Hackerzhome

Cybersecurity news all over the world

HACKERZHOME NEWS

May 10, 2023

Wednesday

Russian government's most sophisticated cyberespionage tool is neutralized by the US government.

The Russian Federal Security Service (FSB) used a cyberespionage tool, Snake, to penetrate a worldwide network, which the U.S. government disrupted on Tuesday.


The creation of Snake, labeled the “most sophisticated cyber espionage tool,” is attributed by the United States government to a unit under Centre 16 of the FSB. Turla is a Russian state-sponsored organization known as Iron Hunter, Secret Blizzard, SUMMIT, Uroburos, Venomous Bear, and Waterbug.


The threat actor has a history of concentrating heavily on organizations in Europe, the Commonwealth of Independent States (CIS), and nations that are members of NATO.


Recent activity has seen the threat actor’s footprint expand to include Middle Eastern countries that are seen as a threat to countries that Russia supports in the region.


The malware was directed to overwrite its own vital components on infected machines as part of Operation MEDUSA, which was carried out with the aid of a tool developed by the U.S. Federal Bureau of Investigation (FBI) and given the codename PERSEUS.


According to the agency, the self-destruct instructions allowed the Snake implant to destroy itself without impacting the host computer or any legitimate software running on the machine.


They were designed after decrypting and encrypting the malware’s network interactions.

NEWS 1
Russian government's most sophisticated cyberespionage tool is neutralized by the US government.

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

After a hack, food distribution company Sysco issues a data breach warning.

Leading international food distributor Sysco has acknowledged that hackers broke into its network earlier this year and stole confidential data, including corporate, customer, and employee data.

The business disclosed that customer and supplier data from the US and Canada and the personal information of US workers may have been impacted in the incident in an internal document addressed to staff members on May 3rd and reviewed by BleepingComputer.

The business thinks that a combination of the following personal data submitted to Sysco for payroll reasons, including name, social security number, account numbers, or similar information, was taken from its systems during the hack.

Leading international food distributor Sysco has acknowledged that hackers broke into its network earlier this year and stole confidential data, including corporate, customer, and employee data.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at admin@hackerzhome.org or fill out this contact form.

Share this news:

May 10, 2023 /

Wednesday

Hackerzhome News

2

Have you heard?
Use Of QR Codes In Surveys And False Parking Fines To Steal Money Know more!

38 flaws, including an active zero-day bug, are fixed by Microsoft's May Patch Tuesday.

38 flaws, including an active zero-day bug, are fixed by Microsoft's May Patch Tuesday.

For May 2023, Microsoft released Patch Tuesday patches to fix 38 security issues, including one zero-day problem that the company said is already being actively used in the wild.

The volume is at its lowest level since August 2021, according to Trend Micro’s Zero Day Initiative (ZDI), which noted that “this number is expected to rise in the coming months.”

Six of the 38 vulnerabilities have a severity rating of Critical, while 32 have a rating of Important. Microsoft has assigned the label “Exploitation More Likely” to eight of the issues.

This is in addition to the 18 vulnerabilities and weaknesses that the Windows manufacturer fixed in its Edge browser, which is based on Chromium when the April Patch Tuesday patches went live.

The most active exploitation of the privilege escalation vulnerability in Win32k, CVE-2023-29336 (CVSS score: 7.8), is at the top of the list. It is unclear at this time how widespread the attacks are.

Two publicly known issues are also noteworthy, one of which affects Windows OLE and are a significant remote code execution flaw (CVE-2023-29325, CVSS score: 8.1) that might be exploited by an attacker by sending the victim a carefully designed email.

NEWS 3

For all repos, GitHub now automatically bans token and API key leaks.

For all repos, GitHub now automatically bans token and API key leaks.
NEWS 4

For all public code projects, GitHub now automatically prevents the leak of private data such as API keys and access tokens.
This feature actively prevents leaks by checking for secrets before accepting ‘git push’ operations.

It supports 69 token types (API keys, private keys, secret keys, authentication tokens, access tokens, management certificates, credentials, and more) and can detect them with a low “false positive” detection rate.

According to GitHub, since its beta release, software engineers who used it have effectively prevented almost 17,000 unintentional disclosures of confidential information, saving more than 95,000 hours that would have been required to revoke, rotate, and fix exposed secrets.

GitHub has recently made this capability broadly accessible on all public repos, whereas up until now it could only be activated for private repositories by businesses with a GitHub Advanced Security license.

Spanish authorities shut down a phishing scheme connected to a criminal organization

In Madrid and Seville for alleged bank frauds, the National Police of Spain has detained two hackers, 15 members of a criminal gang, and an additional 23 individuals.

The cybercrime operation reportedly defrauded over 300,000 persons and caused documented losses of at least 700,000 euros ($770k) using an email and SMS-based phishing campaign.

Members of the Trinitarios organization are believed to have used stolen credit cards to buy bitcoin, which was subsequently traded for fiat money flowing into a “common box,” according to the police’s cybercrime section investigation.

Victims who got phishing SMS messages on their phones, claiming they needed to fix a security issue with their bank accounts, had their card information taken.

The victims clicked on the link in the SMS to go to a phishing website that was designed to look like a replica of the official bank portal, where they entered their account information.

Spanish authorities shut down a phishing scheme connected to a criminal organization
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at admin@hackerzhome.org or fill out this contact form.

Share this news: