A new cybercriminal operation identified as Prometheus is helping multiple hacking groups distribute malware across various compromised websites. Researchers point out that Prometheus operates a service variant known as a traffic distribution system (TDS). This system operates similarly to a conventional online service, as hackers must create accounts on Prometheus and pay a fee to […]
The security researchers of Cybereason Nocturnus have recently detected three malicious cyber-espionage campaigns that are targeting the major telecommunication companies all over SouthEast Asia. According to the report, the analysts reported that they have found that in recent years the hackers have nearly targeted five major telecommunications providers in Southeast Asia. And this attack has […]
A group of researchers discovered three different groups of threat actors linked to the Chinese government using previously seen Microsoft Exchange exploits to deploy powerful cyberattacks. These groups were identified as Emissary Panda (also known as APT27), Soft Cell and Naikon. As if that were not enough, Kaspersky researchers confirmed the detection of a fourth […]
A story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK.
Security experts at SentinelOne have come across a previously unidentified data-scrubbing malware tool that was a portion of an uncontrollable malware attack against Iran’s railway infrastructure earlier this month. With regard to obscure news of a malware bout that ceased the operations of the Iranian railway infrastructure on 9th July, SentinelOne threat tracking specialists reassembled […]
Pentesting has become one of the main practices of the cybersecurity community and even represents an important source of income for independent researchers and security firms. The most advanced security audits are typically performed on Kali Linux computers with specific hardware requirements, although some scanning processes can be performed using a conventional smartphone or tablet. […]
The operators of the REvil ransomware, one of the most dangerous hacking groups in the world, have deployed a massive new operation. This time, the victim is software development firm Kaseya, which suffered a severe infection and must now pay a ransom of up to $70 million. This weekend, the cybersecurity community issued an alert […]
An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the U.K.’s National Cyber Security […]
Cybersecurity researchers are warning of ongoing attacks coordinated by a suspected Chinese-speaking threat actor targeting the Afghanistan government as part of an espionage campaign that may have had its provenance as far back as 2014. Israeli cybersecurity firm Check Point Research attributed the intrusions to a hacking group tracked under the moniker “IndigoZebra,” with past […]
A new cybercriminal campaign is hitting the streets of Sao Paulo, Brazil, with a group dedicated to stealing iPhone devices in order to access victims’ bank accounts and steal as much money as possible. A report published in the local newspaper Folha de Sao Paulo states that this trend began during coronavirus confinement, although it […]
A recent hacking campaign targeting digital artists and creators of non-funible tokens (NFT) led to the theft of sensitive information and an attempted banking fraud. These attacks, detected early last week, sowed panic among the cryptocurrency and blockchain technology community. Early reports indicate that the threat actors behind the incident employed multiple fake social media […]
A newly discovered hacking group is deploying an ambitious malicious campaign against politicians in Africa and the Middle East. The operation, identified as “BackdoorDiplomacy”, has also been detected in Europe and Asia. ESET experts believe this campaign has been active since at least 2017, targeting Windows and Linux systems in order to exploit vulnerabilities in […]
The Federal Bureau of Investigation (FBI), in collaboration with the Australian Federal Police announced the end of Operation Ironside or Trojan Shield, based on the administration of an encrypted chat platform and the interception of thousands of messages, leading to the deployment of thousands of raids and arrests against all kinds of criminal groups, including […]
A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with its southern counterpart to install an Android and Windows backdoor for collecting sensitive information. Cybersecurity firm Malwarebytes attributed the activity to a threat actor tracked as Kimsuky, with the targeted entities comprising of the […]
Pentesting is one of the most important processes in cybersecurity, as it allows a correct analysis of internal vulnerabilities to determine the best way to address the flaws encountered during the process. This is an essential task for specialists, so it is necessary to reflect on what are the best tools available. This time, internal […]
Attacks on ATMs on the street have evolved in great steps, leaving behind the methods of physical engagement of these machines to reach attacks using technology and advanced hacking capabilities. More recent analyses suggest that the most sophisticated method is currently known as “Black Box”, based on the use of a microcomputer with a single […]
Cybersecurity specialists report detecting a new wave of attacks potentially linked to the Avaddon ransomware variant. This is a strain detected in early 2019 and is advertised as an as a service (RaaS) ransomware platform. Recently a joint investigation by security firms in the United States and Australia detailed this new wave of attacks, detected […]
The cybersecurity researchers of FireEye’s cybersecurity team at Mandiant have recently proclaimed that the phishing campaign, which mopped across financial, communications, medical, and other organizations around the world in December in two waves was based on completely new strains of malware. In this campaign, the attackers targeted and attacked 50 well-known organizations from an extensive […]
The adoption of Voice over Internet Protocol (VoIP) technology is becoming broader, allowing organizations to communicate over huge distances and very easily. However, most organizations ignore the potential security flaws associated with using this technology. This time, pentesting specialists from the International Institute of Cyber Security (IICS) will show you various methods to search for […]
Moxie Marlinspike, CEO of Signal states that since Cellebrite itself makes a living from undisclosed vulnerabilities, he decided to disclose the vulnerability to the public rather than informing the company. In December 2020, Cellebrite claimed that it could easily crack Signal’s encryption. However, it seems like tables have turned for the Israel-based software maker since […]
More than 20 million BigBasket users’ data were recently leaked on a well-known hacking forum known as “ShinyHunter” It’s a popular online grocery delivery service in India, that allows users to order groceries online and convey them to their homes. A hackers forum user, ShinyHunter has recently posted the leaked database of BigBasket users for […]