hacker new rss feed crash reproduction

gistfile1.txt

<?xml version="1.0" encoding="UTF-8" standalone="no"?><?xml-stylesheet href="http://www.blogger.com/styles/atom.css" type="text/css"?><rss xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" version="2.0"><channel><title>The Hacker News</title><description>Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.com</description><managingEditor>noreply@blogger.com (Unknown)</managingEditor><pubDate>Mon, 7 Nov 2022 20:55:33 +0530</pubDate><generator>Blogger http://www.blogger.com</generator><openSearch:totalResults xmlns:openSearch="http://a9.com/-/spec/opensearchrss/1.0/">10601</openSearch:totalResults><openSearch:startIndex xmlns:openSearch="http://a9.com/-/spec/opensearchrss/1.0/">1</openSearch:startIndex><openSearch:itemsPerPage xmlns:openSearch="http://a9.com/-/spec/opensearchrss/1.0/">25</openSearch:itemsPerPage><link>https://thehackernews.com/</link><language>en-us</language><item><title>Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack</title><link>https://thehackernews.com/2022/11/medibank-refuses-to-pay-ransom-after-97.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Mon, 7 Nov 2022 20:54:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-783717013772831719</guid><description>
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident.
The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was "consistent with the precursors to a ransomware event," prompting it to isolate its systems, but not </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO9CiYBUynuavDbq_smdooK3UNCaLaB_i9jx1mmvyBFFhALiRle5irk2bmDdr_kUXfCUud2TbV3Ehyq-bNn58Sf8ryC9CTT6uU19Wd9HkxtivxJcuNmi-QHyXAwk7OLHwdrWSB683aetCB1lm_SATanX-cb8Ta1iVU1knHUBuGBbYUKmKQjKmLrdg9/s260-e100/medibank.jpg" width="72"/></item><item><title>This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others</title><link>https://thehackernews.com/2022/11/this-hidden-facebook-tool-lets-users.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Mon, 7 Nov 2022 20:16:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-6759991532662668798</guid><description>
Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others.
The existence of the tool, which is buried inside a Help Center page about "Friending," was first reported by Business Insider last week. It's offered as a way for "Non-users" to "exercise their rights under applicable laws."
&lt;!</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_3QzeYvVDq275b1Wd2GTXuU1f3E6BtEWkVBdsRddiZttpyTAGt5gCNSRygjiyy-xEqb-am_Cj2WnMaJtrxhlbYzYNPO_OtqbLngzRHjsop-Pt_ZM11ZYCpe-StOIFO7UWH5P7ducBN9pL2rykjudSk9hq046n_X1DbVTYI9WVIKxj_apnisiEV6AT/s260-e100/facebook.jpg" width="72"/></item><item><title>Experts Find URLScan Security Scanner Inadvertently Leaks Sensitive URLs and Data</title><link>https://thehackernews.com/2022/11/experts-find-urlscan-security-scanner.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Mon, 7 Nov 2022 16:19:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-8768855407505585266</guid><description>
Security researchers are warning of "a trove of sensitive information" leaking through urlscan.io, a website scanner for suspicious and malicious URLs.
"Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable," Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022.
The </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9s-ZHpRpOCHmCgxgsV4a_OIceRuWMouVUyqvXsFxficMqpmhOzcTdGxmpiKM_pWfR0p7MAcannyq1D2G15d073NrPVI0axhYIfbtHs7iDcZbkMDs_wkhhI6qO-dAOle4Kn2q90iWWM2J_x_KHv2jxE2FPcmzwVaI7PYPYSeEZLuwS63NS7IYVRFzG/s260-e100/urlscan.jpg" width="72"/></item><item><title>Robin Banks Phishing Service for Cybercriminals Returns with Russian Server</title><link>https://thehackernews.com/2022/11/robin-banks-phishing-service-for.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Mon, 7 Nov 2022 13:06:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-1024803323153873605</guid><description>
A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services.
The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day disruption to operations," according to a report from cybersecurity company IronNet.
