Recent Cyber News Feed Spot
Welcome to our Recent Cyber News Feed:
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Why Is Your Location Data No Longer Private? The past month has seen one blockbuster revelation after another about how our mobile phone and broadband providers have been leaking highly sensitive customer information, including real-time location data and customer account details. In the wake of these consumer privacy debacles, many are left wondering who's responsible for policing these industries? How exactly did we…
3 Charged In Fatal Kansas ‘Swatting’ Attack Federal prosecutors have charged three men with carrying out a deadly hoax known as "swatting," in which perpetrators call or message a target's local 911 operators claiming a fake hostage situation or a bomb threat in progress at the target's address -- with the expectation that local police may respond to the scene with deadly…
Mobile Giants: Please Don’t Share the WhereYour mobile phone is giving away your approximate location all day long. This isn't exactly a secret: It has to share this data with your mobile provider constantly to provide better call quality and to route any emergency 911 calls straight to your location. But now, the major mobile providers in the United States --…
T-Mobile Employee Made Unauthorized ‘SIM Swap’ to Steal Instagram AccountT-Mobile is investigating a retail store employee who allegedly made unauthorized changes to a subscriber's account in an elaborate scheme to steal the customer's three-letter Instagram username. The modifications, which could have let the rogue employee empty bank accounts associated with the targeted T-Mobile subscriber, were made even though the victim customer already had taken…
Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web SiteLocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site -- without the need for any password or other form of authentication or authorization -- KrebsOnSecurity has learned. The…
Detecting Cloned Cards at the ATM, RegisterMuch of the fraud involving counterfeit credit, ATM debit and retail gift cards relies on the ability of thieves to use cheap, widely available hardware to encode stolen data onto any card's magnetic stripe. But new research suggests retailers and ATM operators could reliably detect counterfeit cards using a simple technology that flags cards which…
Hacks
Experts show how to defeat AMD’s Secure Encrypted Virtualization German researchers devised a method, dubbed SEVered, to defeat the security mechanisms Secure Encrypted Virtualization implemented by the AMD Epyc server microchips to automatically encrypt virtual machines in memory. The attack could allow them to exfiltrate data in plaintext from an encrypted guest via a hijacked hypervisor and simple HTTP requests to a web server running…
Pre-installed malware found in 141 low-cost Android devices in over 90 countries Researchers from Avast the antivirus firm are investigating the discovery of pre-installed malware found in 141 low-cost Android devices in over 90 countries. Security experts from Antivirus firm Avast have discovered a new case of pre-installed malware on low-cost Android devices, crooks injected the malicious code in the firmware of 141 models. The operation is…
CVE-2018-7783 flaw in Schneider SoMachine Basic can be exploited to read arbitrary files on the targeted system Schneider Electric issued a security update for its EcoStruxure Machine Expert (aka SoMachine Basic) product that addresses a high severity vulnerability, tracked CVE-2018-7783, that could be exploited by a remote and unauthenticated attacker to obtain sensitive data. “SoMachine Basic suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and…
More than 100 Million IoT devices potentially exposed to Z-Shave Z-Wave attack Researchers from Pen Test Partners have conducted an analysis of Z-Wave wireless communications protocol used by millions of IoT devices and discovered that it is vulnerable to cyber attacks. The Z-Wave protocol is widely adopted for home automation, it leverages low-energy radio waves for wireless communications over distances of up to 100 meters (330 feet). The protocol is…
Electron Windows Protocol Handler MITM/RCE (bypass for CVE-2018-1000006 fix) As part of an engagement for one of our clients, we analyzed the patch for the recent Electron Windows Protocol handler RCE bug (CVE-2018-1000006) and identified a bypass. Under certain circumstances, this bypass leads to session hijacking and remote code execution. The vulnerability is triggered by simply visiting a web page through a browser. Electron apps designed to run…
Russian speaking hacker arrested for stealing $8,000 per day leveraging mobile malware Moscow, May 24, 2018 – law enforcement, with support from Group-IB, has arrested a 32-year-old hacker, accused of stealing funds from Russian banks’ customers using Android mobile malware. At the height of their activity, victims reportedly lost between 1,500 to 8,000 dollars daily and levered cryptocurrency for laundering. Group-IB’s analysis reviewed the tools and techniques…
Bitcoin Gold hit by double-spend attack, exchanges lose over $18 million An unknown hacker made over $18 Million worth of BTG (Bitcoin Gold) powering “double spend” attacks on the Bitcoin Gold cryptocurrency network. The attacks started on May 18, the attacker used a large number of servers that allowed him to take the control of the majority of the Bitcoin Gold’s network hashrate, an attack technique dubbed “51%…
