Think, Talk, Hack

Browsing tag

Cyber-Attack

Toyota Hacked – Hackers Leaked 3.1 Million Customers Sensitive Information Online

Toyota hacked, yes, Toyota major subsidiaries network compromised by unknown hackers and they gained unauthorized access to the network where Toyota stored nearly 3.1 million customers sensitive information. Toyota Motor Corporation is a Japan-based, world’s second-largest automotive manufacturer who produces more than 10 million vehicles per year. This security incident affected Japan-based Toyota subsidiaries networks […]

root

1 Million Swiss Devices Victim Of Cyber Attack

Cyber attacks are not always dramatic in nature, to a point that the users receive notification that something bad is already happening in the system that needs the attention of system administrators. Cyber espionage is one, where the goal is to extract as much information for the system as possible without the possibility of getting […]

root

Hackers using hacked WordPress & Joomla sites to drop malware

Apparently, the malware attack is carried out by Russian speaking hackers. The IT security researchers at Zscaler have discovered a sophisticated malware campaign targeting websites based on WordPress and Joomla content management system (CMS). The campaign works in such a way that hackers take advantage of a hidden directory on HTTPS and exploit vulnerabilities in extensions, plugins, and themes […]

root

Microsoft seizes 99 websites used by Iranian hackers for phishing attacks

Microsoft has announced that it has seized some key websites that Iranian hackers used for stealing sensitive information from unsuspecting users in the US as well as launching cyber attacks. Reportedly, 99 websites have been seized by Microsoft of an Iranian hacker group that is known by many names including Phosphorus, Charming Kitten and APT […]

root

Warning: ASUS Software Update Server Hacked to Distribute Malware

Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS. A group of […]

root

Alert !! Hackers Launching New JNEC.a Ransomware via WinRAR Exploits – Do not Pay

A brand new JNEC.a ransomware spreading via recently discovered WinRAR vulnerability exploit to compromise windows computer & demand the ransom amount. This exploits leverage the recently discovered WinRAR ACE code injection vulnerability, since then attackers continuously exploiting the vulnerability to intrude the targeted system in various ways. WinRAR is the worlds most popular Compression tool […]

root

Box.com Flaw Enables Folder/File Access To Unauthorized Users

A critical flaw in Box.com cloud-storage solution was recently discovered that make files stored in the service accessible by external unauthorized users if users are not security-conscious. Box.com is a mainstream cloud-storage service with many corporate account holders storing their personal and business files in the encrypted storage service. The corporate account is at risk, […]

root

U.S. Cyber Attacks Against Russia’s Federal News Agency

The United States military has publicly disclosed that it launched a cyber attack against Russia’s Federal News Agency (FAN), the news website arm of the Russian Internet Research Agency (IRA). The U.S. instigate the cyber attacks against what it considered as an alleged Russian-hosted “troll farm” which the U.S. accused of mass producing fake news. […]

root

Malicious reCAPTCHA Pretending To Be From Google Creates Chaos

Since 1999, Google’s name has resonated to mean “don’t be evil”, with the main goal of collecting all the world’s information and presenting it to everyone in a very digestible way. The search giant has built this good name for two-decades now, as the company celebrates its 20th anniversary this 2019. Of course, with popularity […]

root

Android banking malware distributed with fake Google reCAPTCHA

Sucuri’s cybersecurity researchers have identified a highly sophisticated phishing campaign that is specifically targeting online banking users. The attack, for now, has been directed against a Polish bank in which attackers are exploiting Google reCAPTCHA systems as well as panic-eliciting tactics to lure victims into clicking on infected, malicious links that are already embedded in […]

root

Safe Computing Tips For Common Computer User

Currently, most computers are connected to the network, and various information is exchanged beyond national borders. Mobile devices such as smartphones and tablets have also been used in business, personal entertainment and productivity are way more than desktop PCs. In addition, the IoT (Internet-of-Things) technology that connects machinery and equipment used in production processes, social […]

root

Why Disable SSDP/UPnP In Today’s Home And Enterprises?

When Did UPnP and SSDP Became Mainstream? Universal Plug and Play (UPnP) was considered revolutionary when it was introduced to Windows Millennium Edition nineteen years ago, in 2000. It was hyped with the promise of automatic detection of ‘smart’ appliances in the home and in the office using a Windows PC. It is the pre-IoT […]

root

Dark Web hacker selling 92M new accounts on Dream market

The dark web hacker “Gnosticplayers” has quickly made a reputation for his high-profile data breaches and selling user data on the infamous Dream marketplace. A couple of days ago the hacker was selling 126 million accounts stolen from new data breaches and now, the same hacker is back with another list of compromised websites which is another […]

root

Dark Web hacker selling 126M accounts stolen from new data breaches

A dark web hacker going by the online handle of “Gnosticplayers” is selling a massive trove of user data stolen after compromising websites of several popular companies. The data which amounts to over 126 million accounts includes emails and passwords, etc. and is currently available on the dark web’s infamous Dream marketplace. Who’s involved? The […]

root

Email service provider loses 2 decades worth of data due to hack attack

Famed secure email service provider VFEmail has become a victim of a hack attack by an unknown cybercriminal. The company claims that it has suffered a “catastrophic destruction” of its US servers and almost two decades of data and backups in only a few hours. The entire digital infrastructure of the company got destroyed by […]

root

How To Respond Cyber Incident In your Organization

Vulnerability factor abuses how vulnerable an association or government foundation is to digital Incident. A PC arrange assault upsets the honesty or realness of information, typically through malicious code that adjusts program logic that controls information, prompting blunders in yield. Our developing reliance on innovation, network, and information imply that organizations show a greater assault […]

root

U.S. Senate Intelligence Committee’s Resolve In Anti-CyberCrime Efforts

The U.S. Senate Intelligence Committee held a hearing about U.S. cyber threats and risks last January 29 where intelligence agencies provided information about the evolving targets of cyber attacks, more particularly from Russia and China. This so-called cyber warfare is not new, but rather a continuing cyber attack between countries, espionage groups and companies worldwide, […]

root

Credential Stuffing Attack Hits Dailymotion

Dailymotion, the rival to Youtube’s video-sharing empire, has become a victim of a cyber attack called credential stuffing. It is an attack using the usernames and passwords from other data breaches against Dailymotion’s login system. This is highly effective since people usually reuse the same username and passwords across multiple web services. This same attack […]

root

APT39 Hacking Group Launch Widespread Attack Focused on Personal Information

Iranian cyber espionage group APT39 focus on stealing on personal information o perform monitoring, tracking, or surveillance operations against specific individuals. The group carrying a widespread campaign focused their operations in the Middle East, the U.S. and South Korea. Following are the industries targeted including telecommunications, travel industries, high-tech industry, and government entities. “We have […]

root