Recent Cyber News Feed Spot
Welcome to our Recent Cyber News Feed:
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.
Payroll/HR Giant PrismHR Hit by Ransomware? PrismHR, a company that sells software and services used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack.
Is Your Browser Extension a Botnet Backdoor? A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be…
How $100M in Jobless Claims Went to InmatesThe U.S. Labor Department's inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That's a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To…
Checkout Skimmers Powered by Chip CardsEasily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal's chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered…
Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer GangThe leader of Mexico's Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico's top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the…
U.S. Indicts North Korean Hackers in Theft of $200 MillionThe U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted…
Hacks
Four zero-days in Microsoft Exchange actively exploited in the wild Microsoft released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day flaws. Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that at least one…
Google fixes Critical Remote Code Execution issue in Android System component Google addressed 37 vulnerabilities with the release of the Android security updates for March 2021, including a critical flaw in the System component. Google released security updates to address 37 vulnerabilities as part of the Android security updates for March 2021, the most severe one is a critical flaw in the System component tracked as…
Pwn20wnd released the unc0ver v 6.0 jailbreaking tool The popular jailbreaking tool called “unc0ver” now supports iOS 14.3 and earlier releases, and is able to unlock almost every iPhone device. Pwn20wnd, the author of the jailbreaking tool “unc0ver,” has updated their software to support iOS 14.3 and earlier releases. The last release of the jailbreaking tool, unc0ver v6.0.0, now includes the exploit code…
French multinational dairy Lactalis hit by a cyber attack French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy giant Lactalis announced that it was hit by a cyber attack, but claimed that it had found no evidence of a data breach. Lactalis employs more than 80,000 people worldwide, at more than 230 production…
Alleged China-linked APT41 group targets Indian critical infrastructures Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between…
Distributor of Asian food JFC International hit by Ransomware JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC International, a major distributor and wholesaler of Asian food products, announced it has recently suffered a ransomware attack. The ransomware attack only impacted JFC International’s Europe Group, the malware caused the disruption of some of its IT…
Gootkit delivery platform Gootloader used to deliver additional payloads The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost…
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing the company to hack. Top executives of the SolarWinds firm believe that the root cause of the recently disclosed supply chain attack is an intern that has used a weak password for several years. Initial…
ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users. The settlement has yet to be approved by a federal judge. The Chinese firm was accused to have failed…
NSA embraces the Zero Trust Security Model The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process. Modern infrastructure are complex environments that combine multiple technologies and that are exposed to…
EU leaders aim at boosting defense and security, including cybersecurity During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security. “We…
New Zealand-based cryptocurrency exchange Cryptopia hacked again The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million…
Security Affairs newsletter Round 303 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing…
Experts found a critical authentication bypass flaw in Rockwell Automation softwareA critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University…
Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from…
Hacker's Den
Policy Group Calls for Public-Private Cyber-Defense Program The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.
'ObliqueRAT' Now Hides Behind Images on Compromised Websites 'Transparent Tribe' has switched its tactics for distributing the remote access Trojan, researchers found.
Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China.
Hackers Use SEO Techniques to Push Gootloader Malware Via Google The Javascript-based infection framework for the Gootkit RAT increasingly delivers a wider variety of malware, including ransomware payloads. The delivery system for the Gootkit information stealer has advanced into a complex and stealthy framework, known as Gootloader, and currently pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google…
SolarWinds CEO Blames Intern for ‘solarwinds123’ Password Leak that Led to Biggest Cyber Attack in 2020 “solarwinds123”, the password that is believed to be the root cause of the biggest cyber hack of 2020. Top executives of Texas-based software company SolarWinds have laid the blame at the feet of an intern for a critical password lapse that was noticed by anyone for several years. This is the latest piece of information…
New Jailbreak Tool Works on Most iPhones The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
MSP Provider Builds Red Team as Attackers Target Industry NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.
