Saturday, 30 October 2021
Police Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide
12 people have been detained as part of an international law enforcement operation for orchestrating ransomware attacks on critical infrastructure and large organizations that hit over 1,800 victims across 71 countries since 2019, marking the latest action against cybercrime groups. The arrests were made earlier this week on October 26 in Ukraine and Switzerland, resulting in the seizure of cash
Friday, 29 October 2021
Week in security with Tony Anscombe
ESET discovers Wslink – Why secure-by-design is a must – Staying cybersecure this Halloween and beyond – Operation Dark HunTOR
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
This New Android Malware Can Gain Root Access to Your Smartphones
An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. The malware has been named "AbstractEmu" owing to its use of code abstraction and anti-emulation checks to avoid running while under analysis. Notably, the global mobile
7 Secrets of Successful Software Development Process in 2021
In this article, you’ll find recommendations on making the most of software development in 2021.…
7 Secrets of Successful Software Development Process in 2021 on Latest Hacking News.
New 'Shrootless' Bug Could Let Attackers Install Rootkit on macOS Systems
Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed "Shrootless" and tracked as CVE-2021-30892, the "vulnerability lies in how Apple-signed packages with
Winter is Coming for CentOS 8
Winter is Coming for CentOS 8—but here is how you can enjoy your holidays after all. The server environment is complex and if you're managing thousands of Linux servers, the last thing you want is for an operating system vendor to do something completely unexpected. That is exactly what Red Hat, the parent company of the CentOS Project, did when it suddenly announced a curtailment of support for
Russian TrickBot Gang Hacker Extradited to U.S. Charged with Cybercrime
A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group. Court documents showed that Vladimir Dunaev, 28, along with other members of the transnational, cybercriminal organization, stole money and
Thursday, 28 October 2021
5 tips for parents for a cybersecure Halloween
What are some of the key dangers faced by children online and how can you help protect them from the ghosts, ghouls and goblins creeping on the internet?
The post 5 tips for parents for a cybersecure Halloween appeared first on WeLiveSecurity
Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs
Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild. Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input in a feature called Intents as well as a case of inappropriate implementation in V8 JavaScript and
Dark HunTOR: 150 arrested, $31 million seized in major dark web bust
The police sting spanned three continents and involved crackdowns in nine countries
The post Dark HunTOR: 150 arrested, $31 million seized in major dark web bust appeared first on WeLiveSecurity
Wslink: Unique and undocumented malicious loader that runs as a server
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor
The post Wslink: Unique and undocumented malicious loader that runs as a server appeared first on WeLiveSecurity
Mozilla Removed Two Popular Firefox Add-Ons For Abusing Their Proxy API
Mozilla has recently announced the removal of two Firefox add-ons with a huge number of…
Mozilla Removed Two Popular Firefox Add-Ons For Abusing Their Proxy API on Latest Hacking News.
Critical Polygon Blockchain Vulnerability Could Allow Withdrawing Huge Amounts
While security issues are always huge for the crypto world, the vulnerability in the Polygon…
Critical Polygon Blockchain Vulnerability Could Allow Withdrawing Huge Amounts on Latest Hacking News.
Israeli Researcher Cracked Over 3500 Wi-Fi Networks in Tel Aviv City
Over 70% of Wi-Fi networks from a sample size of 5,000 were hacked with "relative ease" in the Israeli city of Tel Aviv, highlighting how unsecure Wi-Fi passwords can become a gateway for serious threats to individuals, small businesses, and enterprises alike. CyberArk security researcher Ido Hoorvitch, who used a Wi-Fi sniffing equipment costing about $50 to collect 5,000 network hashes for the
A Guide to Shift Away from Legacy Authentication Protocols in Microsoft 365
Microsoft 365 (M365), formerly called Office 365 (O365), is Microsoft's cloud strategy flagship product with major changes ahead, such as the deprecation of their legacy authentication protocols. Often stored on or saved to the device, Basic Authentication protocols rely on sending usernames and passwords with every request, increasing the risk of attackers capturing users' credentials,
Do you need to learn HTML to work as a content manager?
Content managers work with the content management systems on a daily basis. Does that mean…
Do you need to learn HTML to work as a content manager? on Latest Hacking News.
New Wslink Malware Loader Runs as a Server and Executes Modules in Memory
Cybersecurity researchers on Wednesday took the wraps off a "simple yet remarkable" malware loader for malicious Windows binaries targeting Central Europe, North America and the Middle East. Codenamed "Wslink" by ESET, this previously undocumented malware stands apart from the rest in that it runs as a server and executes received modules in memory. There are no specifics available on the
Malicious NPM Libraries Caught Installing Password Stealer and Ransomware
Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of distributing stealing credentials, installing remote access trojans, and infecting the compromised systems with ransomware. The bogus packages — named "noblox.js-proxy" and "noblox.js-proxies" — were found to
Wednesday, 27 October 2021
Hackers Using Squirrelwaffle Loader to Deploy Qakbot and Cobalt Strike
A new spam email campaign has emerged as a conduit for a previously undocumented malware loader that enables the attackers to gain an initial foothold into enterprise networks and drop malicious payloads on compromised systems. "These infections are also used to facilitate the delivery of additional malware such as Qakbot and Cobalt Strike, two of the most common threats regularly observed
Why It’s Important To Protect Your Personal Information
The world we are evolving into today is based on advanced digital technology, having as…
Why It’s Important To Protect Your Personal Information on Latest Hacking News.
[eBook] The Guide to Centralized Log Management for Lean IT Security Teams
One of the side effects of today’s cyber security landscape is the overwhelming volume of data security teams must aggregate and parse. Lean security teams don’t have it any easier, and the problem is compounded if they must do it manually. Data and log management are essential for organizations to gain real-time transparency and visibility into security events. XDR provider Cynet has offered
Cyber Attack in Iran Reportedly Cripples Gas Stations Across the Country
A cyber attack in Iran left petrol stations across the country crippled, disrupting fuel sales and defacing electronic billboards to display messages challenging the regime's ability to distribute gasoline. Posts and videos circulated on social media showed messages that said, "Khamenei! Where is our gas?" — a reference to the country's supreme leader Ayatollah Ali Khamenei. Other signs read, "
Latest Report Uncovers Supply Chain Attacks by North Korean Hackers
Lazarus Group, the advanced persistent threat (APT) group attributed to the North Korean government, has been observed waging two separate supply chain attack campaigns as a means to gain a foothold into corporate networks and target a wide range of downstream entities. The latest intelligence-gathering operation involved the use of MATA malware framework as well as backdoors dubbed BLINDINGCAN 
Tuesday, 26 October 2021
Putting cybersecurity first: Why secure‑by‑design must be the norm
Organizations that aim to pull ahead of the competition need to develop a strong security culture from top to bottom
The post Putting cybersecurity first: Why secure‑by‑design must be the norm appeared first on WeLiveSecurity
Serious RCE Vulnerability Affects Older WinRAR Versions
Heads up, WinRAR users! If you’re still running the older versions of the freeware utility,…
Serious RCE Vulnerability Affects Older WinRAR Versions on Latest Hacking News.
Tracking Mobile Devices by Analyzing Bluetooth Transmissions
Despite security measures in place, researchers have found how to analyze and exploit Bluetooth transmissions…
Tracking Mobile Devices by Analyzing Bluetooth Transmissions on Latest Hacking News.
A Punctuation Error May Expose Users’ Search Terms to ISPs Via Chrome And Firefox
Heads up, Chrome and Firefox users! Try not to include any hyphens in your search…
A Punctuation Error May Expose Users’ Search Terms to ISPs Via Chrome And Firefox on Latest Hacking News.
Facebook Launched SSRF Dashboard Tool Helps Spot SSRF Bugs
The social media giant Facebook has recently announced the release of a new security tool.…
Facebook Launched SSRF Dashboard Tool Helps Spot SSRF Bugs on Latest Hacking News.
Over 10 Million Android Users Targeted With Premium SMS Scam Apps
A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign — dubbed "UltimaSMS" — is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, video and photo
How Your Business Can Benefit From Using Cloud-based Collaboration Services
Cloud-based collaboration services are an important tool for any business looking to expand and thrive.…
How Your Business Can Benefit From Using Cloud-based Collaboration Services on Latest Hacking News.
Malicious Firefox Add-ons Block Browser From Downloading Security Updates
Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser. The two extensions in question, named Bypass and Bypass XM, "interfered with Firefox in a way that prevented users who had installed them from downloading updates, accessing updated blocklists, and updating remotely
Monday, 25 October 2021
L0phtCrack Password Auditing Tool Now Available As Open Source
Developed and maintained for quite a while, the password auditing tool “L0phtCrack” now goes open…
L0phtCrack Password Auditing Tool Now Available As Open Source on Latest Hacking News.
JavaScript Obfuscation Now Often Used By Hackers To Hide Malware
Researchers have spotted frequent occurrences of JavaScript obfuscation in regular sites that hackers have also…
JavaScript Obfuscation Now Often Used By Hackers To Hide Malware on Latest Hacking News.
