Latest Tech News

.NET developers are being targeted with malware designed to steal their cryptocurrency, new reports have claimed.

Cybersecurity researchers from JFrog recently spotted an active campaign in which malicious packages were uploaded to the NuGet repository, for .NET developers to download and use. 

When activated, the packages download and run a PowerShell dropper called init.ps1, which changes the endpoint’s settings to allow PowerShell scripts to be executed without restrictions.

Custom payloads

That feature alone was enough of a red flag to warrant the package’s elimination, the researchers suggest: "This behavior is extremely rare outside of malicious packages, especially taking into consideration the "Unrestricted" execution policy, which should immediately trigger a red flag." 

Still, if allowed to operate unabated, the package will download and execute a “completely custom executable payload” for the Windows environment, the researchers added. This, too, is rare behavior, the analysts said, as hackers would usually just use open-source tools to cut down on time. 

To build up their legitimacy, the hackers did two things. First, they typosquatted their NuGet repository profiles, to impersonate Microsoft software developers working on the NuGet .NET package manager. 

Read more

> Thousands of GitHub repositories are littered with malware

> Supply chain attacks on open source repositories are reaching new highs

> Here are the best ransomware protection tools right now

Second, they inflated the download numbers of the malicious packages to obscene highs, to make it as if the packages were legitimate and downloaded hundreds of thousands of times. While this may still be the case, the researchers said, it is more likely that they used bots to artificially inflate the numbers to catch developers off guard. 

"The top three packages were downloaded an incredible amount of times – this could be an indicator that the attack was highly successful, infecting a large amount of machines," the JFrog security researchers said. "However, this is not a fully reliable indicator of the attack's success since the attackers could have automatically inflated the download count (with bots) to make the packages seem more legitimate."

• Keep your business safe with the best endpoint protection for small business

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/Ow2j8y7

The Best GoPro Alternative Won't Break the Bank - CNET

We love the Hero 10 Black, but it's expensive. This alternative costs half the price.

from CNET https://ift.tt/dhF8Spf

YouTube TV Prices Are Going Up. Here's What You'll Pay Now - CNET

New subscribers will be charged the higher rate now, and the increase will hit existing subscribers starting April 18.

from CNET https://ift.tt/BKyoRNk

Latest Tech News

We can now add Hitachi Energy to the increasingly growing list of organizations compromised through the GoAnywhere MFT zero-day vulnerability. 

The company has published a press release in which it explained the details of the breach:

"We recently learned that a third-party software provider called FORTRA GoAnywhere MFT (Managed File Transfer) was the victim of an attack by the CLOP ransomware group that could have resulted in an unauthorized access to employee data in some countries," the company said.

The Clop effect

The company said it acted straight away after detection, unplugging the GoAnywhere program from its wider network and kicking off an investigation to assess the impact of the incident. After that, it notified all affected parties, reached out to data protection authorities, as well as the police. The firm remains operational, the press release adds.

"To date, we have no information that neither our network operations nor the security or reliability of customer data have been compromised."

In early February 2023, a ransomware threat actor Clop took responsibility for a data theft attack against Community Health Systems (CHS), saying it abused a zero-day in GoAnywhere MFT, a popular file-sharing service developed by Fortra and used by large businesses to share sensitive files, securely.

Read more

> Hatch Bank says 140,000 customers had data stolen after breach

> Clop ransomware hackers hit a million US healthcare customers

> Check out the best malware removal tools right now

At the time, it claimed to have breached 130 organizations using the same method, but did not provide any proof for its claims. Since then, it started populating the list of affected companies, with Hatch Bank also being among those hit. 

Hitachi Energy is a department of Japanese engineering and technology powerhouse, Hitachi. This department specializes in power systems and energy solutions and, according to BleepingComputer, has an annual revenue of $10 billion. We don’t know what type of data Clop operators took with them.

We do know that at least two dozen firms have already had their sensitive data posted on the Clop ransomware leak site.

• These are the best endpoint protection tools right now

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/wdJIDRe

Latest Gadgets News

Facebook content moderators in Kenya are suing the social media site's parent company Meta and two outsourcing companies for unlawful redundancy, a rights group said on Monday. The 43 applicants say they lost their jobs with Sama, a Kenya-based firm contracted to moderate Facebook content, for organising a union. They also say they were blacklisted from applying for t...

from Gadgets 360 https://ift.tt/gVehs6T

California Advances Plan to Make $30 Insulin - CNET

The state will be the first to make its own insulin with its own drug brand. Drug companies have also slashed prices after outcry over the high cost of the life-saving medication.

from CNET https://ift.tt/IfVWK5l

Latest Gadgets News

A 37-year-old businessman from Mira Road in Thane has been cheated of Rs 33.65 lakh after he was tricked into investing in bitcoins on the false promise of lucrative returns, police said on Monday.

from Gadgets 360 https://ift.tt/NSlTIKx

Remember the Acronym BEFAST if You Suspect a Stroke - CNET

Here's a to spot a stroke.

from CNET https://ift.tt/OlWLB8C

Here's How to Boost Your Daily Happiness in Only 3 Minutes - CNET

Use this research-backed ritual to boost your happiness today.

from CNET https://ift.tt/74rj10i

When Will Your Tax Refund Arrive? How to Track Your IRS Money - CNET

After you've filed your taxes, here's how to figure out exactly when you'll get your money.

from CNET https://ift.tt/d0D7qWZ

The Best Time to Buy Plane Tickets for the Cheapest Flights - CNET

To save on travel costs, when you buy and fly matters.

from CNET https://ift.tt/5Sva1cZ

Best Grills for 2023: Gas Grills, Griddles, Charcoal Grills and More - CNET

Looking to take your steak to the next level? Here are the best gas, charcoal and kamado-style grills on the market so you can upgrade your grilling game.

from CNET https://ift.tt/KjvD82J

Google Doodle Celebrates Mario Molina, Scientist Who Revealed Ozone Threat - CNET

Nobel Prize winner showed how CFCs could break down the Earth's protection against harmful ultraviolet radiation.

from CNET https://ift.tt/WJp2STF

23 Best Gifts for Tweens in 2023 - CNET

Kids aged 9 to 12 can be difficult to shop for, so we're here to help take the hassle out of finding the best gifts for tweens.

from CNET https://ift.tt/kVnCHlj

Latest Gadgets News

Xiaomi-owned subsidiary brand Poco is reportedly gearing up to launch its next midrange smartphone, the Poco F5 5G smartphone. The 5G handset is believed to be a rebranded version of the unreleased Redmi Note 12 Turbo, which has already been confirmed to receive Qualcomm's Snapdragon 7+ Gen 2 SoC. The device is also expected to feature a 6.67-inch QHD+ AMOLED panel wi...

from Gadgets 360 https://ift.tt/bEIMKqs