Recent Cyber News Feed Spot

Welcome to our Recent Cyber News Feed:

• All
• Threats
• Hacks
  • Hacker's Den
• ID Theft
• Cyber Attacks
• Cyber News
• Cyber Attack and Hacks
• Cyber Defense

Threats

• P2P Weakness Exposes Millions of IoT Devices A peer-to-peer (P2P) communications technology built into millions of security cameras and other consumer electronics includes several critical security flaws that expose the devices to eavesdropping, credential theft and remote compromise, new research has found.Krebs on SecurityApr 26 2019
• Who’s Behind the RevCode WebMonitor RAT?The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.Krebs on SecurityApr 22 2019
• Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking MalwareMarcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping devices.Krebs on SecurityApr 19 2019
• Wipro Intruders Targeted Other Major IT FirmsThe criminals responsible for launching phishing campaigns that netted dozens of employees and more than 100 computer systems last month at Wipro, India's third-largest IT outsourcing firm, also appear to have targeted a number of other competing providers, including Infosys and Cognizant -- two other large technology consulting companies, new evidence suggests.Krebs on SecurityApr 18 2019
• How Not to Acknowledge a Data BreachI'm not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it's crystal clear that they wouldn't know what to do with a breach…Krebs on SecurityApr 17 2019
• Experts: Breach at IT Outsourcing Giant WiproIndian information technology (IT) outsourcing and consulting giant Wipro [NYSE:WIT] is investigating reports from multiple security experts that Wipro's systems have been hacked and are being used to launch attacks against the company's customers, multiple sources tell KrebsOnSecurity. The company has refused to respond to questions about the alleged incident.Krebs on SecurityApr 15 2019
• ‘Land Lordz’ Service Powers Airbnb ScamsScammers who make a living swindling Airbnb.com customers have a powerful new tool at their disposal: A software-as-a-service offering called "Land Lordz," which helps automate the creation and management of fake Airbnb Web sites and the sending of messages to advertise the fraudulent listings.Krebs on SecurityApr 14 2019

Hacks

• Beapy Cryptojacking campaign leverages EternalBlue exploit to spread Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. “Beapy is…Security Affairs by Pierluigi PaganiniApr 26 2019
• The strengths and weaknesses of different VPN protocols One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your…Security Affairs by Pierluigi PaganiniApr 26 2019
• Special-Purpose Vehicle Maker Aebi Schmidt Hit by Malware The special-purpose vehicle maker Aebi Schmidt was hit by a malware attack that disrupted some of its operations. The Aebi Schmidt Group is a manufacturer of product systems and services for the management, cleaning and clearance of traffic areas as well as for the maintenance of green areas in demanding terrain. Aebi Schmidt focuses on…Security Affairs by Pierluigi PaganiniApr 26 2019
• Crooks abuse GitHub platform to host phishing kits Experts at Proofpoint discovered that free code repositories on GitHub have been abused since at least 2017 to host phishing websites. Researchers at Proofpoint reported that crooks are abusing free code repositories on GitHub to host phishing websites and bypass security defenses. Experts discovered that cybercriminals are abusing the GitHub service since at least mid-2017.…Security Affairs by Pierluigi PaganiniApr 25 2019