Robin Banks was </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgayyjGZ19P9Gkf7iUwdz9-LyjSQve2VFHLTckF6juxDRjsZXgsllm7HBQ0Z_J2iy2EBDcXBRnaKj_w3jqu-UiOp7gkBqnmK1Yiug9LEG7jD4WZaaxhB6pdZWDtH5PdfmqXxRZ65n61fUXhCbnxAFzAlYF-C8U_Cyy3hLniyA8hvgBkgvz6OTZ1-tWM/s260-e100/phishing.jpg" width="72"/></item><item><title>Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer</title><link>https://thehackernews.com/2022/11/researchers-uncover-29-malicious-pypi.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Sat, 5 Nov 2022 14:05:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-260490692247167483</guid><description>
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers' machines with a malware called W4SP Stealer.
"The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22," software supply chain </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzXHremxMPv6xKza9t6S8bcQQcE-P9qg7TAMEtDqgFp0wi_x6_DLtNAJGJ12E_WeA6-9Xiecr2AHt6eeUH-67laEZkLZUFWsN_1I3fwdlJ0UPuwaRv1MecxS06n3shCyGMOkpgjDwsPsbKEB7blrX2qX4FMjyREMliuKclCzZEBnJm0Gku_aQ-LcS5/s260-e100/python.jpg" width="72"/></item><item><title>Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities</title><link>https://thehackernews.com/2022/11/microsoft-warns-of-uptick-in-hackers.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Sat, 5 Nov 2022 11:30:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-2566667497269130454</guid><description>
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments.
The tech giant, in its 114-page Digital Defense Report, said it has "observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability," making it imperative that </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTxKfxj2a6lMbDbJaMo5tht_LOymmcrKcCWFtR24mQo74TUahCanF09uTukayi4zQWtyXbBN6gL1r8Q_F8hPVGvbFPUvpNfu0RMdh_in3x47i7NaY_2APPaDC8WmxtnyovksaoophnnKee-_hL8d3KTmywDQksxEixb5Qu7Hqf3_NL3lzttzW4eVJp/s260-e100/ms.jpg" width="72"/></item><item><title>Researchers Detail New Malware Campaign Targeting Indian Government Employees</title><link>https://thehackernews.com/2022/11/researchers-detail-new-malware-campaign.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Fri, 4 Nov 2022 19:13:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-3362869432683939126</guid><description>
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach.
"This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications," Zscaler ThreatLabz researcher Sudeep Singh said </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_jEu2tsS0YahUZDvpC9g3cUICCtR1wiFzxo68MrJ8Yaj6dMJKu2RqilXTxppRY5HLQXrg_bg7GW1RhgvuS_ivXqBpOT7zYVExQge1b9OqfSR0IqdM7Cz59hLmInBUpPvwso0ABSPM3KP06OcgW-vBHPCK0sExBZBXWVZBMutCOK5tGYbss09rGVxt/s260-e100/cyberattack.jpg" width="72"/></item><item><title>Your OT Is No Longer Isolated: Act Fast to Protect It</title><link>https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html</link><author>noreply@blogger.com (The Hacker News)</author><pubDate>Fri, 4 Nov 2022 18:42:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-7439803179922692243</guid><description>
Not too long ago, there was a clear separation between the operational technology (OT) that drives the physical functions of a company – on the factory floor, for example – and the information technology (IT) that manages a company's data to enable management and planning. 
As IT assets became increasingly connected to the outside world via the internet, OT remained isolated from IT – and the </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKGV5cjKBnZ2SU5VbKG5rm67iVypGfM1Ex8rmqlA2ADYC3uNAnZ7G76mDN5JbxA5tAlLlkoecdKyorwfjy6QAuPDe2I4I1DM1MsIduju-Y3pITm-FI1-NKNecvANGoFSZF52SJQeDZM6q5olOqS3bv3k_UAKQMd2mLKNgwNnqDWxaiQnormmeCQIzc/s260-e100/ot.jpg" width="72"/></item><item><title>CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software</title><link>https://thehackernews.com/2022/11/cisa-warns-of-critical-vulnerabilities.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Fri, 4 Nov 2022 15:31:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-1564428028795033149</guid><description>
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation.
