Threat actors are targeting and infecting .NET developers with cryptocurrency stealers delivered through the NuGet repository and impersonating multiple legitimate packages via typosquatting.
The threat actors also used typosquatting when creating their NuGet repository profiles to impersonate what looked like the accounts of Microsoft software developers working on the NuGet .NET package manager.
Chinese-linked hackers deployed the most zero-day vulnerabilities in 2022, researchers say | ...
Researchers at the threat intelligence firm Mandiant observed the use of 55 zero-day vulnerabilities in 2022.
Of the 16 zero-days that Mandiant researchers said with some confidence they knew how attackers used, cyberespionage groups deployed 13.
In 2022, state-backed hackers exhibited a particular focus on edge network devices such as firewalls and routers, which have grown particularly attractive as endpoint detection software has grown more sophisticated.
Hackers post more stolen Minneapolis Public School data to dark web - CBS Minnesota
MINNEAPOLIS -- Minneapolis Public Schools on Friday notified parents that hackers who stole district data in a recent system breach released that information onto the dark web, where users are untraceable.
But cybersecurity experts warn that anyone associated with the district—current and former students, parents, staff and vendors—should assume they have been compromised until they've been told otherwise, and take action to protect themselves.
Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software.
"The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload videos and run it using 'batm' user privileges," the company said in an advisory published over the weekend.
Inside the DEA Tool Hackers Allegedly Used to Extort Targets
“EPIC Portal,” the top of the screenshot reads, referring to the El Paso Intelligence Center (EPIC). EPIC is a multiagency intelligence center led by the DEA with 21 participating agencies, according to the DEA’s website .
The screenshot also includes “HSIN,” which is the Homeland Security Information Network, which is used to share intelligence among agencies .
No comments:
Post a Comment