Recent Cyber News Feed Spot

Welcome to our Recent Cyber News Feed:

• All
• Threats
• Hacks
  • Hacker's Den
• ID Theft
• Cyber Attacks
• Cyber News
• Cyber Attack and Hacks
• Cyber Defense

Threats

• The Life Cycle of a Breached Database Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here's a closer look at what typically…Krebs on SecurityJul 29 2021
• PlugwalkJoe Does the Perp WalkOne day after last summer's mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph "PlugwalkJoe" O'Connor appeared to have been involved in the incident. When the Justice Department last week announced O'Connor's arrest and indictment, his alleged role in the Twitter compromise was well covered in the media. But most of the coverage so…Krebs on SecurityJul 26 2021
• Serial Swatter Who Caused Death Gets Five Years in PrisonA 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.Krebs on SecurityJul 21 2021
• Spam Kingpin Peter Levashov Gets Time ServedA federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty…Krebs on SecurityJul 20 2021
• Don’t Wanna Pay Ransom Gangs? Test Your Backups.Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only they'd had proper data backups. But the ugly truth is there are many non-obvious reasons why victims end up paying even when they have…Krebs on SecurityJul 19 2021

Hacks

• Security Affairs newsletter Round 325 A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Crooks target Kubernetes installs via Argo Workflows to deploy miners XCSSET MacOS malware targets Telegram, Google Chrome…Security Affairs by Pierluigi PaganiniAug 01 2021
• Threat actors leaked data stolen from EA, including FIFA code Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source…Security Affairs by Pierluigi PaganiniJul 31 2021
• SolarWinds hackers breached 27 state attorneys’ offices Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The US Department of Justice revealed that the Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were hacked by the Russia-linked SVR (aka APT29, Cozy Bear, and The Dukes) during the SolarWinds attack. The…Security Affairs by Pierluigi PaganiniJul 31 2021
• Android Banking Trojan Vultur uses screen recording for credentials stealing Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. Vultur was first spotted in late March 2021, it gains full…Security Affairs by Pierluigi PaganiniJul 31 2021
• CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Manfred Paul of the RedRocket CTF team released the exploit code for a high-severity privilege escalation bug, tracked as CVE-2021-3490, in Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to…Security Affairs by Pierluigi PaganiniJul 30 2021
• Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB Estonia ‘s police arrested a man from Tallinn that is suspected to be the hacker who stole 286K ID scans from the government systems. Estonian police arrested a man from Tallinn that is suspected to have stolen 286,438 belonging to Estonians citizens from the government systems. The hacker exploited a vulnerability in a photo transfer…Security Affairs by Pierluigi PaganiniJul 30 2021
• Meteor was the wiper used against Iran’s national railway system The recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by a ransomware as initially thought. According to research from Amnpardaz and SentinelOne, the recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by ransomware as initially thought. Meteor was a previously undetected strain of malware, but experts…Security Affairs by Pierluigi PaganiniJul 30 2021
• BlackMatter and Haron, two new ransomware gangs in the threat landscape The cyber threat landscape change continuously, recently two new ransomware-as-service (RaaS) operations named BlackMatter and Haron made the headlines. Recently, two new ransomware gangs, named BlackMatter and Haron, announced the beginning of the operations. The Haron malware was first described by the South Korean security firm S2W Lab, three day after a first sample of…Security Affairs by Pierluigi PaganiniJul 29 2021
• LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies. Kramez explained that this is the…Security Affairs by Pierluigi PaganiniJul 29 2021
• Critical flaw in Microsoft Hyper-V could allow RCE and DoSExperts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on it. Researchers Peleg Hadar of SafeBreach and Ophir Harpaz of Guardicore disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow triggering a DoS condition ot executing arbitrary code on it. The flaw resides in…Security Affairs by Pierluigi PaganiniJul 29 2021
• US, UK, and Australian agencies warn of top routinely exploited issuesA joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) published a Joint Cybersecurity…Security Affairs by Pierluigi PaganiniJul 28 2021
• Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange ServersA China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks. A China-linked cyberespionage group tracked as PKPLUG (aka Mustang Panda and HoneyMyte), which is known for targeting Southeast Asia, exploited vulnerabilities in the Microsoft Exchange Server to deploy a previously undocumented variant of PlugX  on compromised systems. Researchers…Security Affairs by Pierluigi PaganiniJul 28 2021
• IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2MThe ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data…Security Affairs by Pierluigi PaganiniJul 28 2021
• BlackMatter ransomware group claims to be Darkside and REvil succesorBlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its…Security Affairs by Pierluigi PaganiniJul 28 2021
• Flaws in Zimbra could allow to takeover webmail server of a targeted organizationResearchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious email. Cybersecurity researchers have discovered multiple security vulnerabilities, tracked as CVE-2021-35208 and CVE-2021-35208, in Zimbra email collaboration software. An unauthenticated attacker could chain these vulnerabilities to fully takeover a Zimbra webmail server of a targeted organization. An…Security Affairs by Pierluigi PaganiniJul 27 2021