Building a Next-Generation SOC Starts With Holistic Operations The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
Masslogger – A Campaign that Exfiltrates Passwords from Microsoft Outlook, Google Chrome, and Instant Messengers Cisco Talos discovered a campaign utilizing a variant of the Masslogger trojan designed to retrieve and exfiltrate user credentials from multiple sources such as Microsoft Outlook, Google Chrome and instant messengers. The recurrence of a credential-stealing campaign affects Windows systems and have been found to have targeted users in Turkey, Latvia, and Italy primarily but…
How to use ‘1Password’ to Protect your Business Against Cybercrime How 1Password Neutralizes Cybercrime The use of a password manager has become a crucial necessity these days. Hackers and cybercriminals are professionalizing their craft alongside cybersecurity professionals. Basically, password managers are an internet security 101. Most password managers, but not all, are not user-friendly and very annoying. 1Password, however, is the easiest to use and…
Lazarus hacker Group Attack Defence Industries with custom-made Malware ThreatNeedle Lazarus has now added the defence industry to its growing list of victims. Lazarus is a North Korean hacking group that has been active since 2009. The group has primarily been linked with ransomware campaigns, cyberespionage, and attacks against the cryptocurrency market. Researchers at Kaspersky were made aware of the attack on the defence industry…
Malicious Firefox Extension that Allows Attackers to Access and Control Users’ Gmail AccountsProofpoint Threat Research has tracked low-volume phishing campaigns targeting Tibetan organizations globally. In January and February 2021, experts observed threat actors aligned with the Chinese Communist Party’s state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users’ Gmail accounts. Proofpoint has named this malicious browser extension “FriarFox” and…
Attackers Turn Struggling Software Projects Into Trojan HorsesWhile access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
Researchers Find a Way to Learn What Users Type in Video CallingYou are on an official video call. You share a joke with your coworker about your boss on private chat. You’ll both laugh and giggle over the joke. The call gets over, and you carry on with life as normal. The next day your boss calls you, and guess what, he wants to discuss the…
Microsoft Releases Free Tool for Hunting SolarWinds MalwareMeanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
ID TheftCyber AttacksCyber NewsCyber Attack and HacksCyber Defense
Four zero-days in Microsoft Exchange actively exploited in the wild Microsoft released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day flaws. Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that at least one…
Google fixes Critical Remote Code Execution issue in Android System component Google addressed 37 vulnerabilities with the release of the Android security updates for March 2021, including a critical flaw in the System component. Google released security updates to address 37 vulnerabilities as part of the Android security updates for March 2021, the most severe one is a critical flaw in the System component tracked as…
Pwn20wnd released the unc0ver v 6.0 jailbreaking tool The popular jailbreaking tool called “unc0ver” now supports iOS 14.3 and earlier releases, and is able to unlock almost every iPhone device. Pwn20wnd, the author of the jailbreaking tool “unc0ver,” has updated their software to support iOS 14.3 and earlier releases. The last release of the jailbreaking tool, unc0ver v6.0.0, now includes the exploit code…
French multinational dairy Lactalis hit by a cyber attack French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy giant Lactalis announced that it was hit by a cyber attack, but claimed that it had found no evidence of a data breach. Lactalis employs more than 80,000 people worldwide, at more than 230 production…
Alleged China-linked APT41 group targets Indian critical infrastructures Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between…
Distributor of Asian food JFC International hit by Ransomware JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC International, a major distributor and wholesaler of Asian food products, announced it has recently suffered a ransomware attack. The ransomware attack only impacted JFC International’s Europe Group, the malware caused the disruption of some of its IT…
Gootkit delivery platform Gootloader used to deliver additional payloads The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost…
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing the company to hack. Top executives of the SolarWinds firm believe that the root cause of the recently disclosed supply chain attack is an intern that has used a weak password for several years. Initial…
ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users. The settlement has yet to be approved by a federal judge. The Chinese firm was accused to have failed…
NSA embraces the Zero Trust Security Model The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process. Modern infrastructure are complex environments that combine multiple technologies and that are exposed to…
EU leaders aim at boosting defense and security, including cybersecurity During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security. “We…
New Zealand-based cryptocurrency exchange Cryptopia hacked again The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million…
Security Affairs newsletter Round 303 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing…
Experts found a critical authentication bypass flaw in Rockwell Automation softwareA critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University…
Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from…
- All
- Threats
- Hacks
- Hacker's Den
- ID Theft
- Cyber Attacks
- Cyber News
- Cyber Attack and Hacks
- Cyber Defense
Threats
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.
Payroll/HR Giant PrismHR Hit by Ransomware? PrismHR, a company that sells software and services used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack.
