GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens

GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens,

GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and Travis CI.
« Customers should also continue to monitor Heroku and Travis CI for updates on their own investigations into the affected OAuth applications, » the

,

GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and Travis CI.
« Customers should also continue to monitor Heroku and Travis CI for updates on their own investigations into the affected OAuth applications, » the

, ,
https://thehackernews.com/2022/04/github-notifies-victims-whose-private.html

Researchers Share In-Depth Analysis of PYSA Ransomware Group

Researchers Share In-Depth Analysis of PYSA Ransomware Group,

An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows.
This included a user-friendly tool like a full-text search engine to facilitate the extraction of metadata and enable the threat actors to

,

An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows.
This included a user-friendly tool like a full-text search engine to facilitate the extraction of metadata and enable the threat actors to

, ,
https://thehackernews.com/2022/04/researchers-share-in-depth-analysis-of.html

Benchmarking Linux Security – Latest Research Findings

Benchmarking Linux Security – Latest Research Findings,

How well do your Linux security practices stack up in today’s challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute.
The research sponsored by TuxCare sought to understand better how organizations are currently managing

,

How well do your Linux security practices stack up in today’s challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute.
The research sponsored by TuxCare sought to understand better how organizations are currently managing

, ,
https://thehackernews.com/2022/04/benchmarking-linux-security-latest.html

New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar

New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar,

Cybersecurity researchers have disclosed a new version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar.
« The recent version demonstrated an evolution from Windows Portable Executables (EXE files) to working with Windows installer package files (MSI files), » Palo Alto Networks Unit 42 researchers said in

,

Cybersecurity researchers have disclosed a new version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar.
« The recent version demonstrated an evolution from Windows Portable Executables (EXE files) to working with Windows installer package files (MSI files), » Palo Alto Networks Unit 42 researchers said in

, ,
https://thehackernews.com/2022/04/new-solarmarker-malware-variant-using.html

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware,

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information.
Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, the agency said the infection sequence begins with an email containing a Microsoft Excel document (

,

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information.
Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, the agency said the infection sequence begins with an email containing a Microsoft Excel document (

, ,
https://thehackernews.com/2022/04/new-hacking-campaign-targeting.html

Critical RCE Flaw Reported in WordPress Elementor Website Builder Plugin

Critical RCE Flaw Reported in WordPress Elementor Website Builder Plugin,

Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an authenticated remote code execution flaw that could be abused to take over affected websites.
Plugin Vulnerabilities, which disclosed the flaw last week, said the bug was introduced in version 3.6.0 that was released on March 22, 2022. Roughly 37% of users of the

,

Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an authenticated remote code execution flaw that could be abused to take over affected websites.
Plugin Vulnerabilities, which disclosed the flaw last week, said the bug was introduced in version 3.6.0 that was released on March 22, 2022. Roughly 37% of users of the

, ,
https://thehackernews.com/2022/04/critical-rce-flaw-reported-in-wordpress.html

Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector

Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector,

The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity’s Ronin Network last month.
On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets Control’s (OFAC)

,

The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity’s Ronin Network last month.
On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets Control’s (OFAC)

, ,
https://thehackernews.com/2022/04/lazarus-hackers-behind-540-million-axie.html

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens,

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations.
« An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM

,

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations.
« An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM

, ,
https://thehackernews.com/2022/04/github-says-hackers-breach-dozens-of.html

JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots

JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots,

As many as five security vulnerabilities have been addressed in Aethon Tug hospital robots that could enable remote attackers to seize control of the devices and interfere with the timely distribution of medication and lab samples.
« Successful exploitation of these vulnerabilities could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information, »

,

As many as five security vulnerabilities have been addressed in Aethon Tug hospital robots that could enable remote attackers to seize control of the devices and interfere with the timely distribution of medication and lab samples.
« Successful exploitation of these vulnerabilities could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information, »

, ,
https://thehackernews.com/2022/04/new-jekyllbot5-flaws-let-attackers-take.html

Une faille dans la place de marché Rarible a permis de dérober facilement des NFT

Une faille dans la place de marché Rarible a permis de dérober facilement des NFT,

Un lien vers un NFT vérolé pouvait provoquer le transfert quasi automatique de NFT d’un portefeuille vers un autre. Effrayant de simplicité.

,

Un lien vers un NFT vérolé pouvait provoquer le transfert quasi automatique de NFT d’un portefeuille vers un autre. Effrayant de simplicité.

, ,
https://www.01net.com/actualites/une-faille-dans-la-place-de-marche-rarible-a-permis-de-derober-facilement-des-nft-2055922.html