June 2023 – Page 8 – Learn and Explore

June 15, 2023
Uncategorized

New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries

In what’s a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. “Malicious binaries steal the user IDs, passwords, local machine environment variables,...

June 15, 2023
Uncategorized

New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT

The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations’ sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and nature of these risks. The report titled “Revealing the True GenAI...

June 15, 2023
Uncategorized

New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations

The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec said in a new report shared with The Hacker...

June 15, 2023
Uncategorized

Microsoft Warns of New Russian State-Sponsored Hacker Group with Destructive Intent

Microsoft on Wednesday took the lid off a “novel and distinct Russian threat actor,” which it said is linked to the General Staff Main Intelligence Directorate (GRU) and has a “relatively low success rate.” The tech giant’s Threat Intelligence team, which was previously tracking the group under its emerging...

June 15, 2023
Uncategorized

LockBit Ransomware Extorts $91 Million from U.S. Companies

The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That’s according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC

June 14, 2023
Uncategorized

Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems

The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867 (CVSS score: 3.9), “enabled the execution of privileged commands across Windows, Linux, and PhotonOS (vCenter) guest VMs without authentication...

June 14, 2023
Uncategorized

Severe Vulnerabilities Reported in Microsoft Azure Bastion and Container Registry

Two “dangerous” security vulnerabilities have been disclosed in Microsoft Azure Bastion and Azure Container Registry that could have been exploited to carry out cross-site scripting (XSS) attacks. “The vulnerabilities allowed unauthorized access to the victim’s session within the compromised Azure service iframe, which can lead to severe consequences, including...

June 14, 2023
Uncategorized

Where from, Where to — The Evolution of Network Security

For the better part of the 90s and early aughts, the sysadmin handbook said, “Filter your incoming traffic, not everyone is nice out there” (later coined by Gandalf as “You shall not pass”). So CIOs started to supercharge their network fences with every appliance they could get to protect...

June 14, 2023
Uncategorized

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs

A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. “This new malware strain tries to steal sensitive information from its victims,” Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. “To accomplish this task, it searches for data stored in applications such as...

June 14, 2023
Uncategorized

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits

At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept (PoC) exploit for purported zero-day flaws in...