Are your Employees Enabling External Threats? – OfficialSarkar

Are your Employees Enabling External Threats? – OfficialSarkar

Jul 17, 2024The Hacker NewsInsider Threats / Cybersecurity Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain…

China-linked APT17 Targets Italian Companies with 9002 RAT Malware – OfficialSarkar

China-linked APT17 Targets Italian Companies with 9002 RAT Malware – OfficialSarkar

Jul 17, 2024NewsroomCyber Espionage / Threat Intelligence A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT. The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an…

Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks – OfficialSarkar

Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks – OfficialSarkar

Jul 17, 2024NewsroomCybercrime / Ransomware The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the designation given to a threat actor that’s known for its sophisticated social engineering schemes to breach targets and establish persistence for follow-on exploitation…

Critical Apache HugeGraph Vulnerability Under Attack – OfficialSarkar

Critical Apache HugeGraph Vulnerability Under Attack – OfficialSarkar

Jul 17, 2024NewsroomVulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in…

‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins – OfficialSarkar

‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins – OfficialSarkar

Jul 16, 2024NewsroomMobile Security / Online Security Details have emerged about a “massive ad fraud operation” that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software…

Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks – OfficialSarkar

Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks – OfficialSarkar

The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management (RMM) software for maintaining persistent access. That’s according to independent findings from cybersecurity firms Check Point and Sekoia, which have codenamed…

Threat Prevention & Detection in SaaS Environments – OfficialSarkar

Threat Prevention & Detection in SaaS Environments – OfficialSarkar

Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them. According to the US Cybersecurity and Infrastructure Security Agency (CISA), 90% of all cyberattacks begin with phishing, an identity-based threat. Throw in attacks that use stolen credentials, over-provisioned accounts, and insider threats,…

Malicious npm Packages Found Using Image Files to Hide Backdoor Code – OfficialSarkar

Malicious npm Packages Found Using Image Files to Hide Backdoor Code – OfficialSarkar

Jul 16, 2024NewsroomOpen Source / Software Supply Chain Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server. The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have…

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer – OfficialSarkar

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer – OfficialSarkar

Jul 16, 2024NewsroomData Security / Vulnerability An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-May 2024, the vulnerability – tracked…

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software – OfficialSarkar

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software – OfficialSarkar

Jul 16, 2024NewsroomVulnerability / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that allows users to share and edit geospatial…