Many users reported in the past few weeks their Macs have been infected with a new Monero Miner In the past weeks, many Mac users have been infected with a new strain of Monero miner, the infections confirm the rise of this kind of malware. According to researchers at Malwarebytes, many Mac users in the past weeks have been infected with a new strain of Monero miner. The owners of the infected Mac systems…
Xenotime, Threat actors Behind Triton Malware broadens its activities The threat actor behind the Triton malware (aka Trisis, Xenotime, and HatMan) is now targeting organizations worldwide and safety systems. The attackers are expanding their targets and new variants are able to attacks also other than Schneider Electric’s Triconex systems. The malware was first spotted in December 2017 by researchers at FireEye that discovered that it was specifically designed to…
Justice Department announces actions to disrupt the VPNFilter botnet The Justice Department announced an effort to disrupt the VPNFilter botnet of hundreds of thousands of infected home and office (SOHO) routers and other networked devices under the control of a Russia-linked APT group. Yesterday Talos and other security firm revealed the discovery of a huge botnet tracked as VPNFilter composed of more than 500,000 compromised routers and…
Kaspersky discovered a backdoor account and other issues in D-Link DIR-620 Routers Security experts from Kaspersky have discovered a backdoor account and other three vulnerabilities in D-Link DIR-620 Routers. Security researchers from Kaspersky Lab have uncovered a backdoor account (CVE-2018-6213) in the firmware of D-Link DIR-620 routers that could be exploited by attackers to access to the device’s web panel and take over devices exposed online. “The latest…
Huge Russia-Linked botnet VPNFilter ready to launch a massive attack on UkraineSecurity firm Talos along with other cybersecurity firms and law enforcement agencies have uncovered a huge botnet dubbed VPNFilter, composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The experts believe the VPNFilter was developed by Russia and the associated malware appears to be very sophisticated, at the time they discovered more than 500,000 compromised devices across…
Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaignSecurity experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as…
Experts warn: it is too easy to steal WiFi access key from TalkTalk ‘s Super RoutersHome Wi-Fi networks in the UK using Super Router provided by TalkTalk ISP are affected by a vulnerability that exposes them to cyber attacks. Security researchers at software house IndigoFuzz have discovered a security flaw in the implementation of the WPS feature of the TalkTalk Super Router that can be exploited to compromise to steal…
Chinese researchers from Tencent discovered exploitable flaws in several BMW modelsA team of security researchers from Chinese firm Tencent has discovered 14 security vulnerabilities in several BMW models. Researchers from the Tencent Keen Security Lab have discovered 14 vulnerabilities affecting several BMW models, including BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series. The team of experts conducted a…
Hacker's Den
100 Million IoT Smart Devices are Vulnerable to Z-Wave Wireless Communications Protocol Downgrade Attack Z-Wave, a Wireless Communication Protocol that widely used in IoT Smart Devices vulnerability allow attackers to perform Downgrade Attack and compromise nearly 100 Million IoT devices around the world. Z-Wave protocol used in many of wireless control IoT devices such as security systems, Door locks, garage door openers and Z-Wave automation system can be controlled…
Blind spot in the Bermuda (CIA) Triangle – Security Challenge with Organisation Insider Threats Inspection in detail is available for Packet’s behaviour, but unfortunately, there is no possibility or means to inspect a person’s Intention. ( CIA triangle ) The reason I selected this title “Blind spot in the Bermuda(CIA) triangle” is The reason I selected this title “Blind spot in the Bermuda triangle” is that, we all know…
Android Application Penetration Testing Part 2 With my last article(Android Application Penetration testing Part 1) we had look on basic architecture of the android device. Now Let’s collect some Android Application Pentesting tools and build a setup for hacking: There are many tools for an android application penetration test, But which tools are used for which purpose and which details we…
Pornhub launches its own VPNHub for Safe Browsing, Bypass Censors & Surf Anonymously Worlds largest Pornography platform PornHub launched its own Virtual Private Network (VPN) called VPNHub With unlimited bandwidth as well as free of cost. Users accessing adult contents is extremely causing so many problems for many countries based on the regulation. VPN (Virtual Private Network) is helping transferring users traffic using the secure protocol and establish the secure…
Cyber Criminals Stolen $18 Million From Bitcoin Gold Network Using Double Spend Attack Hackers have stolen around $18 Million worth of BTG (Bitcoin Gold) from Bitcoin Gold Network using a new attack method called “Double Spend”. Attackers using “51% attacks” which means An attacker that controls more than 50% of the network’s computing power and they take over more than 50 % of hashpower. Double spend attack is a type of…