• Flaws in Social Warfare plugin actively exploited in the wild Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the popular WordPress plugin Social Warfare. Social Warfare is a popular ùWordPress plugin with more than 900,000 downloads, it allows to add social share buttons to a WordPress website. Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the Social Warfare plugin to take…Security Affairs by Pierluigi PaganiniApr 25 2019
• Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network British Government has approved a limited role for Huawei in the building of a national 5G network in the country, ignoring security concerns from senior ministers According to The Daily Telegraph newspaper, British Prime Minister Theresa May decided to assign a limited role to Chinese telco giant Huawei in the building of a 5G network…Security Affairs by Pierluigi PaganiniApr 25 2019
• A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites A serious flaw in some of Rockwell Automation’s MicroLogix and CompactLogix PLCs can be exploited by a remote attacker to redirect users to malicious websites. Some of Rockwell Automation’s MicroLogix and CompactLogix PLCs are affected by a serious vulnerability can be exploited by a remote attacker to redirect users to malicious websites. The vulnerabilyt was…Security Affairs by Pierluigi PaganiniApr 25 2019
• Zero-day vulnerability in Oracle WebLogic Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. This zero-day flaw affects all Weblogic versions, including the latest one, that have the wls9_async_response.war and wls-wsat.war components enabled. Oracle WebLogic Server is a Java EE application…Security Affairs by Pierluigi PaganiniApr 24 2019
• Stuart City is the new victim of the Ryuk Ransomware Another city fell victim of a malware attack, systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018. Law enforcement is investigating a ransomware attack that hit the City of Stuart on April 13, 2018. The Ryuk malware infected several servers and forced them offline. “City officials on…Security Affairs by Pierluigi PaganiniApr 24 2019
• The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference in the Ukrainian elections, we spotted another signal of a sneakier on-going operation. This campaign, instead, seems to be linked…Security Affairs by Pierluigi PaganiniApr 24 2019
• OilRig APT uses Karkoff malware along with DNSpionage in recent attacks Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims…Security Affairs by Pierluigi PaganiniApr 24 2019
• Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that…Security Affairs by Pierluigi PaganiniApr 24 2019
• Bodybuilding.com forces password reset after a security breach Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence…Security Affairs by Pierluigi PaganiniApr 23 2019
• FireEye experts found source code for CARBANAK malware on VirusTotalCybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over…Security Affairs by Pierluigi PaganiniApr 23 2019
• Targeted Attacks hit multiple embassies with Trojanized TeamViewerCheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted…Security Affairs by Pierluigi PaganiniApr 23 2019