Is Your Browser Extension a Botnet Backdoor? A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, and why installing an extension can be…
How $100M in Jobless Claims Went to InmatesThe U.S. Labor Department's inspector general said this week that roughly $100 million in fraudulent unemployment insurance claims were paid in 2020 to criminals who are already in jail. That's a tiny share of the estimated tens of billions of dollars in jobless benefits states have given to identity thieves in the past year. To…
Checkout Skimmers Powered by Chip CardsEasily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal's chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered…
Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer GangThe leader of Mexico's Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico's top tourist destinations over the past five years. The scandal is the latest fallout stemming from a three-part investigation into the…
U.S. Indicts North Korean Hackers in Theft of $200 MillionThe U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted…
Hacks
Four zero-days in Microsoft Exchange actively exploited in the wild Microsoft released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day flaws. Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that at least one…
Google fixes Critical Remote Code Execution issue in Android System component Google addressed 37 vulnerabilities with the release of the Android security updates for March 2021, including a critical flaw in the System component. Google released security updates to address 37 vulnerabilities as part of the Android security updates for March 2021, the most severe one is a critical flaw in the System component tracked as…
Pwn20wnd released the unc0ver v 6.0 jailbreaking tool The popular jailbreaking tool called “unc0ver” now supports iOS 14.3 and earlier releases, and is able to unlock almost every iPhone device. Pwn20wnd, the author of the jailbreaking tool “unc0ver,” has updated their software to support iOS 14.3 and earlier releases. The last release of the jailbreaking tool, unc0ver v6.0.0, now includes the exploit code…
French multinational dairy Lactalis hit by a cyber attack French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy giant Lactalis announced that it was hit by a cyber attack, but claimed that it had found no evidence of a data breach. Lactalis employs more than 80,000 people worldwide, at more than 230 production…
Alleged China-linked APT41 group targets Indian critical infrastructures Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between…
Distributor of Asian food JFC International hit by Ransomware JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC International, a major distributor and wholesaler of Asian food products, announced it has recently suffered a ransomware attack. The ransomware attack only impacted JFC International’s Europe Group, the malware caused the disruption of some of its IT…
Gootkit delivery platform Gootloader used to deliver additional payloads The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost…
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing the company to hack. Top executives of the SolarWinds firm believe that the root cause of the recently disclosed supply chain attack is an intern that has used a weak password for several years. Initial…
ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users. The settlement has yet to be approved by a federal judge. The Chinese firm was accused to have failed…
NSA embraces the Zero Trust Security Model The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process. Modern infrastructure are complex environments that combine multiple technologies and that are exposed to…
EU leaders aim at boosting defense and security, including cybersecurity During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security. “We…
New Zealand-based cryptocurrency exchange Cryptopia hacked again The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million…
Security Affairs newsletter Round 303 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing…
Experts found a critical authentication bypass flaw in Rockwell Automation softwareA critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University…
Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from…
Hacker's Den
Policy Group Calls for Public-Private Cyber-Defense Program The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack.
'ObliqueRAT' Now Hides Behind Images on Compromised Websites 'Transparent Tribe' has switched its tactics for distributing the remote access Trojan, researchers found.
Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China.
Hackers Use SEO Techniques to Push Gootloader Malware Via Google The Javascript-based infection framework for the Gootkit RAT increasingly delivers a wider variety of malware, including ransomware payloads. The delivery system for the Gootkit information stealer has advanced into a complex and stealthy framework, known as Gootloader, and currently pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google…
SolarWinds CEO Blames Intern for ‘solarwinds123’ Password Leak that Led to Biggest Cyber Attack in 2020 “solarwinds123”, the password that is believed to be the root cause of the biggest cyber hack of 2020. Top executives of Texas-based software company SolarWinds have laid the blame at the feet of an intern for a critical password lapse that was noticed by anyone for several years. This is the latest piece of information…
New Jailbreak Tool Works on Most iPhones The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
MSP Provider Builds Red Team as Attackers Target Industry NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.
