TheHackerNews

March 26, 2022 The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond. “The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy …

U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide Read More »

March 26, 2022 The City of London Police has arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang that’s linked to a recent burst of attacks targeting NVIDIA, Samsung, Ubisoft, LG, Microsoft, and Okta. “The City of London Police has been conducting an investigation with …

7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K. Read More »

March 26, 2022 Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds. “These malicious apps were able to steal victims’ secret seed phrases by impersonating Coinbase, imToken, MetaMask, Trust Wallet, Bitpie, TokenPocket, or …

Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users Read More »

March 26, 2022 Google’s Threat Analysis Group (TAG) on Thursday disclosed that it acted to mitigate threats from two distinct government-backed attacker groups based in North Korea that exploited a recently-uncovered remote code execution flaw in the Chrome web browser. The campaigns, once again “reflective of the regime’s immediate concerns and priorities,” are said to …

North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms Read More »

March 25, 2022 A 23-year-old Russian national has been indicted in the U.S. and added to the Federal Bureau of Investigation’s (FBI) Cyber Most Wanted List for his alleged role as the administrator of Marketplace A, a cyber crime forum that sold stolen login credentials, personal information, and credit card data. Igor Dekhtyarchuk, who first …

23-Year-Old Russian Hacker Wanted by FBI for Running Marketplace of Stolen Logins Read More »

March 25, 2022 A Chinese-speaking advanced persistent threat (APT) has been linked to a new campaign targeting gambling-related companies in South East Asia, particularly Taiwan, the Philippines, and Hong Kong. Cybersecurity firm Avast dubbed the campaign Operation Dragon Castling, describing its malware arsenal as a “robust and modular toolset.” The ultimate motives of the threat actor …

Chinese APT Hackers Targeting Betting Companies in Southeast Asia Read More »

March 25, 2022 Authentication services provider Okta on Wednesday named Sitel as the third-party linked to a security incident experienced by the company in late January that allowed the LAPSUS$ extortion gang to remotely take over an internal account belonging to a customer support engineer. The company added that 366 corporate customers, or about 2.5% of its …

Researchers Trace LAPSUS$ Cyber Attacks to 16-Year-Old Hacker from England Read More »

March 25, 2022 Before hunting malware, every researcher needs to find a system where to analyze it. There are several ways to do it: build your own environment or use third-party solutions. Today we will walk through all the steps of creating a custom malware sandbox where you can perform a proper analysis without infecting …

How to Build a Custom Malware Analysis Sandbox Read More »

March 25, 2022 A new large scale supply chain attack has been observed targeting Azure developers with no less than 218 malicious NPM packages with the goal of stealing personal identifiable information. “After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure NPM scope, by an …

Over 200 Malicious NPM Packages Caught Targeting Azure Developers Read More »

March 25, 2022 VMware on Wednesday released software updates to plug two critical security vulnerabilities affecting its Carbon Black App Control platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows systems. Tracked as CVE-2022-22951 and CVE-2022-22952, both the flaws are rated 9.1 out of a maximum of 10 …

VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control Read More »