enables video analytics in a privacy-preserving manner to combat concerns with invasive tracking.
« We’re at a stage right now where cameras are practically ubiquitous. If there’s a camera on every street corner, every place you go, and if someone could actually process all of those videos in aggregate, you can imagine that

,

A group of academics has designed a new system known as « Privid » that enables video analytics in a privacy-preserving manner to combat concerns with invasive tracking.
« We’re at a stage right now where cameras are practically ubiquitous. If there’s a camera on every street corner, every place you go, and if someone could actually process all of those videos in aggregate, you can imagine that

, ,
https://thehackernews.com/2022/03/privid-privacy-preserving-surveillance.html

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation,

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks.
The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and older. It relates to an authentication bypass vulnerability in the User Portal

,

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks.
The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and older. It relates to an authentication bypass vulnerability in the User Portal

, ,
https://thehackernews.com/2022/03/critical-sophos-firewall-rce.html

New Malware Loader ‘Verblecon’ Infects Hacked PCs with Cryptocurrency Miners

New Malware Loader ‘Verblecon’ Infects Hacked PCs with Cryptocurrency Miners

,

An unidentified threat actor has been observed employing a « complex and powerful » malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems and potentially facilitating the theft of Discord tokens.
« The evidence found on victim networks appears to indicate that the goal of the attacker was to install cryptocurrency mining software on victim machines, »

,

An unidentified threat actor has been observed employing a « complex and powerful » malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems and potentially facilitating the theft of Discord tokens.
« The evidence found on victim networks appears to indicate that the goal of the attacker was to install cryptocurrency mining software on victim machines, »

, ,
https://thehackernews.com/2022/03/new-malware-loader-verblecon-infects.html

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation,

Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an « advanced multi-layered virtual machine » used by the malware to fly under the radar.
Wslink, as the malicious loader is called, was first documented by Slovak cybersecurity company ESET in October 2021, with very few telemetry hits

,

Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an « advanced multi-layered virtual machine » used by the malware to fly under the radar.
Wslink, as the malicious loader is called, was first documented by Slovak cybersecurity company ESET in October 2021, with very few telemetry hits

, ,
https://thehackernews.com/2022/03/experts-detail-virtual-machine-used-by.html

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages,

A threat actor dubbed « RED-LILI » has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules.
« Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks, » Israeli security company Checkmarx said. « As it seems this time, the attacker has fully-automated the process

,

A threat actor dubbed « RED-LILI » has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules.
« Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks, » Israeli security company Checkmarx said. « As it seems this time, the attacker has fully-automated the process

, ,
https://thehackernews.com/2022/03/a-threat-actor-dubbed-red-lili-has-been.html

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware,

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers.
« The emails use a social engineering technique of conversation hijacking (also known as thread hijacking), » Israeli company Intezer said in a report shared with

,

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers.
« The emails use a social engineering technique of conversation hijacking (also known as thread hijacking), » Israeli company Intezer said in a report shared with

, ,
https://thehackernews.com/2022/03/hackers-hijack-email-reply-chains-on.html

Of Cybercriminals and IP Addresses

Of Cybercriminals and IP Addresses,

You don’t like having the FBI knocking on your door at 6 am in the morning. Surprisingly, nor does your usual cybercriminal. That is why they hide (at least the good ones), for example, behind layers of proxies, VPNs, or TOR nodes.
Their IP address will never be exposed directly to the target’s machine. Cybercriminals will always use third-party IP addresses to deliver their attacks.
There are

,

You don’t like having the FBI knocking on your door at 6 am in the morning. Surprisingly, nor does your usual cybercriminal. That is why they hide (at least the good ones), for example, behind layers of proxies, VPNs, or TOR nodes.
Their IP address will never be exposed directly to the target’s machine. Cybercriminals will always use third-party IP addresses to deliver their attacks.
There are

, ,
https://thehackernews.com/2022/03/of-cybercriminals-and-ip-addresses.html

Google corrige en urgence une faille zero-day dans Chrome

Google corrige en urgence une faille zero-day dans Chrome,

Un bug dans le moteur JavaScript est exploité de manière active par des hackers. Il est recommandé de mettre immédiatement à jour le navigateur.

,

Un bug dans le moteur JavaScript est exploité de manière active par des hackers. Il est recommandé de mettre immédiatement à jour le navigateur.

, ,
https://www.01net.com/actualites/google-corrige-en-urgence-une-faille-zero-day-dans-chrome-2055675.html

‘Purple Fox’ Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

‘Purple Fox’ Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

,

The operators of the Purple Fox malware have retooled their malware arsenal with a new variant of a remote access trojan called FatalRAT, while also simultaneously upgrading their evasion mechanisms to bypass security software.
« Users’ machines are targeted via trojanized software packages masquerading as legitimate application installers, » Trend Micro researchers said in a report published on

,

The operators of the Purple Fox malware have retooled their malware arsenal with a new variant of a remote access trojan called FatalRAT, while also simultaneously upgrading their evasion mechanisms to bypass security software.
« Users’ machines are targeted via trojanized software packages masquerading as legitimate application installers, » Trend Micro researchers said in a report published on

, ,
https://thehackernews.com/2022/03/purple-fox-hackers-spotted-using-new.html