The Hacker News Daily Updates

New malware campaign targets Indian government employees.

Views expressed in this cybersecurity, cybercrime, and cyberespionage update are those of the reporters and correspondents.   Accessed on 04 November 2022, 1700 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/?ogbl#inbox/FMfcgzGqRQCzJLjkCwcPLbsdJkzWHnnB.

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

Cybersecurity Budget Tips that Deliver the Most Bang for Your Buck Discover the data behind which cybersecurity controls deliver the best ROI Download Now Sponsored

LATEST NEWS Nov 4, 2022

Researchers Detail New Malware Campaign Targeting Indian Government Employees The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. "This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions ... Read More

Your OT Is No Longer Isolated: Act Fast to Protect It Not too long ago, there was a clear separation between the operational technology (OT) that drives the physical functions of a company – on the factory floor, for example – and the information technology (IT) that manages a company's data to enable management and planning.  As IT assets became ... Read More

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC ... Read More

Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group. This link "could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both ... Read More

Why Identity & Access Management Governance is a Core Part of Your SaaS Security Every SaaS app user and login is a potential threat; whether it's bad actors or potential disgruntled former associates, identity management and access control is crucial to prevent unwanted or mistaken entrances to the organization's data and systems.  Since enterprises have thousands to tens of ... Read More

OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022. According to Singapore-headquartered cybersecurity company ... Read More

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine and ... Read More

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China. The ByteDance-owned platform, which currently stores European user data in the U.S. ... Read More

Cybersecurity Budget Tips that Deliver the Most Bang for Your Buck Discover the data behind which cybersecurity controls deliver the best ROI Download Now Sponsored