Over 40 npm packages trojanized to steal GitHub and cloud credentials via bundle.js malware
Category: cybercrime/malcode
FinWise insider breach impacts 689K American First Finance customers
FinWise Bank is warning on behalf of corporate customers that it suffered a data breach after a former employee accessed sensitive files after the end of their employment.
“On May 31, 2024, FinWise experienced a data security incident involving a former employee who accessed FinWise data after the end of their employment,” reads a data breach notification sent by FinWise on behalf of American First Finance (AFF).
American First Finance (AFF) is a company that offers consumer financing products, including installment loans and lease-to-own programs, for a diverse range of products and services. Customers use AFF to apply for and manage the loans, with the company handling the services, account setup, repayment process, and customer support.
New HybridPetya ransomware can bypass UEFI Secure Boot
A recently discovered ransomware strain called HybridPetya can bypass the UEFI Secure Boot feature to install a malicious application on the EFI System Partition.
HybridPetya appears inspired by the destructive Petya/NotPetya malware that encrypted computers and prevented Windows from booting in attacks in 2016 and 2017 but did not provide a recovery option.
Researchers at cybersecurity company ESET found a sample of HybridPetya on VirusTotal. They note that this may be a research project, a proof-of-concept, or an early version of a cybercrime tool still under limited testing.
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024–7344 Exploit
HybridPetya ransomware exploits CVE-2024–7344 to bypass UEFI Secure Boot, encrypts NTFS MFT, and demands $1,000 Bitcoin ransom.
RNA technology ‘hacks’ into phage replication, offering new insights into molecular interactions
Bacteriophages, or phages for short, are viruses that infect bacteria. Using phages therapeutically could be very useful in fighting antibiotic-resistant pathogens, but the molecular interactions between phages and host bacteria are not yet sufficiently understood. Jörg Vogel’s research group at the Helmholtz Institute for RNA-based Infection Research (HIRI) and the Institute of Molecular Infection Biology (IMIB) in Würzburg has now succeeded in specifically interfering with phage reproduction using a molecular tool called antisense oligomers (ASOs).
According to the researchers, this innovative RNA technology offers new insights into the molecular world of phages and is expected to advance the development of future therapeutic applications. The study has been published in the journal Nature.
Like humans, bacteria have to cope with viruses—known as bacteriophages, or phages for short. Phages invade bacteria, hijack their cellular machinery, multiply, and cause the bacterial cell to burst. This releases new phages, which then go on to infect other bacteria. Phages are harmless to humans because they target only bacteria. They are also quite selective: Most phages are specialized in infecting specific host bacteria, including bacterial pathogens.
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release.
Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been exploited in the wild as a zero-day. Like last month, 38 of the disclosed flaws are related to privilege escalation, followed by remote code execution (22), information disclosure (14), and denial-of-service.
“For the third time this year, Microsoft patched more elevation of privilege vulnerabilities than remote code execution flaws,” Satnam Narang, senior staff research engineer at Tenable, said. “Nearly 50% (47.5%) of all bugs this month are privilege escalation vulnerabilities.”
DDoS defender targeted in 1.5 Bpps denial-of-service attack
A DDoS mitigation service provider in Europe was targeted in a massive distributed denial-of-service attack that reached 1.5 billion packets per second.
The attack originated from thousands of IoTs and MikroTik routers, and it was mitigated by FastNetMon, a company that offers protection against service disruptions.
“The attack reached 1.5 billion packets per second (1.5 Gpps) — one of the largest packet-rate floods publicly disclosed,” FastNetMon says in a press release.