Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company

Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company,

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss prevention (DLP) company that caters to government and military entities.
« The attackers compromised the DLP company’s internal update servers to deliver malware inside the software developer’s network, and trojanized installers of legitimate tools used by the company, which

,

A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss prevention (DLP) company that caters to government and military entities.
« The attackers compromised the DLP company’s internal update servers to deliver malware inside the software developer’s network, and trojanized installers of legitimate tools used by the company, which

, ,
https://thehackernews.com/2023/03/tick-apt-targeted-high-value-customers.html

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack,

Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild.
Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant fixed in its Chromium-based Edge browser in recent weeks.
The

,

Microsoft’s Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild.
Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant fixed in its Chromium-based Edge browser in recent weeks.
The

, ,
https://thehackernews.com/2023/03/microsoft-rolls-out-patches-for-80-new.html

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks,

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet.
« GoBruteforcer chose a Classless Inter-Domain Routing (CIDR) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range, » Palo Alto Networks Unit 42 researchers said.
« The threat actor

,

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet.
« GoBruteforcer chose a Classless Inter-Domain Routing (CIDR) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range, » Palo Alto Networks Unit 42 researchers said.
« The threat actor

, ,
https://thehackernews.com/2023/03/gobruteforcer-new-golang-based-malware.html

The Prolificacy of LockBit Ransomware

The Prolificacy of LockBit Ransomware,

Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022.
LockBit ransomware was first discovered in September 2019 and was previously known as ABCD ransomware because of the « .abcd virus » extension first

,

Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022.
LockBit ransomware was first discovered in September 2019 and was previously known as ABCD ransomware because of the « .abcd virus » extension first

, ,
https://thehackernews.com/2023/03/the-prolificacy-of-lockbit-ransomware.html

Ransomware : attention, les pirates sont devenus impitoyables

Ransomware : attention, les pirates sont devenus impitoyables,

ransomware

Les pirates derrière les ransomwares sont devenus sans pitié. Pour exhorter leurs victimes à verser la rançon demandée, ils n’hésitent plus à partager des données très sensibles… concernant des enfants ou des malades.

,

ransomware

Les pirates derrière les ransomwares sont devenus sans pitié. Pour exhorter leurs victimes à verser la rançon demandée, ils n’hésitent plus à partager des données très sensibles… concernant des enfants ou des malades.

, ,
https://www.01net.com/actualites/ransomware-attention-les-pirates-sont-devenus-impitoyables.html

Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily,

An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale.
Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101.
An AiTM phishing attack typically involves a threat actor attempting to steal and intercept a target’s

,

An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale.
Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101.
An AiTM phishing attack typically involves a threat actor attempting to steal and intercept a target’s

, ,
https://thehackernews.com/2023/03/microsoft-warns-of-large-scale-use-of.html

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities,

Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption.
« The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets, » Fortinet researchers Guillaume Lovet and Alex Kong said in an

,

Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption.
« The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets, » Fortinet researchers Guillaume Lovet and Alex Kong said in an

, ,
https://thehackernews.com/2023/03/fortinet-fortios-flaw-exploited-in.html

Hack crypto : 197 millions de dollars volés grâce à une faille… et une tactique bien connue

Hack crypto : 197 millions de dollars volés grâce à une faille… et une tactique bien connue,

crypto blanchiment d'argent

Un nouveau piratage secoue le monde des cryptomonnaies. En exploitant une faille de sécurité passée inaperçue pendant huit mois, des hackers ont pu voler 197 millions de dollars en monnaies numériques.

,

crypto blanchiment d'argent

Un nouveau piratage secoue le monde des cryptomonnaies. En exploitant une faille de sécurité passée inaperçue pendant huit mois, des hackers ont pu voler 197 millions de dollars en monnaies numériques.

, ,
https://www.01net.com/actualites/hack-crypto-197-millions-dollars-voles-faille-tactique-bien-connue.html

Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects

Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects,

A widespread malicious cyber operation has hijacked thousands of websites aimed at East Asian audiences to redirect visitors to adult-themed content since early September 2022.
The ongoing campaign entails injecting malicious JavaScript code to the hacked websites, often connecting to the target web server using legitimate FTP credentials the threat actor previously obtained via an unknown

,

A widespread malicious cyber operation has hijacked thousands of websites aimed at East Asian audiences to redirect visitors to adult-themed content since early September 2022.
The ongoing campaign entails injecting malicious JavaScript code to the hacked websites, often connecting to the target web server using legitimate FTP credentials the threat actor previously obtained via an unknown

, ,
https://thehackernews.com/2023/03/large-scale-cyber-attack-hijacks-east.html

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising,

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware.
« By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus, » Guardio

,

A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware.
« By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus, » Guardio

, ,
https://thehackernews.com/2023/03/fake-chatgpt-chrome-extension-hijacking.html