Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer,

Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer.
« The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22, » software supply chain

,

Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer.
« The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22, » software supply chain

, ,
https://thehackernews.com/2022/11/researchers-uncover-29-malicious-pypi.html

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities,

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments.
The tech giant, in its 114-page Digital Defense Report, said it has « observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability, » making it imperative that

,

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments.
The tech giant, in its 114-page Digital Defense Report, said it has « observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability, » making it imperative that

, ,
https://thehackernews.com/2022/11/microsoft-warns-of-uptick-in-hackers.html

Researchers Detail New Malware Campaign Targeting Indian Government Employees

Researchers Detail New Malware Campaign Targeting Indian Government Employees,

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach.
« This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications, » Zscaler ThreatLabz researcher Sudeep Singh said 

,

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach.
« This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications, » Zscaler ThreatLabz researcher Sudeep Singh said 

, ,
https://thehackernews.com/2022/11/researchers-detail-new-malware-campaign.html

Your OT Is No Longer Isolated: Act Fast to Protect It

Your OT Is No Longer Isolated: Act Fast to Protect It,

Not too long ago, there was a clear separation between the operational technology (OT) that drives the physical functions of a company – on the factory floor, for example – and the information technology (IT) that manages a company’s data to enable management and planning. 
As IT assets became increasingly connected to the outside world via the internet, OT remained isolated from IT – and the

,

Not too long ago, there was a clear separation between the operational technology (OT) that drives the physical functions of a company – on the factory floor, for example – and the information technology (IT) that manages a company’s data to enable management and planning. 
As IT assets became increasingly connected to the outside world via the internet, OT remained isolated from IT – and the

, ,
https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation.
Prominent among them is a set of three flaws affecting ETIC Telecom’s Remote Access Server (RAS), which « could allow an attacker to obtain sensitive information and

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation.
Prominent among them is a set of three flaws affecting ETIC Telecom’s Remote Access Server (RAS), which « could allow an attacker to obtain sensitive information and

, ,
https://thehackernews.com/2022/11/cisa-warns-of-critical-vulnerabilities.html

Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers

Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers,

A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group.
This link « could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups, » cybersecurity firm SentinelOne said in a technical write-up shared with The Hacker News.
Black

,

A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group.
This link « could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups, » cybersecurity firm SentinelOne said in a technical write-up shared with The Hacker News.
Black

, ,
https://thehackernews.com/2022/11/researchers-find-links-bw-black-basta.html

Why Identity & Access Management Governance is a Core Part of Your SaaS Security

Why Identity & Access Management Governance is a Core Part of Your SaaS Security

,

Every SaaS app user and login is a potential threat; whether it’s bad actors or potential disgruntled former associates, identity management and access control is crucial to prevent unwanted or mistaken entrances to the organization’s data and systems. 
Since enterprises have thousands to tens of thousands of users, and hundreds to thousands of different apps, ensuring each entrance point and

,

Every SaaS app user and login is a potential threat; whether it’s bad actors or potential disgruntled former associates, identity management and access control is crucial to prevent unwanted or mistaken entrances to the organization’s data and systems. 
Since enterprises have thousands to tens of thousands of users, and hundreds to thousands of different apps, ensuring each entrance point and

, ,
https://thehackernews.com/2022/11/why-identity-access-management.html

OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa

OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa,

A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022.
According to Singapore-headquartered cybersecurity company Group-IB, the attacks have led to thefts totaling $11 million, with actual damages estimated to be as

,

A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022.
According to Singapore-headquartered cybersecurity company Group-IB, the attacks have led to thefts totaling $11 million, with actual damages estimated to be as

, ,
https://thehackernews.com/2022/11/researchers-detail-opera1er-apt-attacks.html

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT,

The operators of RomCom RAT are continuing to evolve their campaigns with rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro.
Targets of the operation consist of victims in Ukraine and select English-speaking countries like the U.K.
« Given the geography of the targets and the current geopolitical situation, it’s unlikely that

,

The operators of RomCom RAT are continuing to evolve their campaigns with rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro.
Targets of the operation consist of victims in Ukraine and select English-speaking countries like the U.K.
« Given the geography of the targets and the current geopolitical situation, it’s unlikely that

, ,
https://thehackernews.com/2022/11/hackers-using-rogue-versions-of-keepass.html

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data

,

Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China.
The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee

,

Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China.
The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee

, ,
https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html