Recent Cyber News Feed Spot
Welcome to our Recent Cyber News Feed:
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Who is Tech Investor John Bernard? John Bernard, the subject of a story here last week about a self-proclaimed millionaire investor who has bilked countless tech startups, appears to be a pseudonym for John Clifton Davies, a U.K. man who absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months…
Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. Microsoft's warning comes just days after the U.S. Department of Homeland Security issued an emergency directive instructing all federal agencies to…
Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware AttackTyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook…
Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ AttackThe U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and "supply chain" attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here…
Two Russians Charged in $17M Cryptocurrency Phishing SpreeU.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.
Due Diligence That Money Can’t BuyMost of us automatically put our guard up when someone we don't know promises something too good to be true. But when the too-good-to-be-true thing starts as our idea, sometimes that instinct fails to kick in. Here's the story of how companies searching for investors to believe in their ideas can run into trouble.
Hacks
Google removes 17 Joker -infected apps from the Play Store Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. The Joker malware is a malicious code camouflaged as a system app and…
Security Affairs newsletter Round 283 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. IPG Photonics high-performance laser developer hit with ransomware Mozi Botnet is responsible for most of the IoT Traffic Alleged Activision hack, 500,000 Call Of Duty players impacted DHS CISA orders…
Apple addresses four vulnerabilities in macOS Apple this week released security updates to address a total of four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. Apple on Thursday announced to have patched four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. “This document describes the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave.”…
Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18…
A powerful DDoS attack hit Hungarian banks and telecoms services Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. According to telecoms firm Magyar Telekom, the attack took place on Thursday and was launched from servers in Russia,…
Victims of ThunderX ransomware can recover their files for free Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. ThunderX is ransomware that appeared in the threat landscape recently, infections were discovered at the…
Hackers stole more than $150 million from KuCoin cryptocurrency exchange Singapore-based cryptocurrency exchange KuCoin disclosed a security breach, hackers stole $150 million from its hot wallets. Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. Deposits and withdrawals have been temporarily suspended while the company is investigating the security incident. “We…
Source Code of Windows XP, Server 2003 leaked The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on bulletin board website 4chan. The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. This is the first time that…
Twitter warns developers of possible API keys leak Twitter is warning developers that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. Twitter is sending emails to developers to warn them that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. According to the social media firm,…
Cisco fixes 34 High-Severity flaws in IOS and IOS XE software Cisco patched 34 high-severity flaws affecting its IOS and IOS XE software, some of them can be exploited by a remote unauthenticated attacker. Cisco on Thursday released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. The IT giant issued 25 advisories as part of the September 2020 semiannual IOS and IOS…
Fortinet VPN with default certificate exposes 200,000 businesses to hack According to SAM Seamless Network, over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes. The configuration of the VPN…
CISA says federal agency compromised by malicious cyber actor Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and exfiltrated data. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and threat actors exfiltrated data. CISA published a detailed incident report related to the incident but didn’t disclose the name of the…
Polish police shut down major group of hackers in the country Polish police dismantled a major group of hackers that was behind several criminal activities, including ransomware attacks, and banking fraud. Polish authorities have dismantled a major hacker group that was involved in multiple cybercrime activities, including ransomware attacks, malware distribution, SIM swapping, banking fraud, running rogue online stores, and even making bomb threats at the…
Alien Android banking Trojan, the powerful successor of the Cerberus malware Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Researchers from ThreatFabric have discovered and analyzed a new strain of Android malware, tracked as Alien, that implements multiple features allowing it to steal credentials from 226 applications. Alien first appeared in…
Instagram RCE gave hackers remote access to your deviceFacebook has addressed a critical vulnerability in Instagram that could lead to remote code execution and turn the smartphone into a spying device. Facebook has fixed a critical remote code execution vulnerability in Instagram that could lead to the hijack of smartphone cameras, microphones, and more. The vulnerability, tracked as CVE-2020-1895, was discovered by Check Point,…
Hacker's Den
Top 8 Best Web Security and Hacking Software for Security Professionals in 2020 Hacking software is not only used by hackers for criminal activities but it’s equally used by white hat hackers and security professionals to identify a vulnerability in a network or an endpoint. There is several hacking software available on the internet, including commercial and non-commercial offerings. It’s always good to test your network security from…
Navigating the Asia-Pacific Threat Landscape: Experts Dive In At next week's virtual Black Hat Asia, threat intelligence pros will discuss the threats local organizations should prioritize and how they can prepare.
WannaCry Has IoT in Its Crosshairs The wide variety of devices attached to the Internet of Things offers a rich target for purveyors of ransomware.
Wireshark 3.2.7 Released With Fix for Security Vulnerabilities & New Features Wireshark 3.2.7 was released with a fix for security vulnerabilities and an updated version of Npcap & Qt. Wireshark is known as the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. It is used by network administrators to troubleshoot network and by the security, analyst to examine the…
5G Technology and How It Will Change Cybersecurity 5G also called the fifth generation of wireless cellular networks, will offer new opportunities to all walks of life, including health, supply chain, agriculture, etc. Similarly, emerging technologies such as IoT (Internet of Things), Artificial Intelligence (AI), and others will continue to evolve with 5G in the future. On the contrary, hackers and other cybercriminals…
Critical Instagram Flaw Could Let Attackers Spy on Victims A now-patched remote code execution vulnerability could be exploited with a specially sized image file, researchers report.
Solving the Problem With Security Standards More explicit threat models can make security better and open the door to real and needed innovation.
CrowdStrike Agrees to Acquire Preemptive Security for $96M CrowdStrike plans to use Preemptive Security's conditional access technology to strengthen its Falcon platform.
