Hacks

As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on. In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over  700 malicious gems  — packages written in Ruby programming language — that supply chain attackers were caught recently distributing through the RubyGems repository. The malicious campaign leveraged the  typosquatting technique  where attackers uploaded intentionally misspelled legitimate packages in hopes that unwitting developers will mistype the name and unintentionally install the malicious library instead. ReversingLabs said the typosquatted packages in question were uploaded to RubyGems between February 16 and February 25, and that most of them have been designed to secretly ...

Google has busted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies. The 49 browser add-ons, potentially the work of Russian threat actors, were  identified  (find the list here) by researchers from MyCrypto and PhishFort. "Essentially, the extensions are phishing for secrets —  mnemonic phrases , private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts." Although the offending extensions were removed within 24 hours after they were reported to Google, MyCrypto's analysis showed that they began to appear on the Web Store as early as February 2020, before ramping up in subsequent months. In addition, all the extensions functioned ali...

Cybercriminals continue to use the Coronavirus outbreak to launch various attacks such as malware, phishing, fraud, and disinformation campaigns. In the current situation, most of the organization has been closed and the employees are provided with options to work from home. So the RDP and the video communication platforms usage will be high. Attacks Targeting Zoom Recently  multiple vulnerabilities  detected with Zoom client that allows attackers to steal the Windows password and to escalate privileges with macOS. Researchers from IntSights  discovered  a shared database containing more than 2300 usernames and passwords to Zoom accounts. The database includes details of Zoom accounts such as email and password, others included meeting IDs, names and host keys. Along with Zoom credentials the database also includes data of “personal accounts, many corporate accounts were belonging to banks, consultancy companies, educational facilities, healthcare p...

Tech giants  Apple  and  Google  have joined forces to develop an interoperable contract-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19. As part of this new initiative, the companies are expected to release an API that public agencies can integrate into their apps. The next iteration will be a built-in system-level platform that uses Bluetooth low energy (BLE) beacons to allow for contact tracing on an opt-in basis. The APIs are expected to be available mid-May for Android and iOS, with the broader contact tracing system set to roll out "in the coming months." "Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders," the companies said. The rare collaboration comes as governments worldwide are increasingly turning to technology such as phone tracking and facial recognition to battle...