A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis. “In every attack, the threat actor demonstrates extensive red teaming skills and the […]
On a popular hacking forum, and marketplace recently data for almost 7 million Robinhood customers was stolen and sold. In this event, the threat actors have abused the network of Robinhood by hacking one of its employees. The hacker got access to the information of approximately 7 million Robinhood users through the customer support systems […]
According to a report by Trend Micro, the hacking group identified as TeamTNT has been attacking Docker servers with exposed REST APIs as part of an ambitious exploitation campaign, resorting to the execution of malicious scripts for the injection of a tool for mining the Monero cryptocurrency. Apparently, this attack starts with creating a Docker […]
Ukraine’s premier law enforcement and counterintelligence agency on Thursday disclosed the real identities of five individuals allegedly involved in digital intrusions attributed to a cyber-espionage group named Gamaredon, linking the members to Russia’s Federal Security Service (FSB). Calling the hacker group “an FSB special project, which specifically targeted Ukraine,” the Security Service of Ukraine (SSU) […]
On top of illegally streaming sports games for profit, the man is also believed to have attempted to extort MLB for $150,000
Law enforcement agencies in the European Union are investigating the theft of a private key used by health authorities to issue and sign digital COVID-19 vaccination certificates, which has been distributed in private messaging apps and hacking forums. It should be remembered that this vaccination certificate allows the inhabitants of the European community to demonstrate […]
Cybersecurity specialists report the detection of a new attack method on non-fungible token (NFT) sale platforms and cryptocurrency wallets such as OpenSea and MetaMask through a malicious file. These are two of the largest platforms of their kind, so the scope of a potential attack is considerable. The attack would allow threat actors to take […]
Cybersecurity specialists report the detection of a new Iranian hacking group that has been employing a never seen before variant of remote access Trojan (RAT). The cybercriminal group was identified as MalKamak and the campaign is known as Operation GhostShell. The campaign, identified by security firm Cybereason, was first detected in June 2021, with attackers […]
According to security researcher Bobby Raunch, the attack exploits the way Lost Mode of AirTags is set up. Although Apple’s Bluetooth-enabled item trackers called AirTags are pretty helpful as you can attach important objects like wallets or keys to prevent them from going missing, they are still vulnerable to hacking and not entirely trustworthy. According […]
Cybersecurity specialists notified WordPress of the detection of two vulnerabilities in the popular Ninja Forms plugin. According to the report, successful exploitation of the flaws could allow malicious hackers to extract sensitive information and send phishing emails from compromised websites. The report, presented by Wordfence, mentions that the flaw in this plugin with more than […]
Cybersecurity specialists report the detection of a dangerous “zero-click” vulnerability in a popular security camera model whose exploitation would allow threat actors to gain full access to an affected device and even to the home networks of millions of homes. Tracked as CVE-2021-36260, the vulnerability was described as a remote code execution bug residing in […]
A representative of the U.S. farmers’ cooperative NEW Cooperative has confirmed that the organization became victim of a BlackMatter ransomware infection. Reportedly, threat actors are reportedly demanding a $5.9 million USD ransom in exchange for handing over the decryption keys and not revealing the compromised information. In addition, hackers have threatened to increase the ransom […]
In groundbreaking research, it has been revealed that governments and regimes around the world used NSO Group’s Pegasus spyware, a company based in Herzliya, Israel. Around 17 media outlets participated in a sweeping investigation on the nefarious activities of Israeli spyware maker NSO Group’s Pegasus spyware. Washington Post reports that investigation revealed the software was […]
The call center ran a fake Amazon technical support call center in South Delhi – Now, 26 of its “employees” have been arrested. The Delhi Police have shut down a fake call center alleged to have been operational for the past seven months and scamming US citizens. Allegedly, the call center employees duped US citizens […]
The German government, through its Foreign Ministry, has filed a complaint against Russian authorities over an alleged attempt to steal confidential information belonging to its lawmakers as part of a potential disinformation campaign leading up to the upcoming election. Andrea Sasse, a foreign ministry spokeswoman, said a hacking group identified as Ghostwriter deployed a “sophisticated […]
Researchers uncovered a new ongoing attack by Conti Ransomware Gang that utilized the ProxyShell to target the organization networks. ProxySell is an exploit written to abuse the Microsoft Exchange vulnerabilities reported over the past months, also it was patched by Microsoft and released an update in May 2021 under patch Tuesday. Conti is one of the ruthless […]
Earlier this week the SEC (Securities and Exchange Commission) in the USA penalized various companies due to cyber security breakdowns. Hackers took advantage of the mishap to gain unauthorized access to email accounts and lots of customer’s data was exposed. A statement from the SEC read as follows: “According to SEC, it has penalized eight […]
Cybersecurity specialists report the detection of a web attack structure implemented by an alleged group of Chinese state-sponsored hackers and designed to exploit security flaws in dozens of popular websites in order to gather information about dissidents and opponents of china’s government. Apparently, hackers are attacking at least 57 Chinese websites and the official platforms […]
Details have emerged about a new unpatched security vulnerability in Fortinet’s web application firewall (WAF) appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system. “An OS command injection vulnerability in FortiWeb’s management interface (version 6.3.11 and prior) can allow a remote, authenticated attacker to execute arbitrary commands […]
Cybersecurity specialists report the detection of a cross-site scripting (XSS) vulnerability in SEOPress, a popular WordPress plugin for search engine optimization (SEO), allowing webmasters to manage SEO metadata, social media cards, Google Ads settings and other useful features. Currently this plugin has more than 100 thousand active installations, so this report should be taken seriously. […]
How poking at the innards of satellites can make the future of cybersecurity in space more palatable