Silentbob Campaign: Cloud-Native Environments Under Attack

Silentbob Campaign: Cloud-Native Environments Under Attack,

Cybersecurity researchers have unearthed an attack infrastructure that’s being used as part of a « potentially massive campaign » against cloud-native environments.
« This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials

,

Cybersecurity researchers have unearthed an attack infrastructure that’s being used as part of a « potentially massive campaign » against cloud-native environments.
« This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials

, ,
https://thehackernews.com/2023/07/silentbob-campaign-cloud-native.html

INTERPOL Nabs Hacking Crew OPERA1ER’s Leader Behind $11 Million Cybercrime

INTERPOL Nabs Hacking Crew OPERA1ER’s Leader Behind $11 Million Cybercrime

,

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced.
« The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 countries in Africa, Asia, and Latin America, » the agency said.

,

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced.
« The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 countries in Africa, Asia, and Latin America, » the agency said.

, ,
https://thehackernews.com/2023/07/interpol-nabs-hacking-crew-opera1ers.html

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors

RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors,

A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages.
The malware « possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for

,

A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages.
The malware « possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for

, ,
https://thehackernews.com/2023/07/redenergy-stealer-as-ransomware-threat.html

Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone

Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone,

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social stigma, or, at the very least, be embarrassing. In a developer’s or application security engineer’s professional life, the consequences of exposing secrets

,

Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren’t really secrets. In personal life, a secret revealed can damage relationships, lead to social stigma, or, at the very least, be embarrassing. In a developer’s or application security engineer’s professional life, the consequences of exposing secrets

, ,
https://thehackernews.com/2023/07/secrets-secrets-are-no-fun-secrets.html

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware,

The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation.
« A npm package’s manifest is published independently from its tarball, » Darcy Clarke, a former GitHub and npm engineering manager

,

The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation.
« A npm package’s manifest is published independently from its tarball, » Darcy Clarke, a former GitHub and npm engineering manager

, ,
https://thehackernews.com/2023/07/nodejs-users-beware-manifest-confusion.html

Instagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy Concerns

Instagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy Concerns

,

Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland’s Data Protection Commission (DPC).
The development was reported by the Irish Independent, which said the watchdog has been in contact with the social media giant about the new product and confirmed the release won’t extend to the E.U. « at this

,

Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland’s Data Protection Commission (DPC).
The development was reported by the Irish Independent, which said the watchdog has been in contact with the social media giant about the new product and confirmed the release won’t extend to the E.U. « at this

, ,
https://thehackernews.com/2023/07/instagrams-twitter-alternative-threads.html

Swedish Data Protection Authority Warns Companies Against Google Analytics Use

Swedish Data Protection Authority Warns Companies Against Google Analytics Use,

The Swedish data protection watchdog has warned companies against using Google Analytics due to risks posed by U.S. government surveillance, following similar moves by Austria, France, and Italy last year.
The development comes in the aftermath of an audit initiated by the Swedish Authority for Privacy Protection (IMY) against four companies CDON, Coop, Dagens Industri, and Tele2.
« In its audits

,

The Swedish data protection watchdog has warned companies against using Google Analytics due to risks posed by U.S. government surveillance, following similar moves by Austria, France, and Italy last year.
The development comes in the aftermath of an audit initiated by the Swedish Authority for Privacy Protection (IMY) against four companies CDON, Coop, Dagens Industri, and Tele2.
« In its audits

, ,
https://thehackernews.com/2023/07/swedish-data-protection-authority-warns.html

DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors

DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors,

The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down.
The updated variant, written in Golang, « implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the

,

The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down.
The updated variant, written in Golang, « implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the

, ,
https://thehackernews.com/2023/07/ddosia-attack-tool-evolves-with.html

Mexico-Based Hacker Targets Global Banks with Android Malware

Mexico-Based Hacker Targets Global Banks with Android Malware,

An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023.
The activity is being attributed to an actor codenamed Neo_Net, according to security researcher Pol Thill. The findings were published by SentinelOne following a Malware

,

An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023.
The activity is being attributed to an actor codenamed Neo_Net, according to security researcher Pol Thill. The findings were published by SentinelOne following a Malware

, ,
https://thehackernews.com/2023/07/mexico-based-hacker-targets-global.html

Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw

Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw,

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild.
Cybersecurity firm Bishop Fox, in a report published last week, said that out of nearly 490,000 Fortinet SSL-VPN interfaces exposed on the internet, about 69 percent remain unpatched.
CVE-2023-27997

,

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild.
Cybersecurity firm Bishop Fox, in a report published last week, said that out of nearly 490,000 Fortinet SSL-VPN interfaces exposed on the internet, about 69 percent remain unpatched.
CVE-2023-27997

, ,
https://thehackernews.com/2023/07/alert-330000-fortigate-firewalls-still.html