Prominent among them is a set of three flaws affecting ETIC Telecom's Remote Access Server (RAS), which "could allow an attacker to obtain sensitive information and </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjy10jV7SOEGAAFdcoLSsEA8Ce0dwzClAZ4_jR22mCUD386h1vkI6AH0xPDWIeKSchusdOv88VG3fkas5xvmHpSGubQU0WNLyo7ebUofMo3GuVUFAYjdCQNZgHogvrVsMHtZIuPvu6l1hxXwNC9WPypc5KevLSI-FDOVsep7vAT-ug-wV-8IU2zy6GP/s260-e100/ics.jpg" width="72"/></item><item><title>Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers</title><link>https://thehackernews.com/2022/11/researchers-find-links-bw-black-basta.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Thu, 3 Nov 2022 23:10:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-1550156712771021907</guid><description>
A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group.
This link "could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups," cybersecurity firm SentinelOne said in a technical write-up shared with The Hacker News.
Black </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRf10xl9A4_o9UnC_txym0qg6A4j8NIz0H97ajrfoxFFLwHf0NJo60eGKE958jmcrPI_TyQ3HawKtC4-EJB-0qwEaonAZ84QBYr8E3dkqNP40BprVTZ-iGYzg-wcfzOpT0DhEwQ8QyWohJ9SL0Mbu6fv4S5iaBCRUaYW13dmvzKsK6xRw5vAIK90BA/s260-e100/hack.jpg" width="72"/></item><item><title>Why Identity &amp; Access Management Governance is a Core Part of Your SaaS Security</title><link>https://thehackernews.com/2022/11/why-identity-access-management.html</link><author>noreply@blogger.com (The Hacker News)</author><pubDate>Thu, 3 Nov 2022 16:04:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-1832317676342982172</guid><description>
Every SaaS app user and login is a potential threat; whether it's bad actors or potential disgruntled former associates, identity management and access control is crucial to prevent unwanted or mistaken entrances to the organization's data and systems. 
Since enterprises have thousands to tens of thousands of users, and hundreds to thousands of different apps, ensuring each entrance point and </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDH3Bw-UY5m-L8AXrB4YMBv7lc-HJIPkjCu7YNcVYdI6l5P90vrCoMReJujQ292g8-bEN73K1uqLduX_dlsPzfeqxDkoSVZlVjVhX5B5_6jioAUVrfuEYwbbRemMCsrar70dhQNQQFZvJVgoKS8qSZzQIugy5GcFe4umv0Gsq35-Rx6ywB6S2Or4nD/s260-e100/lock.jpg" width="72"/></item><item><title>OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa</title><link>https://thehackernews.com/2022/11/researchers-detail-opera1er-apt-attacks.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Thu, 3 Nov 2022 15:51:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-3747152938808607637</guid><description>
A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022.
According to Singapore-headquartered cybersecurity company Group-IB, the attacks have led to thefts totaling $11 million, with actual damages estimated to be as </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb3YVU4LNVCRs2g4MGnNGlYyUbzM6UkISD7q2BB2OjMxiybMWSnxFUTUh3stIOYMceEUhyDF8OuyhHUAqUCqUcIF5t_vV0VdegJwggPvj0PmiWa-eyN2H2UsuBN08cEWM8JUtx_9dofyuk19pIEHw_lotS3pVQe_whbciMfykEFZUBRpnB7tQdca47/s260-e100/malware.jpg" width="72"/></item><item><title>Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT</title><link>https://thehackernews.com/2022/11/hackers-using-rogue-versions-of-keepass.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Thu, 3 Nov 2022 14:50:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-2358044867560454027</guid><description>
The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites.
Targets of the operation consist of victims in Ukraine and select English-speaking countries like the U.K.
"Given the geography of the targets and the current</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgF-MxVKxNt7SOxzmedCDx7-5Vre7YOmtG9DKOc1hVaL-8v2JYFoqcqXPxlJrwHyEVLvwqub_vQEkCqXIAZuHyGnT1x7h8MjgQl60m4QRID6ZAtTQWDGfU-1nfNUn057_dxwcSvgaEAi_2DDpXyvly_05DGz82c9Of0lTxc2wS8ChAT3bYfwnen-cD2/s260-e100/key.jpg" width="72"/></item><item><title>New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data</title><link>https://thehackernews.com/2022/11/new-tiktok-privacy-policy-confirms.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Thu, 3 Nov 2022 12:18:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-7632605953144449125</guid><description>
Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China.
The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRahCkqEHauQG-r_upgXcNwZ11C6QuuLfJVc36nNNHrim_K8k-obVM6yMdUefW2o9AW9THnSvZ1_lTp7y1AOyMKZ04uHo3OA1FW2a-pVgxeAYZdYxNhNyoIIPGptjufeSuyea5ND1SiGiFfX1p-ikyQ4zwyAuGhbOGH1k9O9da8mejg7UKmyfraS_V/s260-e100/tiktok-security-flaw.jpg" width="72"/></item><item><title>Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software</title><link>https://thehackernews.com/2022/11/multiple-vulnerabilities-reported-in.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Wed, 2 Nov 2022 18:41:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-475872900422248749</guid><description>
Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. 
"These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain code execution on the server running Checkmk version 2.1.0p10 and lower," SonarSource researcher </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI2Y4IexjEy_dEZhKX-qVA_kkb6Euvy-4pZaloixMTfG4TgnhSib69Ehz66ud9_TD4tZsol2Y4nnKuOzXx2ZTKLl3GoBBOpTViIOUdjyBFrtKKAtCZRgPlMG3mijbUbG1Hg7E_Wpi7vSJOcU07PJAXs04q9MKwuIh9EmcoQJTD7a2bA_Zk87uGTKFQ/s260-e100/code.jpg" width="72"/></item><item><title>These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites</title><link>https://thehackernews.com/2022/11/these-android-apps-with-million-play.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Wed, 2 Nov 2022 17:17:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-405263965434455802</guid><description>
A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign.
The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively downloaded over one million times.
According to Malwarebytes, the websites are designed to generate</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIteIyDHqJCj2q1TRELBLnlOqHRh5BlcJbkQfsBQxQa5K3H8TwYRBdJE1MI_wjydzXgpFH-h2gHKFfqXtULHOchNmM2wJildHYqC7mEWg12sZ2APzXsxVd4eMB5qlKCWtAlaO4leDCQrhfwiIddMxjV6UkeWuKdIZjMwTEaC3wqUFZDAKsmsSMYPWV/s260-e100/apps.jpg" width="72"/></item><item><title>Inside Raccoon Stealer V2</title><link>https://thehackernews.com/2022/11/inside-raccoon-stealer-v2.html</link><author>noreply@blogger.com (The Hacker News)</author><pubDate>Wed, 2 Nov 2022 16:58:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-5811532242563659525</guid><description>
Raccoon Stealer is back on the news again. US officials arrested Mark Sokolovsky, one of the malware actors behind this program. In July 2022, after several months of the shutdown, a Raccoon Stealer V2 went viral. Last week, the Department of Justice's press release stated that the malware collected 50 million credentials.
This article will give a quick guide to the latest info stealer's version</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCpSguz8tfo2ScoXeg7032e5zmHXSJhHbVTntNnKXsJoh1OeMStq2UDe1RTULlBSlFcdK0kOUzEUXMNitrFuCjl2kvEtgdF4nXUd69joLZukQ-Py10H8HjkdIySHJRKhSIrHdgxD9SB02bqHocxrNGeLNsnK6194sgnDlMZ-CqNycNtOcJxsXxor_z/s260-e100/racoon.jpg" width="72"/></item><item><title>Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App</title><link>https://thehackernews.com/2022/11/experts-warn-of-sandstrike-android.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Wed, 2 Nov 2022 15:09:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-5705274057674144663</guid><description>
A previously undocumented Android spyware campaign has been found striking Persian-speaking individuals by masquerading as a seemingly harmless VPN application.