CrowdStrike Agrees to Acquire Preempt Security for $96M CrowdStrike plans to use Preempt Security's conditional access technology to strengthen its Falcon platform.
Since Remote Work Isn't Going Away, Security Should Be the FocusThese three steps will help organizations reduce long-term work-from-home security risks.
Instagram Hacked – Critical Vulnerability Let Attackers Take Complete Control over AccountA critical security vulnerability with the Instagram app lets attackers take over the victim’s Instagram account and can change their phone as a spying tool. All the attackers need is a malicious image, once the image file opened in the Instagram app it would give the hacker full access to the Instagram account. Instagram is…
Shopify Data Breach – Two Rogue Employees Stole Customer DataThe Online e-commerce platform Shopify announced a data breach after two of their rogue employees of the support team engaged in accessing the transactional records of certain customers. Shopify Inc. is a Canadian multinational e-commerce company founded in 2006, the company has more than 1,000,000 customers in approximately 175 countries. The company said that, once…
Shopify's Employee Data Theft Underscores Risk of Rogue InsidersThe e-commerce platform has alerted more than 100 merchants of a data breach, highlighting the danger of malicious insiders.
Google Cloud Debuts Threat-Detection ServiceLockdown economics are driving a threat-intelligence business boom. Chronicle Detect is Google's answer to monitoring so much log data created by the distributed workforce.
India's Cybercrime and APT Operations on the RiseGrowing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights.
ID TheftCyber AttacksCyber NewsCyber Attack and HacksCyber Defense- Google removes 17 Joker -infected apps from the Play Store Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. The Joker malware is a malicious code camouflaged as a system app and…
- Security Affairs newsletter Round 283 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. IPG Photonics high-performance laser developer hit with ransomware Mozi Botnet is responsible for most of the IoT Traffic Alleged Activision hack, 500,000 Call Of Duty players impacted DHS CISA orders…
- Apple addresses four vulnerabilities in macOS Apple this week released security updates to address a total of four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. Apple on Thursday announced to have patched four vulnerabilities affecting macOS Catalina, High Sierra and Mojave. “This document describes the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave.”…
- Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT Microsoft removed 18 Azure Active Directory applications from its Azure portal that were created by a Chinese-linked APT group Gadolinium. Microsoft announced this week to have removed 18 Azure Active Directory applications from its Azure portal that were created by a China-linked cyber espionage group tracked as APT group Gadolinium (aka APT40, or Leviathan). The 18…
- A powerful DDoS attack hit Hungarian banks and telecoms services Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. According to telecoms firm Magyar Telekom, the attack took place on Thursday and was launched from servers in Russia,…
- Victims of ThunderX ransomware can recover their files for free Good news for the victims of the ThunderX ransomware, cybersecurity firm Tesorion has released a decryptor to recover their files for free. Cybersecurity firm Tesorion has released a free decryptor for the ThunderX ransomware that allows victims to recover their files. ThunderX is ransomware that appeared in the threat landscape recently, infections were discovered at the…
- Hackers stole more than $150 million from KuCoin cryptocurrency exchange Singapore-based cryptocurrency exchange KuCoin disclosed a security breach, hackers stole $150 million from its hot wallets. Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. Deposits and withdrawals have been temporarily suspended while the company is investigating the security incident. “We…
- Source Code of Windows XP, Server 2003 leaked The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on bulletin board website 4chan. The source code for Microsoft’s Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. This is the first time that…
- Twitter warns developers of possible API keys leak Twitter is warning developers that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. Twitter is sending emails to developers to warn them that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. According to the social media firm,…
- Cisco fixes 34 High-Severity flaws in IOS and IOS XE software Cisco patched 34 high-severity flaws affecting its IOS and IOS XE software, some of them can be exploited by a remote unauthenticated attacker. Cisco on Thursday released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. The IT giant issued 25 advisories as part of the September 2020 semiannual IOS and IOS…
- Fortinet VPN with default certificate exposes 200,000 businesses to hack According to SAM Seamless Network, over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. In response to the spreading of Coronavirus across the world, many organizations deployed VPN solutions, including Fortigate VPN, to allow their employers to work from their homes. The configuration of the VPN…
- CISA says federal agency compromised by malicious cyber actor Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and exfiltrated data. Cybersecurity and Infrastructure Security Agency (CISA) revealed that a hacker breached a US federal agency and threat actors exfiltrated data. CISA published a detailed incident report related to the incident but didn’t disclose the name of the…
- Polish police shut down major group of hackers in the country Polish police dismantled a major group of hackers that was behind several criminal activities, including ransomware attacks, and banking fraud. Polish authorities have dismantled a major hacker group that was involved in multiple cybercrime activities, including ransomware attacks, malware distribution, SIM swapping, banking fraud, running rogue online stores, and even making bomb threats at the…
- Alien Android banking Trojan, the powerful successor of the Cerberus malware Security researchers spotted a new strain of Android malware, dubbed Alien, that implements multiple features allowing it to steal credentials from 226 apps. Researchers from ThreatFabric have discovered and analyzed a new strain of Android malware, tracked as Alien, that implements multiple features allowing it to steal credentials from 226 applications. Alien first appeared in…
- Instagram RCE gave hackers remote access to your deviceFacebook has addressed a critical vulnerability in Instagram that could lead to remote code execution and turn the smartphone into a spying device. Facebook has fixed a critical remote code execution vulnerability in Instagram that could lead to the hijack of smartphone cameras, microphones, and more. The vulnerability, tracked as CVE-2020-1895, was discovered by Check Point,…
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Hacks
Hacker's Den
ID Theft
Cyber Attacks
Cyber News
Cyber Attack and Hacks
Cyber Defense