U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide

U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide,

The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond.
« The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy Sector networks, deployed

,

The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond.
« The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy Sector networks, deployed

, ,
https://thehackernews.com/2022/03/us-charges-4-russian-govt-employees.html

7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K.

7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K.,

The City of London Police has arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang that’s linked to a recent burst of attacks targeting NVIDIA, Samsung, Ubisoft, LG, Microsoft, and Okta.
« The City of London Police has been conducting an investigation with its partners into members of a hacking group, » Detective Inspector,

,

The City of London Police has arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang that’s linked to a recent burst of attacks targeting NVIDIA, Samsung, Ubisoft, LG, Microsoft, and Okta.
« The City of London Police has been conducting an investigation with its partners into members of a hacking group, » Detective Inspector,

, ,
https://thehackernews.com/2022/03/7-suspected-members-of-lapsus-hacker.html

Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users

Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users,

Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds.
« These malicious apps were able to steal victims’ secret seed phrases by impersonating Coinbase, imToken, MetaMask, Trust Wallet, Bitpie, TokenPocket, or OneKey, » said Lukáš Štefanko

,

Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds.
« These malicious apps were able to steal victims’ secret seed phrases by impersonating Coinbase, imToken, MetaMask, Trust Wallet, Bitpie, TokenPocket, or OneKey, » said Lukáš Štefanko

, ,
https://thehackernews.com/2022/03/experts-uncover-campaign-stealing.html

North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms

North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms,

Google’s Threat Analysis Group (TAG) on Thursday disclosed that it acted to mitigate threats from two distinct government-backed attacker groups based in North Korea that exploited a recently-uncovered remote code execution flaw in the Chrome web browser.
The campaigns, once again « reflective of the regime’s immediate concerns and priorities, » are said to have targeted U.S. based organizations

,

Google’s Threat Analysis Group (TAG) on Thursday disclosed that it acted to mitigate threats from two distinct government-backed attacker groups based in North Korea that exploited a recently-uncovered remote code execution flaw in the Chrome web browser.
The campaigns, once again « reflective of the regime’s immediate concerns and priorities, » are said to have targeted U.S. based organizations

, ,
https://thehackernews.com/2022/03/north-korean-hackers-exploited-chrome.html

23-Year-Old Russian Hacker Wanted by FBI for Running Marketplace of Stolen Logins

23-Year-Old Russian Hacker Wanted by FBI for Running Marketplace of Stolen Logins,

A 23-year-old Russian national has been indicted in the U.S. and added to the Federal Bureau of Investigation’s (FBI) Cyber Most Wanted List for his alleged role as the administrator of Marketplace A, a cyber crime forum that sold stolen login credentials, personal information, and credit card data.
Igor Dekhtyarchuk, who first appeared in hacker forums in 2013 under the alias « floraby, » has

,

A 23-year-old Russian national has been indicted in the U.S. and added to the Federal Bureau of Investigation’s (FBI) Cyber Most Wanted List for his alleged role as the administrator of Marketplace A, a cyber crime forum that sold stolen login credentials, personal information, and credit card data.
Igor Dekhtyarchuk, who first appeared in hacker forums in 2013 under the alias « floraby, » has

, ,
https://thehackernews.com/2022/03/23-year-old-russian-hacker-wanted-by.html

Chinese APT Hackers Targeting Betting Companies in Southeast Asia

Chinese APT Hackers Targeting Betting Companies in Southeast Asia,

A Chinese-speaking advanced persistent threat (APT) has been linked to a new campaign targeting gambling-related companies in South East Asia, particularly Taiwan, the Philippines, and Hong Kong.
Cybersecurity firm Avast dubbed the campaign Operation Dragon Castling, describing its malware arsenal as a « robust and modular toolset. » The ultimate motives of the threat actor are not immediately

,

A Chinese-speaking advanced persistent threat (APT) has been linked to a new campaign targeting gambling-related companies in South East Asia, particularly Taiwan, the Philippines, and Hong Kong.
Cybersecurity firm Avast dubbed the campaign Operation Dragon Castling, describing its malware arsenal as a « robust and modular toolset. » The ultimate motives of the threat actor are not immediately

, ,
https://thehackernews.com/2022/03/chinese-apt-hackers-targeting-betting.html

How to Build a Custom Malware Analysis Sandbox

How to Build a Custom Malware Analysis Sandbox,

Before hunting malware, every researcher needs to find a system where to analyze it. There are several ways to do it: build your own environment or use third-party solutions. Today we will walk through all the steps of creating a custom malware sandbox where you can perform a proper analysis without infecting your computer. And then compare it with a ready-made service.
Why do you need a malware

,

Before hunting malware, every researcher needs to find a system where to analyze it. There are several ways to do it: build your own environment or use third-party solutions. Today we will walk through all the steps of creating a custom malware sandbox where you can perform a proper analysis without infecting your computer. And then compare it with a ready-made service.
Why do you need a malware

, ,
https://thehackernews.com/2022/03/how-to-build-custom-malware-analysis.html

Le cerveau du terrible groupe Lapsus$ serait un ado anglais qui habite chez sa maman

Le cerveau du terrible groupe Lapsus$ serait un ado anglais qui habite chez sa maman,

Ses hacks seraient tellement rapides que les chercheurs en sécurité – qui l’ont pisté – pensaient qu’ils étaient automatisés. Son identification s’est appuyée sur la divulgation d’informations faites par des hackers rivaux.

,

Ses hacks seraient tellement rapides que les chercheurs en sécurité – qui l’ont pisté – pensaient qu’ils étaient automatisés. Son identification s’est appuyée sur la divulgation d’informations faites par des hackers rivaux.

, ,
https://www.01net.com/actualites/le-cerveau-du-terrible-groupe-lapsusdollar-serait-un-ado-anglais-qui-habite-chez-sa-maman-2055634.html

Researchers Trace LAPSUS$ Cyber Attacks to 16-Year-Old Hacker from England

Researchers Trace LAPSUS$ Cyber Attacks to 16-Year-Old Hacker from England,

Authentication services provider Okta on Wednesday named Sitel as the third-party linked to a security incident experienced by the company in late January that allowed the LAPSUS$ extortion gang to remotely take over an internal account belonging to a customer support engineer.
The company added that 366 corporate customers, or about 2.5% of its customer base, may have been impacted by the « 

,

Authentication services provider Okta on Wednesday named Sitel as the third-party linked to a security incident experienced by the company in late January that allowed the LAPSUS$ extortion gang to remotely take over an internal account belonging to a customer support engineer.
The company added that 366 corporate customers, or about 2.5% of its customer base, may have been impacted by the « 

, ,
https://thehackernews.com/2022/03/researchers-trace-lapsus-cyber-attacks.html

Over 200 Malicious NPM Packages Caught Targeting Azure Developers

Over 200 Malicious NPM Packages Caught Targeting Azure Developers,

A new large scale supply chain attack has been observed targeting Azure developers with no less than 218 malicious NPM packages with the goal of stealing personal identifiable information.
« After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure NPM scope, by an attacker that employed an automatic script to create accounts

,

A new large scale supply chain attack has been observed targeting Azure developers with no less than 218 malicious NPM packages with the goal of stealing personal identifiable information.
« After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure NPM scope, by an attacker that employed an automatic script to create accounts

, ,
https://thehackernews.com/2022/03/over-200-malicious-npm-packages-caught.html