GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access – OfficialSarkar

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access – OfficialSarkar

Oct 16, 2024Ravie LakshmananEnterprise Security / Vulnerability GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 “An attacker could bypass SAML single…

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists – OfficialSarkar

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists – OfficialSarkar

Oct 15, 2024Ravie LakshmananFinancial Fraud / Linux North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is “installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized…

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns – OfficialSarkar

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns – OfficialSarkar

Oct 15, 2024Ravie LakshmananMobile Security / Financial Fraud New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN. “This new addition enables the threat actor to operate on the device even while it is locked,” Zimperium security researcher Aazim Yaswant…

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT – OfficialSarkar

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT – OfficialSarkar

Oct 15, 2024Ravie LakshmananMalware / Cybercrime Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. “DarkVision RAT communicates with its…

Why Traditional Security Solutions Fall Short – OfficialSarkar

Why Traditional Security Solutions Fall Short – OfficialSarkar

In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented,…

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns – OfficialSarkar

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns – OfficialSarkar

China’s National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies,…

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates – OfficialSarkar

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates – OfficialSarkar

Oct 15, 2024Ravie LakshmananThreat Detection / Malware Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack…

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites – OfficialSarkar

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites – OfficialSarkar

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a site. Jetpack, owned by WordPress maker Automattic, is an all-in-one plugin that offers a comprehensive suite of tools to improve site safety, performance, and traffic…

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 – OfficialSarkar

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 – OfficialSarkar

Oct 14, 2024Ravie LakshmananRecap / Cybersecurity Hey there, it’s your weekly dose of “what the heck is going on in cybersecurity land” – and trust me, you NEED to be in the loop this time. We’ve got everything from zero-day exploits and AI gone rogue to the FBI playing crypto kingpin – it’s full of…

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems – OfficialSarkar

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems – OfficialSarkar

Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. “Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the open-source landscape,” Checkmarx…