Feb 26, 2024The Hacker NewsSoftware Security / Cryptocurrency A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils. One of the packages in question, execution-time-async, masquerades as its […]
Files encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor. Rhysida and its ransomware Rhysida is a relatively new ransomware-as-a-service gang that engages in double extortion. First observed in May 2023, it made its name by attacking the British Library, the […]
Researchers have discovered a novel banking Trojan they dubbed “Coyote,” which is hunting for credentials for 61 different online banking applications. “Coyote,” detailed by Kaspersky in an analysis today, is notable both for its broad targeting of banking-sector apps (the majority, for now, in Brazil), and its sophisticated interweaving of different rudimentary and advanced components: […]
By Jungsoo An, Wayne Lee and Vanja Svajcer. Cisco Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named “Zardoor.” We believe an advanced threat actor is carrying out this […]
Orca has discovered three new vulnerabilities within various Azure HDInsight third-party services, including Apache Hadoop, Spark, and Kafka. These services are integral components of Azure HDInsight, a widely used managed service offered within the Azure ecosystem. Two of the vulnerabilities could have led to Privilege Escalation (PE) and one could have been used to cause […]
Feb 06, 2024NewsroomVulnerability / Cloud Security Three new security vulnerabilities have been discovered in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition. “The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie,” […]
This post is also available in: 日本語 (Japanese) Executive Summary Unit 42 researchers recently discovered activity attributed to Mispadu Stealer, a stealthy infostealer first reported in 2019. We found this activity as part of the Unit 42 Managed Threat Hunting offering. We discovered this threat activity while hunting for the SmartScreen CVE-2023-36025 vulnerability. When we […]
This post is also available in: 日本語 (Japanese) Executive Summary Unit 42 researchers discovered a large-scale campaign we call ApateWeb that uses a network of over 130,000 domains to deliver scareware, potentially unwanted programs (PUPs) and other scam pages. Among these PUPs, we have identified several adware programs including a rogue browser and different browser […]
The company has discovered a limited number of individuals whose personal information may have been impacted during the breach and is working with a third-party forensics firm to assess the extent of the attack’s impact on its operations and systems.