Hackers Create Rogue Admin Accounts – OfficialSarkar

जुलाई 05, 2024न्यूज़रूमसप्लाई चेन अटैक / मैलवेयर व्यापक रूप से इस्तेमाल किए जाने वाले पॉलीफ़िल को लक्ष्य करके आपूर्ति श्रृंखला पर हमला[.]io जावास्क्रिप्ट लाइब्रेरी का दायरा पहले की अपेक्षा अधिक व्यापक है, नये निष्कर्ष सेन्सस की रिपोर्ट से पता चलता है कि 2 जुलाई 2024 तक 380,000 से अधिक होस्ट दुर्भावनापूर्ण डोमेन से लिंक करने…

Jul 10, 2024The Hacker NewsEndpoint Security / Identity Security It’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in…

Sep 09, 2024Ravie LakshmananCyber Espionage / Malware The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. “This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target networks,”…

Jul 31, 2024Ravie LakshmananCyber Attack / Threat Intelligence Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity…

Sep 04, 2024Ravie LakshmananGDPR / Privacy The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an “illegal database with billions of photos of faces,” including those of…

Sep 11, 2024Ravie LakshmananEnterprise Security / Vulnerability Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows…