Hackerzhome

hackerzhome-logo-bg

Cybersecurity news all over the world

HACKERZHOME NEWS

March 21, 2023

Tuesday

After receiving a ransom demand, Ferrari announces the data breach.

Following a ransom demand received after attackers obtained access to certain of the company’s IT systems, Ferrari has acknowledged a data breach.


Ferrari states in breach notification letters issued to clients: We regret to notify you of a cyber event at Ferrari, where a threat actor was able to access a small number of systems in our IT infrastructure.


Names, addresses, email addresses, and phone numbers of customers were among the information exposed in the breach, according to the Italian luxury sports car manufacturer.


Ferrari hasn’t yet discovered any proof that credit card numbers, bank account numbers, or other private payment information were accessed or stolen.


Ferrari asserts that the attack had no impact on business operations and that precautions had been taken to protect the compromised systems.


Ferrari discovered the intrusion, informed the relevant authorities, and is working with a cybersecurity company to assess the damage.


Ferrari stated that it has a policy against paying a ransom because doing so supports unlawful activity and permits threat actors to carry out their business as usual.


Instead, we decided that the best course of action was to inform our consumers, and as a result, we informed them of the incident’s nature and the possibility of data exposure.

NEWS 1
After receiving a ransom demand, Ferrari announces the data breach.

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

After 17 years, the file-sharing website Zippyshare is closing.

Zippyshare, a file-sharing website, announced that it would close by the end of March 2023 since it would no longer be financially possible to continue operating the service.

Zippyshare, a free file-sharing service that was introduced in 2006, generates revenue from advertisements.

The website is among the most visited on the internet, receiving over 43 million visitors per month, according to Similarweb.

After ZippyShare announced yesterday that it was ending its service, users were given until the end of the month to back up important files.

According to ZippShare, they are ending the service because they can no longer afford to keep it running because to mounting expenses and declining revenue.

According to the site’s owners, traffic to the website is rapidly falling as more users migrate to more modern file-sharing platforms with greater functionality and more features.

However, an increasing number of users of Zippyshare use aggressive ad blockers, which has led to a drop in the website’s advertising revenue.

Also, the substantial increase in electricity prices has raised the cost of running the website’s massive server infrastructure, which has reduced the already dropping earnings.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

March 21, 2023 /

Tuesday

Hackerzhome News

2

Have you heard?
Dark Web Data Is Decoded By New Cyber Platform Lab 1 To Discover Secret Supply Chain Breach Know more!

Employing a Zero-Day Flaw, hackers stole more than $1.6 million in cryptocurrency from General Bytes Bitcoin ATMs.

Employing a Zero-Day Flaw, hackers stole more than $1.6 million in cryptocurrency from General Bytes Bitcoin ATMs.

Manufacturer of Bitcoin ATMs General Bytes revealed that unidentified threat actors have stolen cryptocurrency from popular wallets by taking advantage of a software vulnerability.

According to a business alert released over the weekend, the attacker was able to remotely upload his own Java application via the master service interface used by terminals to upload films and run it with ‘batm’ user privileges.

The attacker detected running CAS services on ports 7741, including the General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean, it was stated.

The IP address space of the cloud hosting provider Digital Ocean was examined by the attacker.

The business said that by default, the server where the malicious Java program was uploaded was set up to launch any apps found in the deployment folder (“/batm/app/admin/standalone/deployments/”).

As a result, the threat actor was able to transmit money from the wallets, download usernames and password hashes, disable two-factor authentication (2FA), examine terminal event logs, and read and decode API keys needed to access funds in hot wallets and exchanges.

NEWS 3

Hackers use malicious NuGet packages to target.NET developers.

Threat actors are focusing on infecting.NET developers with bitcoin stealers distributed through the NuGet repository and posing as several genuine packages using typosquatting.

Natan Nehorai and Brian Moussalli, security researchers from JFrog, discovered this continuous effort and discovered that three of them had been downloaded more than 150,000 times in a single month.

While the enormous volume of downloads might indicate that many.NET developers had their PCs infiltrated, it could equally be attributed to the attackers’ attempts to pass off their malicious NuGet packages as legitimate.

The top three packages were downloaded a staggering number of times, which may be a sign that the operation was quite successful and infected many computers, according to JFrog security researchers.

Nevertheless, given that the attackers could have artificially increased the download count (using bots) to make the packages appear more authentic, this is not a completely trustworthy indicator of the attack’s success.

The threat actors impersonated accounts that appeared to be those of Microsoft software developers working on the NuGet.NET package manager by using typosquatting when they created their NuGet repository profiles.

Hackers use malicious NuGet packages to target.NET developers.
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news: