LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages https://firewall.firm.in/wp-content/uploads/2024/12/ransomware.png A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and ...

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack https://firewall.firm.in/wp-content/uploads/2024/12/code.png Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency ...

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware https://firewall.firm.in/wp-content/uploads/2024/12/chrome.png The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the ...

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools https://firewall.firm.in/wp-content/uploads/2024/12/cyberattack.png Dec 20, 2024Ravie LakshmananVulnerability / Cyber Attack A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an ...

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools https://firewall.firm.in/wp-content/uploads/2024/12/npm.png Dec 19, 2024Ravie LakshmananSupply Chain / Software Security Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve ...

HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft https://firewall.firm.in/wp-content/uploads/2024/12/password.png Dec 18, 2024Ravie LakshmananEmail Security / Cloud Security Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ Microsoft Azure cloud infrastructure. The campaign has been codenamed HubPhish by Palo Alto ...

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware https://firewall.firm.in/wp-content/uploads/2024/12/malware.png Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to ...

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal https://firewall.firm.in/wp-content/uploads/2024/12/mark.png Dec 17, 2024Ravie LakshmananCyber Espionage / Mobile Security A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. “The Mask APT is a legendary threat actor that has been performing ...

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages https://firewall.firm.in/wp-content/uploads/2024/12/adclick.png Dec 16, 2024Ravie LakshmananMalvertising / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. “Entirely reliant on a single ad ...

Why you take phone chargers from unknown people? Hackers can steal data. Tips to stay safe – ET CISO https://etimg.etb2bimg.com/thumb/msid-116354721,imgsize-39436,width-1200,height=765,overlay-etciso/data-breaches/why-you-take-phone-chargers-from-unknown-people-hackers-can-steal-data-tips-to-stay-safe.jpg We’ve all been there — scrambling to find a charger when our phone’s battery is running low, only to settle for using someone else’s cable. But this simple act of sharing a charger could expose you to significant cybersecurity risks. ...