Converting Your Android Smartphone into Penetration Testing Device Big corporations trying to improve the user experience by making everything around simplify, increasing performance and connections with “IoT’s”. Today with the Android operating system installed on the most robust smartphones, we have their strengths and weaknesses. A Linux system, have their limitations and permissions. The user that makes the “Root” on the mobile device,…
Important Consideration of Industrial Network Security and Protect SCADA & ICS System Now a day, Cybersecurity is a vital part of process and infrastructure industry operations. Industrial Network security refers to protection of internal components and system from internal and external malicious attacks to maintain the Availability, Integrity, and Confidentiality. Industrial cyber security refers to protection of internal components and system from internal and external malicious attacks…
Man in the Middle Attack with “Cain and Abel” Tool Active eavesdropping alters the communication between two parties who believe they are directly communicating with each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else. In this tutorial, we will use Cain and Abel to perform this attack. How does It work? The address resolution protocol better…
Turla Mosquito Hacking Group Exploiting Backdoor Using Metasploit To Compromise the Target System Turla cyber espionage group leveraging Powerful Mosquito backdoor using open source exploitation framework Metasploit for an initial stage of the attack on the target system. Turla hacking group actively targetting various countries, several governments, and organization since 2008 including they breached the US Department of Defense and defense industry. Attackers are always changing the tactics and evading technique to maintain its…
Crack WPA/WPA2 WiFi Passwords With Wifiphisher by Jamming the WiFi Wifiphisher is a security tool that mounts automatic victim-customized phishing attacks against WiFi victims so as to get credentials or infect the victims with malware. It’s primarily a social engineering attack that in contrast to alternative strategies it doesn’t embody any brute forcing. It’s a simple method for getting credentials from captive portals and third-party…
Most Expensive Data Breaches Start with Third Parties: Report Data breach costs increased 24% for enterprise victims and 36% for SMBs from 2017 to 2018, researchers found.
The Pirate Bay will be blocked by Sweden ISP Telenor Without Any Changes After Court Order The Pirate bay (TPB), a Most Popular File sharing torrent website is going to be blocked by the Sweden ISP Telenor which has continually fought against the site-blocking in Sweden. Finally, it has voluntarily decided to block The Pirate Bay (TPB). since long time Telenor fought and denied to block the Torrent Sites. The improvement isn’t the…
Android Application Penetration Testing – Part 1 Android security testing is more often used by security industries to test the vulnerabilities in Android applications. After web applications, more concern area is mobile application penetration test Let’s start with some basics. The basic architecture for Android device Linux kernel For hardware, we always required drivers as software so that that hardware can smoothly…
Multiple Vulnerabilities in D-Link Routers Allows Hackers Gain Complete Control & Extract Sensitive Data Set of 4 Vulnerabilities are discovered in D-Link DIR-620 firmware that allows an attacker to exploit with the hardcoded default credentials to gain high privileged access to the firmware. D-Link routers are one of the biggest ISPs in Russia based on the Router login string contains hardcoded credentials with the name of the ISP. The Vulnerabilities allow…
Hackers Infect More than 500,000 Routers Worldwide with a Potentially Destructive VPNFilter MalwareHackers infected more than 500,000 in at least 54 countries with a potentially destructive malware dubbed VPNFilter malware. It is a multi-stage malware that supports both data gathering and destructive cyber attack operations. Now the malware actively targeting Ukraine hosts at a rapid phase. According to Talos researchers who uncovered VPNFilter malware, this is a…
ID TheftCyber AttacksCyber NewsCyber Attack and HacksCyber Defense- Experts show how to defeat AMD’s Secure Encrypted Virtualization German researchers devised a method, dubbed SEVered, to defeat the security mechanisms Secure Encrypted Virtualization implemented by the AMD Epyc server microchips to automatically encrypt virtual machines in memory. The attack could allow them to exfiltrate data in plaintext from an encrypted guest via a hijacked hypervisor and simple HTTP requests to a web server running…
- Pre-installed malware found in 141 low-cost Android devices in over 90 countries Researchers from Avast the antivirus firm are investigating the discovery of pre-installed malware found in 141 low-cost Android devices in over 90 countries. Security experts from Antivirus firm Avast have discovered a new case of pre-installed malware on low-cost Android devices, crooks injected the malicious code in the firmware of 141 models. The operation is…