Russian cybersecurity firm Kaspersky is tracking the campaign under the moniker SandStrike. It has not been attributed to any particular threat group.
"SandStrike is distributed as a means to access resources about the Bahá'í religion </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzIPoYAp5kb3-ags4KZ5xdDOpl91rD_5oPvilrcicP3fzePWpcToPEKn4l91k6I0OnplUd_H9Yfj1Sb86mAJgX5tKZBf5cCZbTWlR4xHhUiWwFe_ysu6B5d1sIc6q5eVsS4ToCNqGXJvd7lfSgA9GAw6aKtGjcVKPPMQLrDVTYeTaInTjnzGXPXkrL/s260-e100/hack.jpg" width="72"/></item><item><title>Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories</title><link>https://thehackernews.com/2022/11/dropbox-breach-hackers-unauthorizedly.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Wed, 2 Nov 2022 12:40:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-4154360122844716606</guid><description>
File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub.
"These repositories included our own copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTAZ4zpq585W4Q9Epa9hUQK9N9S2n-eddeCEgR3_HmoMk4TH9exa3S1nhQqZ3AvJGaT55nVmOjO5MkdI7dF_bLz_oqo7xiDjcxd6vXYo7hJ0cV0lvGldtJOP1QxGlatImYlK7YXKvUEmKO8Uc-JwVQKnhEK6SszqkogLjv9-RlGvkEO67lHEW2Osp2/s260-e100/DROPbox.jpg" width="72"/></item><item><title>OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities</title><link>https://thehackernews.com/2022/11/just-in-openssl-releases-patch-for-2.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Tue, 1 Nov 2022 21:56:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-7693969617983831085</guid><description>
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution.
The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun vulnerabilities that can be triggered during X.509 certificate verification by supplying a specially-crafted email</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEist19_xjjwBTCyA4-B0zS5OAZpwcCgqw_8BD8FdIRZN9aH7Oz1jvzcxlsqG04SqmevXsbdz6SN1vAFsypICWzRFRXtP-H035HczQg7Yb_m7usSJR2mB2Bsd4jdEP0Fm5V2HiUkKpXQmSqQsAlVwa5lo0Ob3txPFRGeZQl8xrubVfZV68dOWGs_qm-d/s260-e100/openssl.jpg" width="72"/></item><item><title>Researchers Disclose Details of Critical 'CosMiss' RCE Flaw Affecting Azure Cosmos DB</title><link>https://thehackernews.com/2022/11/researchers-disclose-details-of.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Tue, 1 Nov 2022 21:24:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-6603873800888771725</guid><description>
Microsoft on Tuesday said it addressed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB that enabled full read and write access.
The tech giant said the problem was introduced on August 12, 2022, and rectified worldwide on October 6, 2022, two days after responsible disclosure from Orca Security, which dubbed the flaw CosMiss.
"In short, if an attacker had </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDBzNhfxCV9NX6g4d__6a-w2rkVtsicudwMFp5n2VhIZCO9Aa2WViNma8DbI9DOKNCwZgF5i-FSBxc_Ojed4kKklgKN6INB3e3rbhVx1hESImXDbi-G_22SSUoF-ZJKKZo6pccJOIF-zMWeYFDb5PVoPul7SdwRvaRWk8CfqrzdmGN08rCmkfeSOGM/s260-e100/azure-hack.jpg" width="72"/></item><item><title>Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware</title><link>https://thehackernews.com/2022/11/chinese-hackers-using-new-stealthy.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Tue, 1 Nov 2022 20:45:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-2447533469007706973</guid><description>
The Chinese state-sponsored threat actor known as Stone Panda has been observed employing a new stealthy infection chain in its attacks aimed at Japanese entities.
