"Malicious npm packages target Ethereum developers."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 05 January 2025, 0059 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

69K followers23 articles per week#security#tech

17

Today

Malicious npm packages target Ethereum developers

7 TTPs

•

by Pierluigi Paganini / 25min

•

Malicious npm package deploys Quasar RAT

, impersonating Hardhat plugins to steal private keys and sensitive data. Hardhat , by the Nomic Foundation , is an essential Ethereum tool, enabling streamlined smart contract and dApp development with customizable plugins. Socket researchers reported a supply chain attack targeting the Nomic Foundation and Hardhat platforms, attackers use malicious npm packages to steal critical data like priva

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

US sanctions Integrity Technology Group

•

by Pierluigi Paganini / 5h

The U.S. Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. The U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by China’s state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). The China-linked APT group used Integrity Tech’s infrast

Yesterday

FireScam Android info-stealing malware supports spyware capabilities

by Pierluigi Paganini / 1d

FireScam malware steals credentials and financial data by monitoring Android app notifications and sending data to a Firebase database. Cybersecurity firm Cyfirma warns of the FireScam Android info-stealing malware that supports spyware capabilities. The malicious code steals credentials and financial data by monitoring app notifications and sending the information to a Firebase database. The mal

Richmond University Medical Center data breach impacted 674,033 individuals

Richmond University Medical Center data breach

•

by Pierluigi Paganini / 1d

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals . Richmond University Medical Center (RUMC) is a healthcare institution based in Staten Island, New York. It provides a wide range of medical services, including inpatie

Apple will pay $95 Million to settle lawsuit over Siri’s alleged eavesdropping

Apple settles Siri privacy lawsuit

•

by Pierluigi Paganini / 1d

Apple has agreed to a $95 million settlement over a Siri eavesdropping lawsuit, denying any abuses. The settlement awaits judicial approval. Apple will pay $95 million to settle claims that its virtual assistant Siri was used to eavesdrop on users, though the company denies the allegations. The settlement proposed by the tech giant aims to resolve the lawsuit alleging that Siri recorded conversat

LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113

4 TTPs

•

by Pierluigi Paganini / 1d

•

CVE-2024-49112 & 1 other

Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability CVE-2024-49113 (CVSS score of 7.5), named LDAPNightmare, is a Windows Lightweight Directory Access Protocol (LDAP) Denial of Service flaw that was discovered by the researcher Yuki Chen . An attacker can exploit the now-patched vulnerability to trigger

Jan 2, 2025

Around 3.3 million POP3 and IMAP mail servers lack TLS encryption

by Pierluigi Paganini / 1d

Over 3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. ShadowServer researchers reported that around 3.3 million POP3 and IMAP mail servers lack TLS encryption, exposing them to network sniffing attacks. POP3 (Post Office Protocol 3) and IMAP (Internet Message Access Protocol) are two protocols used to retrieve and manage emails from mail servers

A US soldier was arrested for leaking presidential call logs

US soldier arrested for hacking

•

by Pierluigi Paganini / 2d

US authorities have arrested soldier Cameron John Wagenius for his alleged involvement in leaking presidential phone records. US authorities arrested Cameron John Wagenius (20), a US Army soldier, suspected of involvement in leaking presidential call logs. The soldier was arrested in Fort Hood, Texas, he is suspected to be the hacker who using the moniker ‘Kiberphant0m’ leaked and sold call recor

DoubleClickjacking allows clickjacking on major websites

DoubleClickjacking exploits user interactions

•

by Pierluigi Paganini / 2d

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjacking is a technique that allows attackers to bypass protections on major websites by leveraging a double-click sequence . Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major

Russian media outlets Telegram channels blocked in European countries

Telegram blocks Russian media in EU

•

by Pierluigi Paganini / 2d

Telegram restricted access to Russian state-owned news channels in several European countries, including Poland, France, and Italy. Telegram blocked access to channels of multiple Russian state-owned news outlets across Europe, including Italy, Poland, Czechia, Belgium, France, the Netherlands, Greece, and Latvia. Some blocked Russian media outlets are RIA Novosti , NTV , Rossiya 1 , and Rossiysk

Three Russian-German nationals charged with suspicion of secret service agent activity

German-Russians indicted for espionage

•

by Pierluigi Paganini / 2d

German authorities have charged three Russian-German nationals with suspicion of, among other things, secret service agent activity for the Russian government. German authorities have charged three Russian-German nationals on suspicion of activities including acting as secret service agents for the Russian government. On 9 December 2024, the Federal Prosecutor’s Office filed charges against the G

Jan 1, 2025

Lumen reports that it has locked out the Salt Typhoon group from its network

China-linked Salt Typhoon targets telecoms

•

by Pierluigi Paganini / 2d

Lumen reports that the Salt Typhoon hacking group, which targeted at least nine U.S. telecom firms, was locked out of its network. This week, a White House official confirmed that China-linked APT group Salt Typhoon has breached a ninth U.S. telecoms company as part of a cyberespionage campaign aimed at telco firms worldwide. China-linked APT group Salt Typhoon (also known as FamousSparrow and Gh

Proposed updates to HIPAA Security Rule mandate to restore the loss of certain relevant electronic information systems and data within 72 hours

HHS proposes updates to HIPAA Security

•

by Pierluigi Paganini / 3d

HHS OCR proposed updates to the HIPAA Security Rule to boost cybersecurity for electronic protected health information (ePHI). On December 27, 2024, the United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) proposed updates to the HIPAA Security Rule to enhance cybersecurity for electronic protected health information (ePHI). The proposed updates to the Securi

U.S. Treasury sanctions Russian and Iranian entities for interfering in the presidential election

US sanctions Iran Russia election interference

•

by Pierluigi Paganini / 3d

The U.S. Treasury sanctioned entities for disinformation tied to Russian and Iranian intelligence before the 2024 presidential elections. The U.S. Treasury sanctioned entities for spreading disinformation linked to Russian and Iranian intelligence ahead of the 2024 presidential elections . The