Lifeboat Foundation

A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser.

Kaspersky dubbed the campaign OnionPoison, with all of the victims located in China. The scale of the attack remains unclear, but the Russian cybersecurity company said it detected victims appearing in its telemetry in March 2022.

The malicious version of the Tor Browser installer is being distributed via a link present in the description of a video that was uploaded to YouTube on January 9, 2022. It has been viewed over 64,500 times to date.

Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that could have been exploited to mount software supply chain attacks.

“This vulnerability allows gaining control of Packagist,” SonarSource researcher Thomas Chauchefoin said in a report shared with The Hacker News. Packagist is used by the PHP package manager Composer to determine and download software dependencies that are included by developers in their projects.

Continue reading “Researchers Report Supply Chain Vulnerability in Packagist PHP Repository” »

This post is also available in: עברית (Hebrew)

As everyday technologies get more and more advanced, cyber security must be at the forefront of every customer. Cyber security services have become common and are often used by private companies and the public sector in order to protect themselves from potential cyber attacks.

One of these services goes under the name Darktrace and has recently been acquired by Cybersprint, a Dutch provider of advanced cyber security services and a manufacturer of special tools that use machine learning algorithms to detect cyber vulnerabilities. Based on attack path modeling and graph theory, Darktrace’s platform represents organizational networks as directional, weighted graphs with nodes where multi-line segments meet and edges where they join. In order to estimate the probability that an attacker will be able to successfully move from node A to node B, a weighted graph can be used. Understanding the insights gained will make it easier for Darktrace to simulate future attacks.

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Cybercriminals are growing ever more relentless and deft with their attacks, with data breaches and system disruptions due to cyberattacks rising every year. Therefore, finding and strengthening cybersecurity weak spots, or vulnerabilities, is key to thwarting these attacks.

A key vulnerability is apps. Many organizations rely on productivity software and apps built in-house or from IT service providers to be competitive in today’s market. However, while these solutions boost productivity and employee and customer experiences, many of them have weak security measures that can expose the organization to cyberattackers.

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet.

“Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through stealing and brute-forcing SSH private keys, as well as launch DDoS attacks,” researchers from Lumen’s Black Lotus Labs said in a write-up shared with The Hacker News.

A majority of the bots are located in Europe, specifically Italy, with other infections reported in China and the U.S., collectively representing “hundreds of unique IP addresses” over a one-month time period from mid-June through mid-July 2022.

WhatsApp for Android and iOS patches two critical remote code execution vulnerabilities that could have allowed attackers to remotely hack targeted de.

A California university is refusing to release a cache of grisly photos of monkeys reportedly injured during experiments testing Elon Musk’s Neuralink brain implant technology, in spite of a lawsuit aiming to force the school’s hand.

In a press release, the Physicians Committee for Responsible Medicine (PCRM) advocacy group said that it had learned that the University of California, Davis is in possession of 371 photos of the experimented-upon monkeys that were subjected to Neuralink tests, which took place at the school’s veterinary lab facilities.

Earlier this year, Neuralink admitted that a fifth of the 23 rhesus macaques monkeys it used to test its brain-hacking implants had been euthanized after developing infections and malfunctions. Bolstering PCRM’s credibility, that admission came in the wake of its a complaint it filed against Neuralink.

Security analysts at ASEC have discovered a new wave of attacks targeting vulnerable Microsoft SQL servers, involving the deployment of a ransomware strain named FARGO.

GitHub team has issued a warning about an ongoing phishing campaign impersonating CircleCI notifications to steal targeted users’ credentials and two.