Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelines

Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelines,

A case of software supply chain attack has been observed in the Rust programming language’s crate registry that leveraged typosquatting techniques to publish a rogue library containing malware.
Cybersecurity firm SentinelOne dubbed the attack « CrateDepression. »
Typosquatting attacks take place when an adversary mimics the name of a popular package on a public registry in hopes that developers

,

A case of software supply chain attack has been observed in the Rust programming language’s crate registry that leveraged typosquatting techniques to publish a rogue library containing malware.
Cybersecurity firm SentinelOne dubbed the attack « CrateDepression. »
Typosquatting attacks take place when an adversary mimics the name of a popular package on a public registry in hopes that developers

, ,
https://thehackernews.com/2022/05/researchers-uncover-rust-supply-chain.html

Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor

Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor,

The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart.
« The attacker used the Log4j vulnerability on VMware Horizon products that were not applied with the security patch, » AhnLab Security Emergency Response Center (ASEC) said in a

,

The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart.
« The attacker used the Log4j vulnerability on VMware Horizon products that were not applied with the security patch, » AhnLab Security Emergency Response Center (ASEC) said in a

, ,
https://thehackernews.com/2022/05/hackers-exploiting-vmware-horizon-to.html

Hackers Trick Users with Fake Windows 11 Downloads to Distribute Vidar Malware

Hackers Trick Users with Fake Windows 11 Downloads to Distribute Vidar Malware,

Fraudulent domains masquerading as Microsoft’s Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems with the Vidar information stealer malware.
« The spoofed sites were created to distribute malicious ISO files which lead to a Vidar info-stealer infection on the endpoint, » Zscaler said in a report. « These variants of Vidar malware

,

Fraudulent domains masquerading as Microsoft’s Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems with the Vidar information stealer malware.
« The spoofed sites were created to distribute malicious ISO files which lead to a Vidar info-stealer infection on the endpoint, » Zscaler said in a report. « These variants of Vidar malware

, ,
https://thehackernews.com/2022/05/hackers-trick-users-with-fake-windows.html

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks

QNAP Urges Users to Update NAS Devices to Prevent Deadbolt Ransomware Attacks,

Taiwanese network-attached storage (NAS) devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks.
The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security incident response team. 
« QNAP urges all NAS users to check and update QTS to the latest version as

,

Taiwanese network-attached storage (NAS) devices maker QNAP on Thursday warned its customers of a fresh wave of DeadBolt ransomware attacks.
The intrusions are said to have targeted TS-x51 series and TS-x53 series appliances running on QTS 4.3.6 and QTS 4.4.1, according to its product security incident response team. 
« QNAP urges all NAS users to check and update QTS to the latest version as

, ,
https://thehackernews.com/2022/05/qnap-urges-users-to-update-nas-devices.html

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars,

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.
The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.
<!-

,

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas.
The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range.
<!-

, ,
https://thehackernews.com/2022/05/new-bluetooth-hack-could-let-attackers.html

7 Key Findings from the 2022 SaaS Security Survey Report

7 Key Findings from the 2022 SaaS Security Survey Report,

The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today’s enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to secure themselves.
Demographics
The

,

The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today’s enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to secure themselves.
Demographics
The

, ,
https://thehackernews.com/2022/05/7-key-findings-from-2022-saas-security.html

High-Severity Bug Reported in Google’s OAuth Client Library for Java

High-Severity Bug Reported in Google’s OAuth Client Library for Java

,

Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads.
Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature.

,

Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads.
Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature.

, ,
https://thehackernews.com/2022/05/high-severity-bug-reported-in-googles.html

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit

Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit,

A new research published by academics from KU Leuven, Radboud University, and the University of Lausanne has revealed that users’ email addresses are exfiltrated to tracking, marketing, and analytics domains before such is submitted and without prior consent.
The study involved crawling 2.8 million pages from the top 100 websites, and found that as many as 1,844 websites allowed trackers to

,

A new research published by academics from KU Leuven, Radboud University, and the University of Lausanne has revealed that users’ email addresses are exfiltrated to tracking, marketing, and analytics domains before such is submitted and without prior consent.
The study involved crawling 2.8 million pages from the top 100 websites, and found that as many as 1,844 websites allowed trackers to

, ,
https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html

VMware Releases Patches for New Vulnerabilities Affecting Multiple Products

VMware Releases Patches for New Vulnerabilities Affecting Multiple Products,

VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks.
The first of the two flaws, tracked as CVE-2022-22972 (CVSS score: 9.8), concerns an authentication bypass that could enable an actor with network access to the UI to gain administrative access without prior

,

VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks.
The first of the two flaws, tracked as CVE-2022-22972 (CVSS score: 9.8), concerns an authentication bypass that could enable an actor with network access to the UI to gain administrative access without prior

, ,
https://thehackernews.com/2022/05/vmware-releases-patches-for-new.html

How to Protect Your Data When Ransomware Strikes

How to Protect Your Data When Ransomware Strikes,

Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama.
Fast forward to today, affordable ransomware-as-a-service (RaaS) kits are available on the dark web for anyone to purchase and deploy and attackers have an infinite

,

Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama.
Fast forward to today, affordable ransomware-as-a-service (RaaS) kits are available on the dark web for anyone to purchase and deploy and attackers have an infinite

, ,
https://thehackernews.com/2022/05/how-to-protect-your-data-when.html