The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses.
US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property.
SonarQube apps are installed on web servers and connected to source code hosting systems like BitBucket, GitHub, or GitLab accounts, or Azure DevOps systems.
And here's another article:
Hackers Stealing and Selling VoIP Access - BankInfoSecurity
Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company's compromised system.
* * *
During the first half of this year, Check Point researchers found the campaign operated by a hacking group that they believe is working from the Palestinian Gaza Strip. The ongoing campaign targets the open-source user interface of Sangoma PBX, which manages the Asterisk VoIP PBX system - one of the world's largest such systems.
This hacking group is using previously unknown tools to target defence contractors | ZDNet
Hackers used previously unknown tools in a cyber-espionage campaign targeting defence and aerospace companies in a social engineering and phishing campaign that is more widely targeted than first thought.
Researchers at McAfee first detailed Operation North Star earlier this year , but further analysis reveals additional tactics and techniques of the campaign that has almost identical elements to Hidden Cobra – AKA The Lazarus Group – a hacking operation which the US government and others say is working out of North Korea on behalf of the government in Pyongyang.
Capcom hacked in latest cyber-attack on game-makers - BBC News
.css-14iz86j-BoldText{font-weight:bold;} Video game-maker Capcom said its computer systems were hacked earlier this week, in the latest cyber-attack to hit the games industry.
It said some of its internal networks had been suspended "due to unauthorised access" from outside Capcom.
* * *
"Capcom expressed its deepest regret for any inconvenience this may cause to its various stakeholders," it said.
Online gameplay and websites did not seem to be affected, and in investigation is under way. Capcom did not say what had been accessed, or if any material had been stolen.
And here's another article:
Italy's Campari says hackers encrypted and stole data | Business Insurance
BI's Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, "workers compensation". This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, "hurricane" & "loss".
* * *
(Reuters) — Italian drinks group Campari said on Friday checks conducted after a hacking attack showed data on some of the company's servers had been encrypted and some information had been lost.
Notorious hacking network Trickbot resurfaces, may affect Election Day - Business Insider
The wave of ransomware attacks show that the cybercriminals who built Trickbot are undeterred and quickly adapting new tools to carry out similar attacks, according to Jeremy Kennelly, analysis manager at FireEye's Mandiant Threat Intelligence unit, which has been tracking the group's botnet activity.
Security experts told Business Insider that the hackers' tenacity is a sign that their operations are unlikely to be completely thwarted by Election Day. It's is also another sign that hackers and their malware have grown more formidable, even against security giants like Microsoft.
Price Dropped on Hacked Educational RDP Details - Infosecurity Magazine
Hackers selling network access to 7500 educational establishments have reportedly dropped their asking price.
Reports emerged last week that access was being sold by a threat actor on multiple Russian hacker forums and as well as educational organizations. The package also included access to corporate networks from other verticals, such as entertainment and the bar industry.
In particular, access to the networks via remote desktop protocol was being sold, with the initial bid for the entire package starting at 25 BTC (roughly $330,000) and the buy now option at 75 BTC (about $1,000,000).
Vatican enlists bots to protect library from onslaught of hackers | World news | The Guardian
The library has faced an average of 100 threats a month since it started digitising its collection of historical treasures in 2012, according to Manlio Miceli, its chief information officer.
"We cannot ignore that our digital infrastructure is of interest to hackers. A successful attack could see the collection stolen, manipulated or deleted altogether," Miceli told the Observer .
Cyber attacks were increasing, not slowing down, he added. "Hackers will always try to get into organisations to steal information, to make money or to wreak havoc."
Happening on Twitter
FBI: Hackers stole source code from US government agencies and private companies https://t.co/hWp2OvIAok ZDNet (from USA | UK | Asia | Australia) Sun Nov 08 10:45:16 +0000 2020
FBI: Hackers stole source code from US government agencies and private companies https://t.co/N9vekTthLj ZDNet (from USA | UK | Asia | Australia) Sun Nov 08 02:15:00 +0000 2020
No comments:
Post a Comment