Tag: latest hacking news

Hackers Use NuGet Packages to Target .NET Developers
News

Hackers Use NuGet Packages to Target .NET Developers

Threat actors have been seen creating malicious packages aimed at .NET developers using the open-source package manager NuGet. The discovery would be the first occurrence in the wild of packages with malicious code detected in NuGet, according to software package management provider JFrog. Shachar Menashe, senior director at JFrog Security Research, said: "For the first time, the NuGet repository formerly assumed to be untouched by malicious code really contains multiple hazardous software read more Hackers Use NuGet Packages to Target .NET Developers. Stay up-to-date with the latest cybersecurity news and increase your cybersecurity awareness through ReconBee.com‘s in-depth coverage of the newest threats, breaches, and solutions.
Tick APT Group Hacked East Asian DLP Software Firm
News

Tick APT Group Hacked East Asian DLP Software Firm

The advanced persistent threat (APT) group Tick has been blamed for a new malware campaign that targets an East Asian company that creates data-loss prevention (DLP) software for governmental and military organizations. The threat actor broke into the DLP company's internal update servers, according to an advisory released by ESET on Tuesday, to spread malware across its network. The company's use of genuine tool installers that had been tampered with led to the execution of malware on the PCs of two of its clients read more Tick APT Group Hacked East Asian DLP Software Firm. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Security giant Rubrik says hackers used Fortra zero-day to steal internal data
News

Security giant Rubrik says hackers used Fortra zero-day to steal internal data

The Fortra GoAnywhere zero-day vulnerability, which has been connected to hacks against a hospital network and a bank, has claimed its newest victim: Silicon Valley-based data security business Rubrik. Michael Mestrovich, chief information security officer at Rubrik, claimed that the vulnerability in Fortra's GoAnywhere file-transfer programme, which the company employs for internal data exchange, allowed attackers access to the non-production IT testing environments used by the company. Known as CVE-2023-0669, this vulnerability originally came to light on February 2 read more Security giant Rubrik says hackers used Fortra zero-day to steal internal data. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the ...
Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw
Reputation, Resources, Risk, Security

Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw

Lazarus Group, a North Korean threat actor, was observed twice in the past year using holes in undisclosed software to access a South Korean finance company. The information was released by security experts at Asec, who on Tuesday published an advisory about the attacks. The first attack was noted by the corporation in May 2022, while the second one happened in October of that same year. According to reports, the same zero-day vulnerability was used by both operations. The impacted company "was employing a vulnerable version of a certificate application that was commonly used by public institutions and universities during the infiltration read more Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw. Stay informed with the best cybersecurity news and raise your cybe...
Ransomware Attack Hits US Marshals Service
Risk, Security

Ransomware Attack Hits US Marshals Service

A computer system containing "law enforcement sensitive information" has apparently been impacted by a ransomware attack directed at the US Marshals Service (USMS). The intrusion also compromised the personal information of the targets of the inquiry, according to Drew Wade, chief of the Marshals Service public affairs office, who made the statement Monday night. Wade explained, "The impacted system contains law enforcement sensitive material, including returns from legal process, administrative information, and personally identifiable information belonging to subjects of USMS investigations, third parties, and some USMS personnel." The officer stated that the breach was found on February 17 by the US Marshals Service read more Ransomware Attack Hits US Marshals Service. Stay ...
Governments Targeted by Discord Based Threat Campaign
Resources, Risk, Security

Governments Targeted by Discord Based Threat Campaign

According to Menlo Security, an unknown threat actor is targeting APAC and North American governments with data-stealing malware and ransomware. The attacks of the gang begin with a phishing email containing a malicious Discord link that leads to a password-protected zip file. PureCrypter, a.NET malware downloader, is included in this package. According to Menlo Security, the loader will attempt to download a secondary payload from the group's command and control (C2) infrastructure, which is a compromised domain belonging to a non-profit. Other info-stealers and ransomware versions discovered by the security vendor read more Governments Targeted by Discord Based Threat Campaign. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our co...
Hackers Use S1deload Stealer to Target Facebook YouTube Users
Resources, Risk, Security

Hackers Use S1deload Stealer to Target Facebook YouTube Users

A new global operation utilizing an info stealer and targeting accounts on Facebook and YouTube has been uncovered by security researchers. The new dangerous malware, dubbed "S1ideload Stealer" by Bitdefender, uses DLL sideloading techniques to launch its malicious components. In a warning sent on Wednesday, Bitdefender security researcher Dávid CS stated that the attack "uses a legal, digitally-signed application that unintentionally loads dangerous malware if clicked." Sideloading enables S1deload Stealer to bypass system defences and successfully infect systems. To further reduce user suspicion of infection, the executable also depends on a legitimate picture folder read more Hackers Use S1deload Stealer to Target Facebook YouTube Users. With ReconBee.com Stay ahead of the ...
US hospital attacked by BlackCat denies hackers
Resources, Risk, Security

US hospital attacked by BlackCat denies hackers

A US-based healthcare organization that manages more than a dozen hospitals have refused to pay ransom to hackers with ties to Russia. Healthcare provider Lehigh Valley Health Network (LVHN), situated in Pennsylvania, said that the BlackCat gang attacked the institution with a ransomware attack. The malware ALPHV/BlackCat was first discovered in 2021. The group, like many others in the criminal underground, runs a ransomware-as-a-service (RaaS) company that offers software subscriptions to other criminals. On February 6, LVHN discovered unauthorized activity on its IT systems read more US hospitals attacked by BlackCat denies hackers. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurit...
Washington State city allegedly hit by ransomware
Risk, Security

Washington State city allegedly hit by ransomware

The City of Lakewood, Washington, has been included on the data leak website run by the BlackCat ransomware gang (ALPHV), which has urged the impacted businesses to file a lawsuit against the city. Almost 63,000 people call Lakewood, a city in Pierce County, Washington, home. BlackCat alleged that it had violated the Lakewood City Council and taken more than 250GB of data. BlackCat provided a link to download 252GB of documents and claimed, "We provide information with you because of their misunderstanding and failure to bargain. The files have not been examined by Cybernews to learn more about the Washington State city allegedly hit by ransomware. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the lates...
Frebniis Malware Exploits Microsoft IIS Feature
Resources, Risk, Security

Frebniis Malware Exploits Microsoft IIS Feature

In order to install a backdoor in targeted systems, a new piece of malware has been identified by cybersecurity researchers that make use of an official Microsoft Internet Information Services (IIS) function. A previously unidentified threat actor allegedly employed the virus, codenamed "Frebniis," against targets in Taiwan, according to a Symantec advisory released last Thursday. The technical write-up explains that Frebniis' method entails injecting malicious code into the memory of read more Frebniis Malware Exploits Microsoft IIS Feature. With ReconBee.com Stay ahead of the latest threats with in-depth coverage of cyber attacks and cybersecurity trends, and the latest cybersecurity news.