Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data

Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks.
« Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched,

,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks.
« Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched,

, ,
https://thehackernews.com/2022/06/log4shell-still-being-exploited-to-hack.html

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

NSO Confirms Pegasus Spyware Used by at least 5 European Countries,

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region.
« We’re trying to do the right thing and that’s more than other companies working in the industry, » Chaim Gelfand, the company’s general counsel and chief compliance officer, said, according to a report from Politico.

,

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region.
« We’re trying to do the right thing and that’s more than other companies working in the industry, » Chaim Gelfand, the company’s general counsel and chief compliance officer, said, according to a report from Politico.

, ,
https://thehackernews.com/2022/06/nso-confirms-pegasus-spyware-used-by-at.html

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation

,

When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report. 
The survey report,

,

When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report. 
The survey report,

, ,
https://thehackernews.com/2022/06/manual-vs-sspm-research-on-what.html

Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside

Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside,

A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign.
The novel loader, dubbed Nimbda, is « bundled with a Chinese language greyware ‘SMS Bomber’ tool that is most likely illegally distributed in the Chinese-speaking web, » Israeli cybersecurity

,

A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign.
The novel loader, dubbed Nimbda, is « bundled with a Chinese language greyware ‘SMS Bomber’ tool that is most likely illegally distributed in the Chinese-speaking web, » Israeli cybersecurity

, ,
https://thehackernews.com/2022/06/chinese-hackers-distributing-sms-bomber.html

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks,

QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Wednesday said it’s in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution.
« A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config, » the hardware vendor said in an

,

QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Wednesday said it’s in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution.
« A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config, » the hardware vendor said in an

, ,
https://thehackernews.com/2022/06/critical-php-vulnerability-exposes-qnap.html

Mega, le fameux site de stockage en ligne, est loin d’être aussi sécurisé qu’il n’y paraît

Mega, le fameux site de stockage en ligne, est loin d’être aussi sécurisé qu’il n’y paraît,

,

Stockage cloud Mega

Des chercheurs de l’Applied Cryptography Group de l’ETH Zurich ont dévoilé des preuves de concept qui montrent que des pirates peuvent parvenir à voler la clé RSA privée d’un utilisateur, pour ensuite accéder à ses données. Mega a réagi en conséquence avec une mise à jour de son application.

L’article Mega, le fameux site de stockage en ligne, est loin d’être aussi sécurisé qu’il n’y paraît est à retrouver sur 01net.com.

, ,
https://www.01net.com/actualites/des-chercheurs-en-securite-alertent-sur-des-failles-de-securite-dans-le-service-de-stockage-cloud-mega.html

Researchers Uncover Ways to Break the Encryption of ‘MEGA’ Cloud Storage Service

Researchers Uncover Ways to Break the Encryption of ‘MEGA’ Cloud Storage Service

,

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data.
In a paper titled « MEGA: Malleable Encryption Goes Awry, » the researchers point out how MEGA’s system does not protect its users against a malicious server, thereby enabling a

,

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data.
In a paper titled « MEGA: Malleable Encryption Goes Awry, » the researchers point out how MEGA’s system does not protect its users against a malicious server, thereby enabling a

, ,
https://thehackernews.com/2022/06/researchers-uncover-ways-to-break.html

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine,

The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the « Follina » flaw in the Windows operating system to deploy password-stealing malware.
Attributing the intrusions to a Russian nation-state group tracked as APT28 (aka Fancy Bear or Sofacy), the agency said the attacks commence with a lure document titled « Nuclear Terrorism

,

The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the « Follina » flaw in the Windows operating system to deploy password-stealing malware.
Attributing the intrusions to a Russian nation-state group tracked as APT28 (aka Fancy Bear or Sofacy), the agency said the attacks commence with a lure document titled « Nuclear Terrorism

, ,
https://thehackernews.com/2022/06/russian-hackers-exploiting-microsoft.html

Une ancienne ingénieure d’Amazon reconnue coupable du piratage massif de la banque Capital One

Une ancienne ingénieure d’Amazon reconnue coupable du piratage massif de la banque Capital One,

,

Capital One

Paige Thompson a dérobé les données de 106 millions de clients en 2019. Elle s’était servie des informations recueillies lorsqu’elle était ingénieure chez Amazon Web Services pour commettre son méfait.

L’article Une ancienne ingénieure d’Amazon reconnue coupable du piratage massif de la banque Capital One est à retrouver sur 01net.com.

, ,
https://www.01net.com/actualites/une-ancienne-ingenieure-damazon-reconnue-coupable-du-piratage-massif-de-la-banque-capital-one.html

Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign

Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign,

A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021.
To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — « scanalytic[.]org » and « js.staticounter[.]net » — are part of a broader infrastructure used to carry out the intrusions, Malwarebytes said in a Tuesday analysis

,

A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021.
To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — « scanalytic[.]org » and « js.staticounter[.]net » — are part of a broader infrastructure used to carry out the intrusions, Malwarebytes said in a Tuesday analysis

, ,
https://thehackernews.com/2022/06/newly-discovered-magecart.html