Hacker's Den

• Emotet Malware’s New Evasion Technique Lets Hacked Device Used as Proxy command and control (C&C) servers A new wave of Emotet malware using a special type of evasion technique to fool the security software and hide the POST-infection traffic and evade the detection. Also it initially uses the hacked devices as proxy command and control (C&C) servers and redirects the traffic to the original C&C server that operating by threat actors.…Hacker's DenApr 26 2019
• Accenture Facing Lawsuit to Repay $32M+ for Failing to Deliver the Project On Time – Poorly Written Code For Security Car rental Firm Hertz Corporation is suing to repay $32M and filed a Lawsuit against Accenture that failed to deliver the website redesign project on time. Hertz is one of the most familiar vehicle rental company that requires to redesign their website and begins the project in order to improve the customer experience on Hertz’s…Hacker's DenApr 26 2019
• Hackers Abuse GitHub Service to Host Variety of Phishing Kits to Steal Login Credentials Hackers abuse popular code repositories service such as GitHub to host a variety of phishing domains to make their targets to believe it is through github.io domains. By using well-known services like Dropbox, Google Drive, Paypal, eBay, and Facebook, attackers able to bypass whitelists and network defenses. Proofpoint identified a range of malicious activities that…Hacker's DenApr 26 2019
• Cyberattackers Focus on More Subtle Techniques Spam has given way to spear phishing, cryptojacking remains popular, and credential spraying is on the rise.Hacker's DenApr 25 2019
• 55% of SMBs Would Pay Up Post-Ransomware Attack The number gets even higher among larger SMBs.Hacker's DenApr 25 2019
• Enterprise Trojan Detections Spike 200% in Q1 2019 Cybercriminals see greater ROI targeting businesses, which have been slammed with ransomware attacks and Trojans.Hacker's DenApr 25 2019
• Microsoft Decided to Shut Down The Password Expiration Policy for Windows – It’s a Useless Policy Microsoft released a new announcement that they are preparing to stop the Password expiration policies for Windows which required users to periodically change their password. Password expiration policies are one of the windows Password security future that only prevent against the probability that a password (or hash) will be stolen. If the password is never…Hacker's DenApr 25 2019
• Sensitive Data Lingers on Used Storage Drives Sold Online Four in 10 used hard drives sold on eBay found to contain sensitive information.Hacker's DenApr 25 2019
• Regulations, Insider Threat Handicap Healthcare IT Security Healthcare IoT is expanding opportunities for hackers as the sector struggles to keep up security-wise.Hacker's DenApr 25 2019
• Ramblings of a Recovering Academic on the So-Called Lack of Security Talent Hiring for security is difficult, as many surveys show. But what the research doesn't explain is the "why" - and a lack of talent may not be the sole reason.Hacker's DenApr 25 2019
• Unpatched Oracle Web Logic Server Zero-day Let Hackers Executes Arbitrary Code Remotely & Gain Network Access New Zero-day flaw discovered in Oracle Web logic server let attackers exploit this vulnerability to remotely execute commands without authorization. An Oracle web Logic component wls9_async and wls-wsat trigger this deserialization remote command execution vulnerability and it affects all the Weblogic component wls9_async_response.war and wls-wsat.war enabled versions (including the current version). WebLogic Server is a Java EE application server…Hacker's DenApr 25 2019
• Hackers Abuse Windows Installer MSI to Execute Malicious JavaScript, VBScript, PowerShell Scripts to Drop Malware Hackers use malicious MSI files that download and execute malicious files that could bypass traditional security solutions. The dropped malware is capable of initiating a system shutdown or targeting financial systems located in certain locations. Security researchers from TrendMicro discovered JScript/VBScript codes in several malicious *.msi files distributed through spam emails. The malicious JS code…Hacker's DenApr 25 2019
• Hackers Behind DNSpionage Created a New Remote Admin Tool for C2 Server Communication Over HTTP and DNS Threat actors behind the new malware campaign DNSpionage created a new remote administrative tool that supports HTTP and DNS communication with C&C Server that operates by attackers. Based on a recent incident, the DNSpionage campaign which is developed and operates by APT 34 hacking group to perform MITM Attack to steal the authentication details through…Hacker's DenApr 25 2019
• Chrome 74 Released with the Fix for 39 Security Vulnerabilities Chrome 74 released with a fix for numerous security Vulnerabilities and new features, the update available for Windows, Mac, and Linux desktop users. This update includes 39 security fixes, out of the 12 vulnerabilities discovered by external security researchers. The vulnerability reported by external security researchers includes 5 are high-risk vulnerabilities, 12 medium security severity…Hacker's DenApr 25 2019
• Attackers Aren't Invincible & We Must Use That to Our Advantage The bad guys only seem infallible. Use their weaknesses to beat them.Hacker's DenApr 24 2019

