Security News

Millions of people's data stolen because web devs forget to check access perms
2023-07-29 00:09

They essentially occur when a web app or a web API backend doesn't properly check that a user is actually allowed to access some info from a database or some other resource. More specifically, IDOR bugs can occur when access is granted to stuff on the basis of the user's input, rather than from looking up that person's access rights.

GitHub warns of Lazarus hackers targeting devs with malicious projects
2023-07-20 22:48

GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware. In a new security alert, GitHub warns that the Lazarus Group is compromising legitimate accounts or creating fake personas that pretend to be developers and recruiters on GitHub and social media.

1. This crypto-coin is called Jimbo. 2. $8m was stolen from its devs in flash loan attack
2023-05-30 23:56

Just days after releasing the second - and supposedly more stable and secure - version of its decentralized finance app, Jimbos Protocol over the weekend was hit by attackers who stole stole 4,090 ETH tokens from the project worth about $7.5 million. The developers behind the Arbitrum-based app were the apparent victims of a flash loan attack and now are scrambling to track down the light-fingered coders and retrieve the lost funds.

Ex-Conti members and FIN7 devs team up to push new Domino malware
2023-04-17 20:36

Ex-Conti ransomware members have teamed up with the FIN7 threat actors to distribute a new malware family named 'Domino' in attacks on corporate networks. Domino is a relatively new malware family consisting of two components, a backdoor named 'Domino Backdoor,' which in turn drops a 'Domino Loader' that injects an info-stealing malware DLL into the memory of another process.

Typhon info-stealing malware devs upgrade evasion capabilities
2023-04-05 20:30

The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2'. They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022.

Devs targeted by W4SP Stealer malware in malicious PyPi packages
2023-02-12 15:12

Five malicious packages were found on the Python Package Index, stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers. PyPI is a software repository for packages created in the Python programming language.

Microsoft urges devs to migrate away from .NET Core 3.1 ASAP
2022-11-17 14:14

NET Core versions until it reaches the end of support next month.NET Native releases, warned this July, Microsoft will stop providing technical support or servicing updates after EOS. "We recommend moving to.NET 6 as soon as possible. If you are still using.NET Core 3.1 after the end of support date, you'll need to update your app to.NET 6 or.NET 7 to remain supported and continue to receive.NET updates," Whittaker said.

Malware devs already bypassed Android 13's new security feature
2022-08-17 14:00

Roid malware developers are already adjusting their tactics to bypass a new 'Restricted setting' security feature introduced by Google in the newly released Android 13. Roid 13 was released this week, with the new operating system being rolled out to Google Pixel devices and the source code published on AOSP. As part of this release, Google attempted to cripple mobile malware that attempted to enable powerful Android permissions, such as AccessibilityService, to perform malicious, stealthy behavior in the background.

North Korean devs pose as US freelancers to aid DRPK govt hackers
2022-05-17 22:16

Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations. In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.

North Korean devs pose as US freelancers and aid DRPK govt hackers
2022-05-17 22:16

Thousands of North Korean "Highly skilled IT workers," at the direction of or forced by their government are targeting freelance jobs at organizations in wealthier nations. In some cases, DPRK's dispatched wage earners - typically located in China, Russia, Africa, and Southeast Asia, have aided with selling data stolen in attacks from North Korean hackers.