Hacker's Den

• Top 10 Best Free Antivirus Download For PC 2021 Basically, a Best Free Antivirus software is the most essential part of Windows and significant for every Windows PC nowadays since the cyber threat is continuously evolving day by day. As without an Antivirus, you have a risk of losing your personal information, like your files, the cash from your bank account, ransom, and much…Hacker's DenJul 31 2021
• Russian APT29 Used 30+ C&C Servers Uncovered Linked to “WellMess” Malware Researchers from RISKIQ uncovered more than 30 commands & control server infrastructure actively serving malware known as “WellMess/WellMail”. These C2 servers belong to Russian APT29 group hackers, and the gang was identified nearly a year back by the UK, US, and Canadian governments issued a joint advisory. APT29(YTTRIUM, THE DUKES, COZY BEAR) group explicitly believed to…Hacker's DenJul 30 2021
• New Android Banking Malware Recording Screen, Keylogging & Spy Android Users Via VNC Oscorp, a new Android malware stealing funds from the victims’ home banking service, by combining the usage of phishing kits and vishing calls. This new version of Oscorp malware was detected by Cleafy systems. According to the report, the geographical distribution of banks and other apps targeted by Oscorp includes Spain, Poland, Germany, Turkey, the…Hacker's DenJul 29 2021
• TA456 – Iranian Hackers Attack Defense Contractors with Malware To Exfiltrate Sensitive DataThe security researchers at Proofpoint have uncovered that the Iranian Hacking group, TA456 which is also known as “Tortoiseshell” and “Imperial Kitten” has recently executed several targeted attacks on defense contractors with malware. On Facebook, the hackers of this group mimicked themselves as aerobics instructors simply to fool the defense contractors and then compromise their…Hacker's DenJul 29 2021
• 8 Security Tools to be Unveiled at Black Hat USASecurity researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.Hacker's DenJul 28 2021
• 10 Best Free Password Manager to Secure Your Password For 2021Free Password Manager always helps to make Strong passwords to protect your devices, online banking accounts and other data sources from unauthorized access. In this article, we highlight the Best open source Password Manager for Android, Mac and iPhone. Do I really need a password manager? Manage different password for so many accounts in online…Hacker's DenJul 28 2021
• EvilModel – New Method to Secretly Deliver Malware Via Neural Networks To Evading Antivirus EnginesRecently, three well-known security analysts, Zhi Wang, Chaoge Liu, and Xiang Cui have published a research report known as EvilModel, a model through which attacker will send a malware covertly and evade the detection. In this security report, these three cybersecurity researchers have demonstrated a new method for hiding malware into AI models and evading…Hacker's DenJul 27 2021
• New LemonDuck Malware Attack Windows & Linux Systems for Mining & Stealing ActivitiesA new version of LemonDuck has been found by the security experts Microsoft and this new version can now steal data, put backdoors, and implement different malicious activities on vulnerable computers. However, the Microsoft 365 Defender Threat Intelligence team has ensured that this new version of LemonDuck is quite dangerous as compared to the old…Hacker's DenJul 27 2021
• Hackers Attack Kubernetes Cluster to Deploy Crypto-MinersThe cybersecurity experts at Intezer have recently detected a cyberattack, and soon after detecting they have warned that the threat actors of this attack are using the Argo Workflows engine to start attacks on Kubernetes clusters to easily deploy crypto miners. After detecting the cyberattack, the researchers started their deep investigation, and they found a…Hacker's DenJul 26 2021
• Ransomware Attack Response and Mitigation ChecklistRansomware is one of the fast-growing threat in the worldwide and its considered as a leader of Global cyberattack in recent days which cause some dangerous issues and loss in many organizations and individuals. Here is the Ransomware response Checklist for Attack Response and Mitigation. The ransomware is a turnkey business for some criminals, and victims still…Hacker's DenJul 26 2021
• Beware!! Fake Windows 11 Installer Drop Malware on Your ComputerEarlier this year Microsoft announced Windows 11, and Microsoft hasn’t published this new operating system publicly. But, a few weeks ago Windows 11 was unofficially leaked before Microsoft released it to Windows Insiders. In short, the announcement of the new OS of Microsoft, Windows 11 has created a big hype on the internet world. And…Hacker's DenJul 25 2021
• macOS Malware Added New Weapons to Its Arsenal To Attack Google Chrome & TelegramThe security researchers of Trend Micro have recently detected that the XCSSET malware that has been outlined to attack the macOS operating system got updated.  The analysts noted that the new updated version consists of a new feature, that enables the stealing of private data from different applications, which also includes the Google Chrome browser…Hacker's DenJul 24 2021
• How to Protect Your Files From Ransomware Attacks?Ransomware today is among the greatest threats to your data privacy and security. As per cybersecurity ventures, this damage has been increasing considerably over time. The global ransomware damage in 2017 was recorded to be worth $5 billion, and these numbers have never stopped growing since then. The worst part is it can enter into…Hacker's DenJul 24 2021
• Security Information and Event Management (SIEM) – A Detailed ExplanationSIEM software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network hardware and applications. Vendors sell SIEM as software, as appliances or as managed services; these products are also used to log security data and generate reports for compliance purposes.  …Hacker's DenJul 24 2021
• Top 5 Best Dark Web Browser for Anonymous Web Browsing With Ultimate Privacy – 2021Dark web browser are a most important concern for anonymous browsing and the most used applications in any device in current times is browsers, but not all your browsing histories are kept private and this is why deep or dark web makes a difference for complete privacy. Unlike Dark web browsers, other browsers With cookies,…Hacker's DenJul 23 2021

