Attacks

The report released by Checkmarx in regards to this attack states: “These attacks demonstrate again that cyber attackers have started to focus their attention on the open-source package ecosystem; We believe this trend will only accelerate in 2023.”When installing any software from open-source resources such as PyPI or GitHub, it is crucial to be skeptical and to perform due diligence by doing things like reviewing the code base, ensuring proper spelling of packages to avoid…

Read More

Most websites have adopted a mandatory verification through SMS message for account creation and authentication. Because of these requirements, threat groups have had to become crafty, deploying new methods in order to bypass these security features. At first, criminal actors primarily relied upon Google Voice numbers and “burner phone” numbers. However, with websites also advancing, most of those options are no longer valid when setting up an account. Due to the current situation, the only…

Read More

A proof-of-concept (PoC) has existed as early as March 2022, so companies running vulnerable versions of OAM should patch as soon as their patch management program allows. Additionally, since the exploit has existed for so long, it is reasonable to assume active exploitation has been taking place since then, and all vulnerable OAM systems should be treated as such. https://thehackernews.com/2022/11/cisa-warns-of-actively-exploited.html

Read More

According to ESET, the most recent cyberattacks have common indicators with attacks launched by Sandworm previously, including the use of PowerShell to distribute ransomware that is “almost identical to the one seen last April during the Industroyer2 attacks against the energy sector.” PowerShell, also known as PowerGap by Ukrainian cyber authorities, was used to introduce the CaddyWiper malware against Ukrainian infrastructure in April 2022, shortly after the Russian invasion. https://cybernews.com/news/sandworm-spawns-monstrous-offspring/ https://thehackernews.com/2022/11/russia-based-ransomboggs-ransomware.html

Read More

The threat group Black Reward has taken credit for the breach of the Islamic Revolutionary Guard Corps (IRGC) managed Fars News Agency out of Iran. The group stated that they deleted nearly 250 terabytes of data and accessed confidential bulletins and directives sent by the news agency to the office of Supreme Leader Ali Khamenei. Additional compromised data includes recorded calls, information on internal portals related to administrative conversations and news folders, image archives, and financial…

Read More

This is not the first time the U.S. government has been at odds with Chinese telecommunications companies. In February of 2020, after an FBI investigation, Huawei was charged with racketeering conspiracy and with conspiracy to steal trade secrets. Additionally, in 2019, a U.S. affiliate of Huawei was indicted for theft of trade secrets, wire fraud, and obstruction of justice. Earlier this year, in an address to business leaders from across the U.S., FBI director Christopher…

Read More

Chrome users are recommended to upgrade to version 107.0.5304.121/122 for Windows and 107.0.5304.122 for Mac and Linux, which addresses CVE-2022-4135. To update Chrome, click on Settings → About Chrome, then wait for the download of the latest version to finish → Restart the program. https://www.bleepingcomputer.com/news/security/google-pushes-emergency-chrome-update-to-fix-8th-zero-day-in-2022/

Read More