- CVE-2018-7783 flaw in Schneider SoMachine Basic can be exploited to read arbitrary files on the targeted system Schneider Electric issued a security update for its EcoStruxure Machine Expert (aka SoMachine Basic) product that addresses a high severity vulnerability, tracked CVE-2018-7783, that could be exploited by a remote and unauthenticated attacker to obtain sensitive data. “SoMachine Basic suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and…
- More than 100 Million IoT devices potentially exposed to Z-Shave Z-Wave attack Researchers from Pen Test Partners have conducted an analysis of Z-Wave wireless communications protocol used by millions of IoT devices and discovered that it is vulnerable to cyber attacks. The Z-Wave protocol is widely adopted for home automation, it leverages low-energy radio waves for wireless communications over distances of up to 100 meters (330 feet). The protocol is…
- Electron Windows Protocol Handler MITM/RCE (bypass for CVE-2018-1000006 fix) As part of an engagement for one of our clients, we analyzed the patch for the recent Electron Windows Protocol handler RCE bug (CVE-2018-1000006) and identified a bypass. Under certain circumstances, this bypass leads to session hijacking and remote code execution. The vulnerability is triggered by simply visiting a web page through a browser. Electron apps designed to run…
- Russian speaking hacker arrested for stealing $8,000 per day leveraging mobile malware Moscow, May 24, 2018 – law enforcement, with support from Group-IB, has arrested a 32-year-old hacker, accused of stealing funds from Russian banks’ customers using Android mobile malware. At the height of their activity, victims reportedly lost between 1,500 to 8,000 dollars daily and levered cryptocurrency for laundering. Group-IB’s analysis reviewed the tools and techniques…
- Bitcoin Gold hit by double-spend attack, exchanges lose over $18 million An unknown hacker made over $18 Million worth of BTG (Bitcoin Gold) powering “double spend” attacks on the Bitcoin Gold cryptocurrency network. The attacks started on May 18, the attacker used a large number of servers that allowed him to take the control of the majority of the Bitcoin Gold’s network hashrate, an attack technique dubbed “51%…
- Many users reported in the past few weeks their Macs have been infected with a new Monero Miner In the past weeks, many Mac users have been infected with a new strain of Monero miner, the infections confirm the rise of this kind of malware. According to researchers at Malwarebytes, many Mac users in the past weeks have been infected with a new strain of Monero miner. The owners of the infected Mac systems…
- Xenotime, Threat actors Behind Triton Malware broadens its activities The threat actor behind the Triton malware (aka Trisis, Xenotime, and HatMan) is now targeting organizations worldwide and safety systems. The attackers are expanding their targets and new variants are able to attacks also other than Schneider Electric’s Triconex systems. The malware was first spotted in December 2017 by researchers at FireEye that discovered that it was specifically designed to…
- Justice Department announces actions to disrupt the VPNFilter botnet The Justice Department announced an effort to disrupt the VPNFilter botnet of hundreds of thousands of infected home and office (SOHO) routers and other networked devices under the control of a Russia-linked APT group. Yesterday Talos and other security firm revealed the discovery of a huge botnet tracked as VPNFilter composed of more than 500,000 compromised routers and…
- Kaspersky discovered a backdoor account and other issues in D-Link DIR-620 Routers Security experts from Kaspersky have discovered a backdoor account and other three vulnerabilities in D-Link DIR-620 Routers. Security researchers from Kaspersky Lab have uncovered a backdoor account (CVE-2018-6213) in the firmware of D-Link DIR-620 routers that could be exploited by attackers to access to the device’s web panel and take over devices exposed online. “The latest…
- Huge Russia-Linked botnet VPNFilter ready to launch a massive attack on UkraineSecurity firm Talos along with other cybersecurity firms and law enforcement agencies have uncovered a huge botnet dubbed VPNFilter, composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The experts believe the VPNFilter was developed by Russia and the associated malware appears to be very sophisticated, at the time they discovered more than 500,000 compromised devices across…
- Turla APT group leverages for the first time the Metasploit framework for the Mosquito campaignSecurity experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as…
- Experts warn: it is too easy to steal WiFi access key from TalkTalk ‘s Super RoutersHome Wi-Fi networks in the UK using Super Router provided by TalkTalk ISP are affected by a vulnerability that exposes them to cyber attacks. Security researchers at software house IndigoFuzz have discovered a security flaw in the implementation of the WPS feature of the TalkTalk Super Router that can be exploited to compromise to steal…
- Chinese researchers from Tencent discovered exploitable flaws in several BMW modelsA team of security researchers from Chinese firm Tencent has discovered 14 security vulnerabilities in several BMW models. Researchers from the Tencent Keen Security Lab have discovered 14 vulnerabilities affecting several BMW models, including BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series. The team of experts conducted a…
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Hacks
Hacker's Den
ID Theft
Cyber Attacks
Cyber News
Cyber Attack and Hacks
Cyber Defense