GitLab Issues Security Patch for Critical Account Takeover Vulnerability

GitLab Issues Security Patch for Critical Account Takeover Vulnerability,

GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover.
Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company. The security flaw affects all versions of GitLab Enterprise Edition (EE) starting from 11.10 before 14.9.5, all versions starting from 14.10

,

GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover.
Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company. The security flaw affects all versions of GitLab Enterprise Edition (EE) starting from 11.10 before 14.9.5, all versions starting from 14.10

, ,
https://thehackernews.com/2022/06/gitlab-issues-security-patch-for.html

Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor

Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor,

An « extremely sophisticated » Chinese-speaking advanced persistent threat (APT) actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that’s delivered by means of man-on-the-side attacks.
« This groundbreaking development allows the actor to modify network traffic in-transit to insert malicious payloads, » Russian cybersecurity company Kaspersky said in a new report.

,

An « extremely sophisticated » Chinese-speaking advanced persistent threat (APT) actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that’s delivered by means of man-on-the-side attacks.
« This groundbreaking development allows the actor to modify network traffic in-transit to insert malicious payloads, » Russian cybersecurity company Kaspersky said in a new report.

, ,
https://thehackernews.com/2022/06/chinese-luoyu-hackers-using-man-on-side.html

Pourquoi des pirates russes sèment le chaos au Costa Rica

Pourquoi des pirates russes sèment le chaos au Costa Rica,

,

pirates russes chaos costa rica

Conti, un groupe de pirates russes proches de Moscou, déploie une vague de cyberattaques contre le Costa Rica. Les services publics du pays sont actuellement paralysés.

The post Pourquoi des pirates russes sèment le chaos au Costa Rica appeared first on 01net.com.

, ,
https://www.01net.com/actualites/pirates-russes-provoquent-chaos-costa-rica.html

Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network

Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network,

The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according to new research.
Sucuri, which has been tracking the same campaign since February 2019 under the name « NDSW/NDSX, » said that « the malware was one of the top infections » detected in 2021, accounting for more than 61,000 websites.
Parrot TDS was documented in

,

The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according to new research.
Sucuri, which has been tracking the same campaign since February 2019 under the name « NDSW/NDSX, » said that « the malware was one of the top infections » detected in 2021, accounting for more than 61,000 websites.
Parrot TDS was documented in

, ,
https://thehackernews.com/2022/06/researchers-uncover-malware-controlling.html

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies,

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium.
In addition to removing the offending accounts created by the Lebanon-based activity group, the tech giant’s Threat Intelligence Center (MSTIC) said it suspended over 20 malicious OneDrive

,

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium.
In addition to removing the offending accounts created by the Lebanon-based activity group, the tech giant’s Threat Intelligence Center (MSTIC) said it suspended over 20 malicious OneDrive

, ,
https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html

Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability

Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability,

Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild.
The Australian software company credited cybersecurity firm Volexity for identifying the flaw, which is being tracked as CVE-2022-26134.
« Atlassian has been made aware of current active exploitation of a

,

Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild.
The Australian software company credited cybersecurity firm Volexity for identifying the flaw, which is being tracked as CVE-2022-26134.
« Atlassian has been made aware of current active exploitation of a

, ,
https://thehackernews.com/2022/06/hackers-exploiting-unpatched-critical.html

Threat Detection Software: A Deep Dive

Threat Detection Software: A Deep Dive,

As the threat landscape evolves and multiplies with more advanced attacks than ever, defending against these modern cyber threats is a monumental challenge for almost any organization. 
Threat detection is about an organization’s ability to accurately identify threats, be it to the network, an endpoint, another asset or an application – including cloud infrastructure and assets. At scale, threat

,

As the threat landscape evolves and multiplies with more advanced attacks than ever, defending against these modern cyber threats is a monumental challenge for almost any organization. 
Threat detection is about an organization’s ability to accurately identify threats, be it to the network, an endpoint, another asset or an application – including cloud infrastructure and assets. At scale, threat

, ,
https://thehackernews.com/2022/06/threat-detection-software-deep-dive.html

Conti Leaks Reveal Ransomware Gang’s Interest in Firmware-based Attacks

Conti Leaks Reveal Ransomware Gang’s Interest in Firmware-based Attacks

,

An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices.
« Control over firmware gives attackers virtually unmatched powers both to directly cause damage and to enable other long-term strategic goals, »

,

An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices.
« Control over firmware gives attackers virtually unmatched powers both to directly cause damage and to enable other long-term strategic goals, »

, ,
https://thehackernews.com/2022/06/conti-leaks-reveal-ransomware-gangs.html

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks,

As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns.
Called Ransomware for IoT or R4IoT by Forescout, it’s a « novel, proof-of-concept ransomware that exploits an IoT device to gain access and move laterally in an IT [information technology] network and impact the OT [

,

As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns.
Called Ransomware for IoT or R4IoT by Forescout, it’s a « novel, proof-of-concept ransomware that exploits an IoT device to gain access and move laterally in an IT [information technology] network and impact the OT [

, ,
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html

ExpressVPN Removes Servers in India After Refusing to Comply with Government Order

ExpressVPN Removes Servers in India After Refusing to Comply with Government Order,

Virtual Private Network (VPN) provider ExpressVPN on Thursday announced that it’s removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In).
« Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located

,

Virtual Private Network (VPN) provider ExpressVPN on Thursday announced that it’s removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In).
« Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located

, ,
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html