15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks

15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks

,

A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code.
« An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would allow the attacker

,

A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code.
« An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would allow the attacker

, ,
https://thehackernews.com/2022/04/15-year-old-bug-in-pear-php-repository.html

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group,

The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang.
« Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false

,

The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang.
« Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false

, ,
https://thehackernews.com/2022/04/british-police-charge-two-teenagers.html

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts,

DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts.
Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have been discovered internally by the GitLab team.
<!–adsense–>
« A hardcoded password was set for accounts registered using an 

,

DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts.
Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have been discovered internally by the GitLab team.
<!–adsense–>
« A hardcoded password was set for accounts registered using an 

, ,
https://thehackernews.com/2022/04/gitlab-releases-patch-for-critical.html

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems,

The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne.
The findings come as the U.S. telecom company disclosed that it was the target of a multifaceted and deliberate » cyberattack against

,

The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne.
The findings come as the U.S. telecom company disclosed that it was the target of a multifaceted and deliberate » cyberattack against

, ,
https://thehackernews.com/2022/04/russian-wiper-malware-responsible-for.html

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code,

Two new security vulnerabilities have been disclosed in Rockwell Automation’s programmable logic controllers (PLCs) and engineering workstation software that could be exploited by an attacker to inject malicious code on affected systems and stealthily modify automation processes.
The flaws have the potential to disrupt industrial operations and cause physical damage to factories in a manner

,

Two new security vulnerabilities have been disclosed in Rockwell Automation’s programmable logic controllers (PLCs) and engineering workstation software that could be exploited by an attacker to inject malicious code on affected systems and stealthily modify automation processes.
The flaws have the potential to disrupt industrial operations and cause physical damage to factories in a manner

, ,
https://thehackernews.com/2022/04/critical-bugs-in-rockwell-plc-could.html

Le piratage d’Okta par Lapsus$ a été… une vraie promenade de santé

Le piratage d’Okta par Lapsus$ a été… une vraie promenade de santé,

Un chercheur en sécurité a mis la main sur un rapport forensique qui montre que les pirates sont rentrés comme dans du beurre.

,

Un chercheur en sécurité a mis la main sur un rapport forensique qui montre que les pirates sont rentrés comme dans du beurre.

, ,
https://www.01net.com/actualites/le-piratage-d-okta-par-lapsusdollar-a-ete-une-vraie-promenade-de-sante-2055696.html

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit,

A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data.
« The nature of targeting was opportunistic insofar that multiple infections in several countries and various sectors occurred on the same dates, » said 

,

A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data.
« The nature of targeting was opportunistic insofar that multiple infections in several countries and various sectors occurred on the same dates, » said 

, ,
https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

,

Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets.
To ensure cybersecurity providers are battle ready, MITRE Engenuity uses

,

Threat actor groups like Wizard Spider and Sandworm have been wreaking havoc over the past few years – developing and deploying cybercrime tools like Conti, Trickbot, and Ryuk ransomware. Most recently, Sandworm (suspected to be a Russian cyber-military unit) unleashed cyberattacks against Ukranian infrastructure targets.
To ensure cybersecurity providers are battle ready, MITRE Engenuity uses

, ,
https://thehackernews.com/2022/04/results-overview-2022-mitre-att.html

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims’ Crypto

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims’ Crypto

,

The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems.
The app, which is equipped with functionalities to save and manage a cryptocurrency wallet, is also designed

,

The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems.
The app, which is equipped with functionalities to save and manage a cryptocurrency wallet, is also designed

, ,
https://thehackernews.com/2022/04/north-korean-hackers-distributing.html

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices,

Networking equipment maker Zyxel has pushed security updates for a critical vulnerability affecting some of its business firewall and VPN products that could enable an attacker to take control of the devices.
« An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions, » the company said in an advisory

,

Networking equipment maker Zyxel has pushed security updates for a critical vulnerability affecting some of its business firewall and VPN products that could enable an attacker to take control of the devices.
« An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions, » the company said in an advisory

, ,
https://thehackernews.com/2022/03/zyxel-releases-patches-for-critical-bug.html