ID Theft

Cyber Attacks

Cyber News

Cyber Attack and Hacks

• Liam Watts admits hacking Cheshire Police and GMP websites Liam Watts after being jailed in 2017 following a bomb hoax at the Verve on Mersey Street. A TEENAGER has admitted hacking Cheshire Police and Greater Manchester Police’s websites in a revenge attack after he was jailed for a bomb hoax. Liam Watts, previously of Grange Avenue in Latchford, was handed eight months behind bars…Mixed Attack RSS FeedsApr 26 2019
• Xi pledges Belt and Road reboot amid rising 'debt trap' concerns 'We need to ensure the fiscal and commercial suitability of all projects' BEIJING -- Standing before 37 world leaders and thousands of delegates in a cavernous Beijing hall, Chinese President Xi Jinping pledged to reboot his country's flagship Belt and Road initiative. In a bid to assuage concerns that the massive infrastructure plan was sinking…Mixed Attack RSS FeedsApr 26 2019
• Samoan church implicated in cryptocurrency scam At least one Samoan church has been implicated in a global multi-billion dollar cryptocurrency scheme authorities say is a fraudulent scam. The Central Bank of Samoa in the capital Apia. Photo: RNZI/ Koroi Hawkins Samoa's Central Bank on Thursday named the Samoa Worship Centre as one of two churches which may have been used as…Mixed Attack RSS FeedsApr 26 2019
• How social media is helping white supremacist movements Mixed Attack RSS FeedsApr 25 2019
• Nike’s Surprise Crypto Play Could Steal Facebook’s Thunder Mixed Attack RSS FeedsApr 25 2019
• Britain’s Huawei gamble is sure to anger Donald Trump Just hours after Donald Trump’s long-delayed state visit to Britain was finally confirmed, reports surfaced that Theresa May and her National Security Council have decided to let Chinese telecommunications company Huawei participate in building Britain’s 5G network. The decision is a direct slap in the face to Washington’s attempts to isolate Huawei, which itself is part…Mixed Attack RSS FeedsApr 25 2019
• Over 500% Increase in Ransomware Attacks Against Businesses Apple Updates XProtect to Block 'Windows' Malware on Macs Windows 10 May 2019 Update to Be Blocked If Using USB Drives Windows 10 Version 1903 Drops Password Expiration Policies Qbot Malware Dropped via Context-Aware Phishing Campaign EternalBlue Exploit Serves Beapy Cryptojacking Campaign TA505 Spear Phishing Campaign Uses LOLBins to Avoid Detection French Users of Microsoft…Mixed Attack RSS FeedsApr 25 2019
• Barclays Bank employees on DCI's radar after Ksh.14M... Mixed Attack RSS FeedsApr 25 2019
• Yelp’s “Accepts Cryptocurrency” tag could be a win for mass adoption Mixed Attack RSS FeedsApr 25 2019
• Hackers Behind DNSpionage Created a New Remote Admin Tool for C2 Server Communication Over HTTP and DNS Threat actors behind the new malware campaign DNSpionage created a new remote administrative tool that supports HTTP and DNS communication with C&C Server that operates by attackers.Mixed Attack RSS FeedsApr 25 2019
• Binance Singapore Launches But Offers Just One Trading Pair, Report Users of Binance’s new Singapore platform are reportedly only able to purchase bitcoin using Singapore dollars during the “soft launch.Mixed Attack RSS FeedsApr 25 2019
• Brazilian Police Arrest Suspect for Money Laundering With Bitcoin Brazilian police have arrested a man for operating a clandestine drug laboratory and money laundering using the leading cryptocurrency bitcoin.Mixed Attack RSS FeedsApr 24 2019
• Bitcoin Accounts for 95% of Cryptocurrency Crime, Says Analyst Beginning of dialog window. Escape will cancel and close the window. Despite the proliferation of more than 2000 cryptocurrencies, including harder-to-track privacy coins, the overwhelming majority of criminals still prefer Bitcoin for illicit activity. “Bitcoin is by far the favorite,” Jonathan Levin, co-founder and COO of Chainalysis, tells Fortune on the latest episode of “Balancing…Mixed Attack RSS FeedsApr 24 2019
• NSA Recommends Dropping Phone-Surveillance Program The National Security Agency has recommended that the White House abandon a surveillance program that collects information about U.S. phone calls and text messages, saying the logistical and legal burdens of keeping it outweigh its intelligence benefits, according to people familiar with the matter.Mixed Attack RSS FeedsApr 24 2019
• Tron CEO Justin Sun Hints at Partnership With Liverpool FC, Liverpool Denies Mixed Attack RSS FeedsApr 24 2019

Cyber Defense

• Beapy Cryptojacking campaign leverages EternalBlue exploit to spread Security experts uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit. Security experts at Symantec have uncovered a new cryptojacking campaign tracked as Beapy that leverages the NSA’s DoublePulsar backdoor and the EternalBlue exploit to spread a cryptocurrency malware on enterprise networks in Asia. “Beapy is…Security DefenseApr 26 2019
• The strengths and weaknesses of different VPN protocols One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Pulling back the curtain, a VPN runs on various VPN protocols that govern the way a VPN client communicates with a VPN server. Different protocols create different ways that connect your…Security DefenseApr 26 2019
• Special-Purpose Vehicle Maker Aebi Schmidt Hit by Malware The special-purpose vehicle maker Aebi Schmidt was hit by a malware attack that disrupted some of its operations. The Aebi Schmidt Group is a manufacturer of product systems and services for the management, cleaning and clearance of traffic areas as well as for the maintenance of green areas in demanding terrain. Aebi Schmidt focuses on…Security DefenseApr 26 2019
• Crooks abuse GitHub platform to host phishing kits Experts at Proofpoint discovered that free code repositories on GitHub have been abused since at least 2017 to host phishing websites. Researchers at Proofpoint reported that crooks are abusing free code repositories on GitHub to host phishing websites and bypass security defenses. Experts discovered that cybercriminals are abusing the GitHub service since at least mid-2017.…Security DefenseApr 25 2019
• Flaws in Social Warfare plugin actively exploited in the wild Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the popular WordPress plugin Social Warfare. Social Warfare is a popular ùWordPress plugin with more than 900,000 downloads, it allows to add social share buttons to a WordPress website. Experts uncovered hacking campaigns exploiting two critical security vulnerabilities in the Social Warfare plugin to take…Security DefenseApr 25 2019
• Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network British Government has approved a limited role for Huawei in the building of a national 5G network in the country, ignoring security concerns from senior ministers According to The Daily Telegraph newspaper, British Prime Minister Theresa May decided to assign a limited role to Chinese telco giant Huawei in the building of a 5G network…Security DefenseApr 25 2019
• A flaw in Rockwell Controller allows attackers to redirect users to malicious Sites A serious flaw in some of Rockwell Automation’s MicroLogix and CompactLogix PLCs can be exploited by a remote attacker to redirect users to malicious websites. Some of Rockwell Automation’s MicroLogix and CompactLogix PLCs are affected by a serious vulnerability can be exploited by a remote attacker to redirect users to malicious websites. The vulnerabilyt was…Security DefenseApr 25 2019
• Zero-day vulnerability in Oracle WebLogic Security experts are warning of a dangerous zero-day remote code vulnerability that affects the Oracle WebLogic service platform. Oracle WebLogic wls9_async and wls-wsat components are affected by a deserialization remote command execution zero-day vulnerability. This zero-day flaw affects all Weblogic versions, including the latest one, that have the wls9_async_response.war and wls-wsat.war components enabled. Oracle WebLogic Server is a Java EE application…Security DefenseApr 24 2019
• Stuart City is the new victim of the Ryuk Ransomware Another city fell victim of a malware attack, systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018. Law enforcement is investigating a ransomware attack that hit the City of Stuart on April 13, 2018. The Ryuk malware infected several servers and forced them offline. “City officials on…Security DefenseApr 24 2019
• The Russian Shadow in Eastern Europe: Gamaredon ‘s Ukrainian MOD Campaign Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference in the Ukrainian elections, we spotted another signal of a sneakier on-going operation. This campaign, instead, seems to be linked…Security DefenseApr 24 2019
• OilRig APT uses Karkoff malware along with DNSpionage in recent attacks Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims…Security DefenseApr 24 2019
• Kaspersky speculates the involvement of ShadowPad attackers in Operation ShadowHammer Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that…Security DefenseApr 24 2019
• Bodybuilding.com forces password reset after a security breach Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence…Security DefenseApr 23 2019
• FireEye experts found source code for CARBANAK malware on VirusTotalCybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over…Security DefenseApr 23 2019
• Targeted Attacks hit multiple embassies with Trojanized TeamViewerCheckPoint firm uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer to target officials in several embassies in Europe. Security experts at CheckPoint uncovered a cyber espionage campaign leveraging a weaponized version of TeamViewer and malware disguised as a top-secret US government document to target officials in several embassies in Europe. The targeted…Security DefenseApr 23 2019