The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates. “This suggests that the threat actors are streamlining operations by making their techniques multipurpose,” Trend Micro researchers said in a new analysis published this week. […]
GitHub announced that it suffered a security breach in which unauthorized individuals obtained access to specific development and release planning repositories and stole encrypted code-signing certificates for the Desktop and Atom applications. Hence, in order to avoid any potential misunderstandings, the company has made the decision to revoke the certificates exposed to public scrutiny. There […]
GitHub discovered illegal access to a collection of repositories on December 7, 2022. These repositories were used in the design and development of Atom and GitHub Desktop. A Personal Access Token (PAT) that was connected with a machine account was breached, which led to the cloning of the repositories belonging to our atom and desktop […]
Platform certificates, also known as platform keys, are used by OEM Android device makers to certify the core ROM images of their devices. These images include the Android operating system and any related applications. The application signing certificate that was used to sign the “android” program that was stored on the system image is known […]
Some versions of Java are affected by a critical vulnerability in the Elliptic Curve Digital Signature Algorithm (ECDSA) signature validation that would allow threat actors to digitally sign files and other data in the same way that a legitimate entity would. A hacker could pass off malicious downloads as if it were benign content without […]
Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems. The binary, a loader, has been dubbed “Blister” by researchers from Elastic Security, with […]
A hacking group calling itself Lapsus$ Group claims to have encrypted with ransomware and stolen some 50 TB of information from Brazil’s Ministry of Health, including millions of COVID-19 vaccination records and certificates. The attack was confirmed on the Health Ministry’s website, as the hackers even replaced Brazil’s official government image with what appears to […]
Italian authorities, in collaboration with cybersecurity specialists, reported the dismantling of a cybercriminal group dedicated to a scam related to the preparation and sale of fake COVID-19 vaccination certificates through various Telegram channels. Through a statement, the Milan Cybercrime Prosecutor’s Office revealed that its collaboration with the security firm Group-IB made it possible to identify […]
Authorities in the Indian state of Haryana have announced the arrest of two individuals accused of falsifying hundreds of birth and death certificates by hacking into various government websites. The local police’s Cybercrime Unit managed to identify the defendants, leading to their arrest. At the time of their arrest, the defendants were seized two laptops, […]
Law enforcement agencies in the European Union are investigating the theft of a private key used by health authorities to issue and sign digital COVID-19 vaccination certificates, which has been distributed in private messaging apps and hacking forums. It should be remembered that this vaccination certificate allows the inhabitants of the European community to demonstrate […]
Security vulnerabilities are inevitable but one can avoid them by securing applications. In this article, we are listing 5 popular WordPress security solution providers who also offer free SSL certificates. Security plays a vital role in software application development. Today, we have many open source/proprietary software available on the internet to develop an application. Open-source […]
Researcher Haya Shulman of the Fraunhofer Institute for Secure Information Technology in Germany reported the discovery of a critical vulnerability in Let’s Encrypt that would allow threat actors to evade security measures on this service and obtain digital certificates with ease. The flaw lies in the mechanism used by Let’s Encrypt for web domain ownership […]
During an investigation related to the issuance of a fake death certificate, local authorities in India discovered that the official platforms of the city of Gurugram were hacked in order to issue fake birth and death certificates in what appears to be a scam that extends to the entire city. It seems that as a […]
Venafi has discovered over 100,000 typosquatted domains with legitimate TLS certificates that appear to be aimed at large traders, a company that allows organizations to protect cryptographic keys and virtual certificates. Venafi has been analyzing lookalike domains with 20 major retailers in the United States, Australia, Germany and France during the summer shopping season. The […]
Imperva, one of the leading cyber-security firm disclosed a data breach that impacts the customers’ data of Cloud Web Application Firewall (WAF). According to the blog post published by Imperva CEO Chris Hylen, “elements of our Incapsula customer database through September 15, 2017, were exposed”. The company learned the data exposure on August 20, 2019, […]
Experts from multiple digital forensics firms report that the Kazakhstan government has begun intercepting all HTTPS traffic detected within its territory. Internet service providers companies operating in the country have already been warned by the government; from now on, they will have to force their respective customers to install certificates released by the Kazakh authorities […]
The public in the United States will no longer be able to access several Federal websites due to their expired HTTPS certificates. The Government has shut down the websites with lapsed security certificates citing the situation that could put visitors at risk The certificates, that allowed you’re connected to be encrypted is to ensure that […]
Tor is a browser known to keep the IP addresses of its users private and confidential due to which users can surf the web anonymously. However, according to RiskIQ’s threat researcher Yonathan Klijnsma, it is possible to identify the IP addresses of Tor users. Klijnsma states that misconfigured Dark Web servers are mainly responsible for […]
It wasn’t the IP camera software that we thought Recently hackers stole code signature certificates from D-Link and other Taiwan-based manufacturer of routers and cameras, employing these codes to spread malware that steals passwords and backdoors from PCs, as reported by specialists in secure data destruction. Certificates were used to cryptographically verify that D-Link and Changing […]
D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan
GetAltName it’s a little script that can extract Subject Alt Names for SSL Certificates directly from HTTPS web sites which can provide you with DNS names or virtual servers. It’s useful in a discovery phase of a pen-testing assessment, this tool can provide you with more information about your target and scope. This code is […]