ID Theft

Cyber Attacks

Cyber News

Cyber Attack and Hacks

Cyber Defense

• Threat actors leaked data stolen from EA, including FIFA code Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source…Security DefenseJul 31 2021
• SolarWinds hackers breached 27 state attorneys’ offices Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The US Department of Justice revealed that the Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were hacked by the Russia-linked SVR (aka APT29, Cozy Bear, and The Dukes) during the SolarWinds attack. The…Security DefenseJul 31 2021
• Android Banking Trojan Vultur uses screen recording for credentials stealing Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. Vultur was first spotted in late March 2021, it gains full…Security DefenseJul 31 2021
• CVE-2021-3490 – Pwning Linux kernel eBPF on Ubuntu machines Researcher published an exploit code for a high-severity privilege escalation flaw (CVE-2021-3490) in Linux kernel eBPF on Ubuntu machines. The security researcher Manfred Paul of the RedRocket CTF team released the exploit code for a high-severity privilege escalation bug, tracked as CVE-2021-3490, in Linux kernel eBPF (Extended Berkeley Packet Filter). A local attacker could exploit the flaw to…Security DefenseJul 30 2021
• Estonia ‘s police arrested a Tallin resident who stole 286K ID scans from a government DB Estonia ‘s police arrested a man from Tallinn that is suspected to be the hacker who stole 286K ID scans from the government systems. Estonian police arrested a man from Tallinn that is suspected to have stolen 286,438 belonging to Estonians citizens from the government systems. The hacker exploited a vulnerability in a photo transfer…Security DefenseJul 30 2021
• Meteor was the wiper used against Iran’s national railway system The recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by a ransomware as initially thought. According to research from Amnpardaz and SentinelOne, the recent attack against Iran’s national railway system was caused by a wiper malware dubbed Meteor and not by ransomware as initially thought. Meteor was a previously undetected strain of malware, but experts…Security DefenseJul 30 2021
• BlackMatter and Haron, two new ransomware gangs in the threat landscape The cyber threat landscape change continuously, recently two new ransomware-as-service (RaaS) operations named BlackMatter and Haron made the headlines. Recently, two new ransomware gangs, named BlackMatter and Haron, announced the beginning of the operations. The Haron malware was first described by the South Korean security firm S2W Lab, three day after a first sample of…Security DefenseJul 29 2021
• LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers from MalwareHunterTeam and BleepingComputer, along with the malware expert Vitali Kremez reported spotted a new version of the LockBit 2.0 ransomware that encrypts Windows domains by using Active Directory group policies. Kramez explained that this is the…Security DefenseJul 29 2021
• Critical flaw in Microsoft Hyper-V could allow RCE and DoSExperts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on it. Researchers Peleg Hadar of SafeBreach and Ophir Harpaz of Guardicore disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow triggering a DoS condition ot executing arbitrary code on it. The flaw resides in…Security DefenseJul 29 2021
• US, UK, and Australian agencies warn of top routinely exploited issuesA joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) published a Joint Cybersecurity…Security DefenseJul 28 2021
• Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange ServersA China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks. A China-linked cyberespionage group tracked as PKPLUG (aka Mustang Panda and HoneyMyte), which is known for targeting Southeast Asia, exploited vulnerabilities in the Microsoft Exchange Server to deploy a previously undocumented variant of PlugX  on compromised systems. Researchers…Security DefenseJul 28 2021
• IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2MThe ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data…Security DefenseJul 28 2021
• BlackMatter ransomware group claims to be Darkside and REvil succesorBlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and REvil. BlackMatter is a new ransomware gang that started its activity this week, the cybercriminals group claims to be the successor of Darkside and REvil groups. Lile other ransomware operations, BlackMatter also set up its…Security DefenseJul 28 2021
• Flaws in Zimbra could allow to takeover webmail server of a targeted organizationResearchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious email. Cybersecurity researchers have discovered multiple security vulnerabilities, tracked as CVE-2021-35208 and CVE-2021-35208, in Zimbra email collaboration software. An unauthenticated attacker could chain these vulnerabilities to fully takeover a Zimbra webmail server of a targeted organization. An…Security DefenseJul 27 2021
• South Africa’s logistics company Transnet SOC hit by a ransomware attackTransnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by a disruptive cyber attack. South Africa’s logistics company Transnet SOC was hit last week by a disruptive cyberattack that halted its operations at all the port’s terminals. The attack took place on Thursday, 22 July. “Port terminals are operational across the system, with…Security DefenseJul 27 2021