Building a Next-Generation SOC Starts With Holistic Operations The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
Masslogger – A Campaign that Exfiltrates Passwords from Microsoft Outlook, Google Chrome, and Instant Messengers Cisco Talos discovered a campaign utilizing a variant of the Masslogger trojan designed to retrieve and exfiltrate user credentials from multiple sources such as Microsoft Outlook, Google Chrome and instant messengers. The recurrence of a credential-stealing campaign affects Windows systems and have been found to have targeted users in Turkey, Latvia, and Italy primarily but…
How to use ‘1Password’ to Protect your Business Against Cybercrime How 1Password Neutralizes Cybercrime The use of a password manager has become a crucial necessity these days. Hackers and cybercriminals are professionalizing their craft alongside cybersecurity professionals. Basically, password managers are an internet security 101. Most password managers, but not all, are not user-friendly and very annoying. 1Password, however, is the easiest to use and…
Lazarus hacker Group Attack Defence Industries with custom-made Malware ThreatNeedle Lazarus has now added the defence industry to its growing list of victims. Lazarus is a North Korean hacking group that has been active since 2009. The group has primarily been linked with ransomware campaigns, cyberespionage, and attacks against the cryptocurrency market. Researchers at Kaspersky were made aware of the attack on the defence industry…
Malicious Firefox Extension that Allows Attackers to Access and Control Users’ Gmail AccountsProofpoint Threat Research has tracked low-volume phishing campaigns targeting Tibetan organizations globally. In January and February 2021, experts observed threat actors aligned with the Chinese Communist Party’s state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users’ Gmail accounts. Proofpoint has named this malicious browser extension “FriarFox” and…
Attackers Turn Struggling Software Projects Into Trojan HorsesWhile access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious code.
Researchers Find a Way to Learn What Users Type in Video CallingYou are on an official video call. You share a joke with your coworker about your boss on private chat. You’ll both laugh and giggle over the joke. The call gets over, and you carry on with life as normal. The next day your boss calls you, and guess what, he wants to discuss the…
Microsoft Releases Free Tool for Hunting SolarWinds MalwareMeanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
ID Theft
Cyber Attacks
Cyber News
Cyber Attack and Hacks
Cyber Defense
Four zero-days in Microsoft Exchange actively exploited in the wild Microsoft released emergency out-of-band security updates for all supported Microsoft Exchange versions that fix four zero-day flaws. Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that at least one…
Google fixes Critical Remote Code Execution issue in Android System component Google addressed 37 vulnerabilities with the release of the Android security updates for March 2021, including a critical flaw in the System component. Google released security updates to address 37 vulnerabilities as part of the Android security updates for March 2021, the most severe one is a critical flaw in the System component tracked as…
Pwn20wnd released the unc0ver v 6.0 jailbreaking tool The popular jailbreaking tool called “unc0ver” now supports iOS 14.3 and earlier releases, and is able to unlock almost every iPhone device. Pwn20wnd, the author of the jailbreaking tool “unc0ver,” has updated their software to support iOS 14.3 and earlier releases. The last release of the jailbreaking tool, unc0ver v6.0.0, now includes the exploit code…
French multinational dairy Lactalis hit by a cyber attack French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy giant Lactalis announced that it was hit by a cyber attack, but claimed that it had found no evidence of a data breach. Lactalis employs more than 80,000 people worldwide, at more than 230 production…
Alleged China-linked APT41 group targets Indian critical infrastructures Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting critical infrastructure operators in India. The list of targets includes power plants, electricity distribution centers, and seaports in the country. The attacks surged while relations between…
Distributor of Asian food JFC International hit by Ransomware JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC International, a major distributor and wholesaler of Asian food products, announced it has recently suffered a ransomware attack. The ransomware attack only impacted JFC International’s Europe Group, the malware caused the disruption of some of its IT…
Gootkit delivery platform Gootloader used to deliver additional payloads The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts from Sophos documented the evolution of the “Gootloader,” the framework used for delivering the Gootkit RAT banking Trojan. The framework was improved to deploy a wider range of malware, including ransomware payloads. “In recent years, almost…
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing the company to hack. Top executives of the SolarWinds firm believe that the root cause of the recently disclosed supply chain attack is an intern that has used a weak password for several years. Initial…
ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users. The settlement has yet to be approved by a federal judge. The Chinese firm was accused to have failed…
NSA embraces the Zero Trust Security Model The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security Agency (NSA) recently published a document to explain the benefits of adopting a zero-trust model, and advice to navigate the process. Modern infrastructure are complex environments that combine multiple technologies and that are exposed to…
EU leaders aim at boosting defense and security, including cybersecurity During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting defense and security. During the recent video conference of the members of the European Council (25-26 February 2021), NATO chief Jens Stoltenberg highlighted the importance to define a strategy to boost defense and security. “We…
New Zealand-based cryptocurrency exchange Cryptopia hacked again The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million…
Security Affairs newsletter Round 303 A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com Experts warn of threat actors abusing…
Experts found a critical authentication bypass flaw in Rockwell Automation softwareA critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The vulnerability was independently reported to Rockwell by researchers at the Soonchunhyang University…
Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de Ecuador). The group claims to have also stolen data from…