Targets include media, diplomatic, governmental and public sector organizations and think-tanks in Japan, according to twin reports published by Kaspersky.
Stone Panda, also called APT10, Bronze Riverside, Cicada, and Potassium, is a </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP9qEZr3etLBB5t-4Z4PeegWcT8lMjz7A7d7Ksw4uvACNSJR44QPek1czgLUPre4g2AokHXVhe6c_pEggGDRmFXD_m-YX5w-c9HF8OFXjpHeUFH1sEHxPG5w16k96jOKtfja0Tj3AC9JgDpj4gXCnbqL7ydmqz7Mn0cpVTuuvQDT6ODS1D8C73ZH3S/s260-e100/malware-hack.jpg" width="72"/></item><item><title>Last Years Open Source - Tomorrow's Vulnerabilities</title><link>https://thehackernews.com/2022/11/last-years-open-source-tomorrows.html</link><author>noreply@blogger.com (The Hacker News)</author><pubDate>Tue, 1 Nov 2022 17:34:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-4805991546642713055</guid><description>
Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this: "given enough eyeballs, all bugs are shallow." This phrase puts the finger on the very principle of open source: the more, the merrier - if the code is easily available for anyone and everyone to fix bugs, it's pretty safe. But is it? Or is the saying "all bugs are shallow" only true for</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHCMnqhwqPtQNSBXsZfmX7LEVj5u6v9J0m0PEJfwCxouhiIhao2Vs5MVncWuJ98NuxpWT7NguZoYl9dp9C4CsQNISQjl1ik3-HeBH_0aR7VPGsot16xib61mh4OHw6O8pbWPihBxdOnhJUpQ7H8hm9OS6DpuBY_aUAr7qYoai0rNSCjr6TtjWFr_JO/s260-e100/open-source-hacking.jpg" width="72"/></item><item><title>Critical RCE Vulnerability Reported in ConnectWise Server Backup Solution</title><link>https://thehackernews.com/2022/11/critical-rce-vulnerability-reported-in.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Tue, 1 Nov 2022 16:58:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-2142406894735240789</guid><description>
IT service management software platform ConnectWise has released Software patches for a critical security vulnerability in Recover and R1Soft Server Backup Manager (SBM).
The issue, characterized as a "neutralization of Special Elements in Output Used by a Downstream Component," could be abused to result in the execution of remote code or disclosure of sensitive information.
ConnectWise's </description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoAvLK4Au50a48pB2oJTpi14L4dQ68AF-1HNAQC1b0QL8K10C1y1Gejxei7DcSmkyHkuQhA6rmUeq75_GZnOIM6zlLI3o5yf4pZJCbJik4DoMBjQqkS7YOUcjGs34IXMKGCcEiq2YW5xobdjhr_gKax5zszSGrNMAZZA2W2Iq-Xs3Jy5jEwnFsb684/s260-e100/connectwise.jpg" width="72"/></item><item><title>Fodcha DDoS Botnet Resurfaces with New Capabilities</title><link>https://thehackernews.com/2022/10/fodcha-ddos-botnet-resurfaces-with-new.html</link><author>noreply@blogger.com (Ravie Lakshmanan)</author><pubDate>Mon, 31 Oct 2022 19:58:00 +0530</pubDate><guid isPermaLink="false">tag:blogger.com,1999:blog-4802841478634147276.post-3512391445185373816</guid><description>
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal.
This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360's Network Security Research Lab said in a report published last week.
Fodcha first came to</description><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" height="72" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiekhuIsPj1du9-ywTstgoIIYCnZ7-raT9GQhq89YstezFeaanHX2npg_Hims5cAxsASnj6UIR3MgBVpYmmBa53xpy_dfVKsNkF3jwG-S0Sqc87ANbaq85ZotGsVP8lAb8itkOL539ugRWkvq4MNo7LbFvO8eRiGh76NGXsr0-Z-ijUThWLrHePgWdW/s260-e100/hacking.jpg" width="72"/></item></channel></rss>