INDIA NEWS

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

admin8 months ago07 mins

[ad_1] Mar 25, 2024NewsroomSupply Chain Attack / Cryptocurrency Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code…

New “GoFetch” Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

admin8 months ago08 mins

[ad_1] A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data from the CPU…

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

admin8 months ago05 mins

[ad_1] Mar 25, 2024NewsroomCyber Espionage / Email Security The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the…

N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks

admin8 months ago05 mins

[ad_1] Mar 24, 2024NewsroomArtificial Intelligence / Cyber Espionage The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities…

German Police Seize ‘Nemesis Market’ in Major International Darknet Raid

admin8 months ago03 mins

[ad_1] Mar 24, 2024NewsroomRansomware / Threat Intelligence German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office (aka Bundeskriminalamt or BKA) said it seized the digital infrastructure associated with the darknet service located in Germany and Lithuania…

Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties

admin8 months ago05 mins

[ad_1] Mar 23, 2024NewsroomCyber Espionage / Cyber Warfare The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia’s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which…

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

admin8 months ago07 mins

[ad_1] Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. “These campaigns come in the form…

AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking

admin8 months ago04 mins

[ad_1] Mar 22, 2024NewsroomAmazon Web Services / Vulnerability Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims’ sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by…

Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects

admin8 months ago04 mins

[ad_1] Mar 22, 2024NewsroomWeb Security / Vulnerability A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent variant of the malware is estimated to have infected no less than 2,500 sites over the past two…

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

admin8 months ago06 mins

[ad_1] Mar 22, 2024NewsroomCyber Defense / Vulnerability A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an “aggressive” campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Uteus or Uetus),…

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks

OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

Shedding Light on Cybersecurity’s Unseen Threats

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

New “GoFetch” Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks

German Police Seize ‘Nemesis Market’ in Major International Darknet Raid

Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking

Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects