Recent Cyber News Feed Spot
Welcome to our Recent Cyber News Feed:
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
E-Verify’s “SSN Lock” is Nothing of the Sort One of the most-read advice columns on this site is a 2018 piece called "Plant Your Flag, Mark Your Territory," which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A key concept here is…
Ransomware Gangs Don’t Need PR HelpWe've seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime. Often the rationale behind…
COVID-19 ‘Breach Bubble’ Waiting to Pop?The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest…
Russian Cybercrime Boss Burkov Gets 9 YearsA well-connected Russian hacker once described as “an asset of supreme importance” to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted among its members some of the most…
New Charges, Sentencing in Satori IoT Botnet ConspiracyThe U.S. Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build multiple botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced to drug…
‘BlueLeaks’ Exposes Files from Hundreds of Police DepartmentsHundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed "BlueLeaks" and made searchable via a new website by the same name, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement…
Hacks
Huawei faces 5G ban from British’s 5G network within months UK Prime Minister Boris Johnson is going to ban the use of equipment from the Chinese tech giant Huawei in Britain’s 5G network, reported The Daily Telegraph. British Prime Minister Boris Johnson is expected to begin phasing out the use of network equipment manufactured by the Chinese tech giant Huawei in the UK’s 5G network…
Security Affairs newsletter Round 271 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Asian media firm E27 hacked, attackers asked for a donation Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks Magento 1.x EOL is set on June…
Cisco Talos discloses technicals details of Chrome, Firefox flaws Cisco’s Talos experts disclosed the details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. The first issue, tracked as CVE-2020-6463, is a memory corruption vulnerability that affects PDFium, an open source PDF…
CISA warns organizations of cyberattacks from the Tor network The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned enterprises about cyberattacks from the Tor network. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) is warning enterprises of cyberattacks launched from the Tor network. Threat actors leverage the Tor network to hide the…
Try2Cry ransomware implements wormable capability to infect other Windows systems A new piece of ransomware dubbed Try2Cry leverages infected USB flash drives and Windows shortcuts (LNK files) to infect other Windows systems. A new ransomware dubbed Try2Cry implements wormable capabilities to infect other Windows systems by using USB flash drives or Windows shortcuts (LNK files). The Try2Cry ransomware was discovered by the malware researcher Karsten Hahn while analyzing an unidentified malware sample. The expert was…
European police infiltrate and dismantled EncroChat chat network A joint operation conducted by European police arrested hundreds of criminals after that agents infiltrated into EncroChat encrypted chat network. In a joint operation conducted by European and British law enforcement agencies resulted in the arrest of hundreds of alleged drug dealers and other crooks. The police infiltrated into a global network of an encrypted…
US Cyber Command urges F5 customers to fix critical flaw in BIG-IP product F5 Networks has published a security advisory warning customers to patch a critical flaw in BIG-IP product that is very likely to be exploited. F5 Networks has addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. “This vulnerability allows for…
Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran The root cause of a series of explosions at important facilities in Iran may be cyberattacks allegedly launched by Israel. A recent sequence of fires and explosions at important Iranian facilities may have been caused by cyber attacks as part of an operation conducted by Israel. Recently several major Iranian industrial facilities suffered a sequence…
Hackers are targeting unsecured MongoDB database A new wave of attacks is targeting unsecured MongoDB database servers and wiping their content attempting to extort a ransom to the victims. The popular security expert Victor Gevers from the non-profit GDI Foundation reported a new wave of attacks that are targeting unsecured MongoDB database servers exposed online. Threat actors are wiping the content…
Sodinokibi Ransomware Operators hit electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to a local newspaper confirming the attack, Light S.A. admitted the intrusion to…
Maze Ransomware operators hacked Highways Authority Of India (Nhai)Researchers at Cyble reported that Maze Ransomware Operators allegedly breached National Highways Authority Of India (Nhai). As part of regular darkweb monitoring, researchers from threat intelligence firm has spotted the data leak of National Highways Authority of India (NHAI). The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site. The National Highways…
Cisco addresses flaws in Small Business Routers and SwitchesCisco announced that it has patched several vulnerabilities affecting its products, including security issues in Small Business routers and switches. Cisco has addressed eight vulnerabilities affecting its products, including flaws in Small Business routers and switches. The most severe flaw, tracked as CVE-2020-3297, affects Small Business and managed switches, it has been rated by Cisco as…
Cyber Defense Magazine – July 2020 has arrived. Enjoy it!Cyber Defense Magazine July 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 165 pages of excellent content. OVER 165 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK THIS FIRST…
Critical Apache Guacamole flaws expose organizations at risk of hackSecurity researchers discovered multiple critical reverse RDP vulnerabilities in the remote desktop application Apache Guacamole. Security experts from Check Point Research have discovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole, which is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH and allows system administrators to remotely access and manage Windows and Linux machines. The…
Netgear is releasing fixes for ten issues affecting 79 productsNetgear is addressing ten vulnerabilities affecting nearly 80 of its products, including issues discovered at the Pwn2Own hacking competition. Netgear is releasing security patches to address ten vulnerabilities affecting nearly 80 of its products. Some of the vulnerabilities were discovered during the Pwn2Own Tokyo 2019 hacking contest and reported through the Zero Day Initiative (ZDI).…
Hacker's Den
Start Your Cyber Security Career with CompTIA Security+ SY0-501 Certification – Train Yourself Online The CompTIA Security+ Certification SY0-501 an examination course which is globally accepted for security aspects in the field of IT. It helps in getting complete skills and knowledge for security grounds covering essential aspects like risk management and network security. This globally-recognized CompTIA Security+ course helps in getting complete knowledge regarding application security, devices, network,…
Critical RCE Flaw with F5 Let Remote Attackers Take Complete Control of the Device Critical security vulnerabilities discovered with the F5 BIG-IP application delivery controller (ADC) let remote attackers to run commands and to compromise the system. The BIG-IP application delivery controller (ADC) use to handle application traffic and secure your infrastructure. Based on Shodan search more than 8,000 vulnerable devices available from the internet in the world, more…
LinkedIn iOS App Caught Reading Clipboard With Every Keystroke, Says it is a Bug LinkedIn caught snooping on the clipboard data of every keystroke, the issue was discovered with the beta version of iOS 14. The LinkedIn iOS app is responsible for the privacy-intrusive behavior that spotted by a developer who goes with the twitter handle @DonCubed. LinkedIn iOS App DonCubed noticed that while using LinkedIn on his iPad…
Spyse – A Cybersecurity Search Engine For Pentesters Spyse is a cybersecurity search engine that has caught the attention of many pentesters due to its unique data-gathering design. Most services offer scanning tools, and Spyse places itself on a different tier by combining those tools into a search engine. Moreover, the search engine draws results from a massive database, with tons of technical…
16 Malicious Facebook apps that Share User Data with third-parties for Ransomware Attacks and Targeted Advertising Third-party apps on social media continue to misuse the data shared by users, researchers from the University of Iowa proposed a paper dubbed CanaryTrap details Data Misuse by Third-Party Apps on Online Social Networks. CanaryTrap aimed to misuse of data shared with third-party apps on Facebook, researchers used unique “honeytoken” emails and uses Facebook’s ad…
22,900 MongoDB Databases Affected in Ransomware AttackAn attacker scanned for databases misconfigured to expose information and wiped the data, leaving a ransom note behind.
7 Best Ways to Secure Your Home Wi-Fi Network From HackersAlmost everyone at home now has a Wi-Fi router. People would probably ask you forthe network’s password to check their smartphone or show you vacation pictures stored in the cloud. Many will learn your wireless password soon so people will be able to connect to a network as they walk through your residency. Your router’s…
Critical Security Vulnerabilities Exposes Apache’s popular Remote Desktop Gateway for HackingTwo critical security vulnerabilities found with Apache’s popular open-source remote desktop gateway Apache Guacamole. It supports all standard protocols like VNC, RDP, and SSH. The tool also comes with support for MFA (Multi-Factor Authentication), compliance with BYOD, and other security controls like IPS, SOC anomaly detections, and many more. Now in this pandemic situation, most…
Microsoft Released Emergency Security Updates for Windows 10 to Fix Remote Code Execution BugsMicrosoft has released an emergency security updates for critical vulnerabilities that allow attackers to execute arbitrary code on the vulnerable machine. The vulnerability rated as critical and it resides in Microsoft Windows Codecs Library that handles objects in the memory. The out-of-band security updates fix the critical-severity flaw (CVE-2020-1425) and important-severity vulnerability (CVE-2020-1457). CVE-2020-1425 &…
Chinese Software Company Aisino Uninstalls GoldenSpy MalwareFollow-up sandbox research confirms Aisino knew about the malware in its tax software, though it's still unclear whether it was culpable.
DHS Shares Data on Top Cyberthreats to Federal AgenciesBackdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.
DHS Shares Data on Top Cyber Threats to Federal AgenciesBackdoors, cryptominers, and ransomware were the most widely detected threats by the DHS Cybersecurity and Infrastructure Security Agency (CISA)'s intrusion prevention system EINSTEIN.
Microsoft Issues Out-of-Band Patches for RCE FlawsVulnerabilities had not been exploited or publicly disclosed before fixes were released, Microsoft reports.
Another COVID-19 Side Effect: Rising Nation-State Cyber ActivityWhile financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs.
New Ransomware “EvilQuest” Attacking macOS Users to Encrypts Users FilesA new Mac ransomware strain observed targeting macOS Users through pirated versions of popular mac software shared on popular torrent sites. Users noted the malicious version of popular software that available for download on a Russian forum that dedicated to sharing piracy software links. Mac ransomware The Mac ransomware was first spotted by malware researcher…
ID TheftCyber AttacksCyber NewsCyber Attack and HacksCyber Defense- Huawei faces 5G ban from British’s 5G network within months UK Prime Minister Boris Johnson is going to ban the use of equipment from the Chinese tech giant Huawei in Britain’s 5G network, reported The Daily Telegraph. British Prime Minister Boris Johnson is expected to begin phasing out the use of network equipment manufactured by the Chinese tech giant Huawei in the UK’s 5G network…
- Security Affairs newsletter Round 271 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Asian media firm E27 hacked, attackers asked for a donation Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks Magento 1.x EOL is set on June…
- Cisco Talos discloses technicals details of Chrome, Firefox flaws Cisco’s Talos experts disclosed the details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. The first issue, tracked as CVE-2020-6463, is a memory corruption vulnerability that affects PDFium, an open source PDF…
- CISA warns organizations of cyberattacks from the Tor network The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned enterprises about cyberattacks from the Tor network. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) is warning enterprises of cyberattacks launched from the Tor network. Threat actors leverage the Tor network to hide the…
- Try2Cry ransomware implements wormable capability to infect other Windows systems A new piece of ransomware dubbed Try2Cry leverages infected USB flash drives and Windows shortcuts (LNK files) to infect other Windows systems. A new ransomware dubbed Try2Cry implements wormable capabilities to infect other Windows systems by using USB flash drives or Windows shortcuts (LNK files). The Try2Cry ransomware was discovered by the malware researcher Karsten Hahn while analyzing an unidentified malware sample. The expert was…
- European police infiltrate and dismantled EncroChat chat network A joint operation conducted by European police arrested hundreds of criminals after that agents infiltrated into EncroChat encrypted chat network. In a joint operation conducted by European and British law enforcement agencies resulted in the arrest of hundreds of alleged drug dealers and other crooks. The police infiltrated into a global network of an encrypted…
- US Cyber Command urges F5 customers to fix critical flaw in BIG-IP product F5 Networks has published a security advisory warning customers to patch a critical flaw in BIG-IP product that is very likely to be exploited. F5 Networks has addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. “This vulnerability allows for…
- Alleged cyber attacks caused fire and explosions at nuclear and military facilities in Iran The root cause of a series of explosions at important facilities in Iran may be cyberattacks allegedly launched by Israel. A recent sequence of fires and explosions at important Iranian facilities may have been caused by cyber attacks as part of an operation conducted by Israel. Recently several major Iranian industrial facilities suffered a sequence…
- Hackers are targeting unsecured MongoDB database A new wave of attacks is targeting unsecured MongoDB database servers and wiping their content attempting to extort a ransom to the victims. The popular security expert Victor Gevers from the non-profit GDI Foundation reported a new wave of attacks that are targeting unsecured MongoDB database servers exposed online. Threat actors are wiping the content…
- Sodinokibi Ransomware Operators hit electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The company issued comments to a local newspaper confirming the attack, Light S.A. admitted the intrusion to…
- Maze Ransomware operators hacked Highways Authority Of India (Nhai)Researchers at Cyble reported that Maze Ransomware Operators allegedly breached National Highways Authority Of India (Nhai). As part of regular darkweb monitoring, researchers from threat intelligence firm has spotted the data leak of National Highways Authority of India (NHAI). The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site. The National Highways…
- Cisco addresses flaws in Small Business Routers and SwitchesCisco announced that it has patched several vulnerabilities affecting its products, including security issues in Small Business routers and switches. Cisco has addressed eight vulnerabilities affecting its products, including flaws in Small Business routers and switches. The most severe flaw, tracked as CVE-2020-3297, affects Small Business and managed switches, it has been rated by Cisco as…
- Cyber Defense Magazine – July 2020 has arrived. Enjoy it!Cyber Defense Magazine July 2020 Edition has arrived. We hope you enjoy this month’s edition…packed with over 165 pages of excellent content. OVER 165 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENTLearn from the experts, cybersecurity best practicesFind out about upcoming information security related conferences, expos and trade shows. Always free, no strings attached. CLICK THIS FIRST…
- Critical Apache Guacamole flaws expose organizations at risk of hackSecurity researchers discovered multiple critical reverse RDP vulnerabilities in the remote desktop application Apache Guacamole. Security experts from Check Point Research have discovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole, which is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH and allows system administrators to remotely access and manage Windows and Linux machines. The…
- Netgear is releasing fixes for ten issues affecting 79 productsNetgear is addressing ten vulnerabilities affecting nearly 80 of its products, including issues discovered at the Pwn2Own hacking competition. Netgear is releasing security patches to address ten vulnerabilities affecting nearly 80 of its products. Some of the vulnerabilities were discovered during the Pwn2Own Tokyo 2019 hacking contest and reported through the Zero Day Initiative (ZDI).…
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Hacks
Hacker's Den
ID Theft
Cyber Attacks
Cyber News
Cyber Attack and Hacks
Cyber Defense