LANTENNA Attack – A New Technique To Sniff Data From Air-gapped Networks
Researchers have devised a unique and inexpensive strategy to exfiltrate data from air-gapped networks. Dubbed…
LANTENNA Attack – A New Technique To Sniff Data From Air-gapped Networks on Latest Hacking News.
A GPSd Bug May Push You 20 Years Back From October 24, 2021
While the patch has arrived, unpatched apps may still cause a roll-back to 2002 due…
A GPSd Bug May Push You 20 Years Back From October 24, 2021 on Latest Hacking News.
Brave Rolls Out Its Own Search Engine By Default Ditching Google
The privacy-oriented Chrome browser alternative Brave has now announced another step to protect users’ searches.…
Brave Rolls Out Its Own Search Engine By Default Ditching Google on Latest Hacking News.
Google Chrome Removed FTP For Good – Deletes Code With Chrome 95
After alerting the intended withdrawal for a long time, Google has finally removed FTP with…
Google Chrome Removed FTP For Good – Deletes Code With Chrome 95 on Latest Hacking News.
The Deep-Learning Algorithm Can Guess an ATM PIN, Even With Keypads Covered
Researchers have devised a deep-learning algorithm that can effectively guess ATM PINs even if the…
The Deep-Learning Algorithm Can Guess an ATM PIN, Even With Keypads Covered on Latest Hacking News.
New Attack Let Attacker Collect and Spoof Browser's Digital Fingerprints
A "potentially devastating and hard-to-detect threat" could be abused by attackers to collect users' browser fingerprinting information with the goal of spoofing the victims without their knowledge, thus effectively compromising their privacy. Academics from Texas A&M University dubbed the attack system "Gummy Browsers," likening it to a nearly 20-year-old "Gummy Fingers" technique that can
Hardware-grade enterprise authentication without hardware: new SIM security solution for IAM
The average cost of a data breach, according to the latest research by IBM, now stands at USD 4.24 million, the highest reported. The leading cause? Compromised credentials, often caused by human error. Although these findings continue to show an upward trend in the wrong direction, the challenge itself is not new. What is new is the unprecedented and accelerated complexity of securing the
LightBasin Hacking Group Switches Focus From Windows To Linux To Target Telecom Sector
The threat actors identified as LightBasin have been targeting the telecom sector for several years.…
LightBasin Hacking Group Switches Focus From Windows To Linux To Target Telecom Sector on Latest Hacking News.
HTTPA – Taking HTTPS Security To The Next Level
Now that the world has recognized the importance of HTTPS, it’s time to move further…
HTTPA – Taking HTTPS Security To The Next Level on Latest Hacking News.
Microsoft Warns of Continued Supply-Chain Attacks by the Nobelium Hacker Group
Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind a new wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"
Gummy Browsers – An Attack Exploiting Browser Fingerprinting
While browser fingerprinting has long been a privacy-intrusive technique for users, it can now pose…
Gummy Browsers – An Attack Exploiting Browser Fingerprinting on Latest Hacking News.
How To Build A Cybersecurity Program From Scratch
There are several steps to build a cybersecurity program from scratch. The cost of cybersecurity…
How To Build A Cybersecurity Program From Scratch on Latest Hacking News.
Hackers Exploited Popular BillQuick Billing Software to Deploy Ransomware
Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that's being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully
NYT Journalist Repeatedly Hacked with Pegasus after Reporting on Saudi Arabia
The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group's Pegasus spyware tool over a three-year period stretching between June 2018 to June 2021, resulting in infections twice in July 2020 and June 2021. The University of Toronto's Citizen Lab, which publicized the findings on Sunday, said the "targeting took place while he was reporting on Saudi Arabia, and
Saturday, 23 October 2021
Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks
Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in
Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what's the latest action taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by Reuters, quoting multiple private-sector cyber experts working with the
Friday, 22 October 2021
Week in security with Tony Anscombe
How to break into cybersecurity – Is your password easy to guess? – Shining a spotlight on the security risks of shadow IT
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
What’s lurking in the shadows? How to manage the security risks of shadow IT
Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era
The post What’s lurking in the shadows? How to manage the security risks of shadow IT appeared first on WeLiveSecurity
Popular NPM Package Hijacked to Publish Crypto-mining Malware
The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source library saw three
'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a "lone wolf" threat actor operating a Lahore-based fake IT company called Bunse
Hackers Set Up Fake Company to Get IT Experts to Launch Ransomware Attacks
The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme. "With FIN7's latest fake company, the criminal group leveraged true, publicly available information from various legitimate cybersecurity
Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware "FiveSys," calling out its possible credential theft and in-game-purchase hijacking
Thursday, 21 October 2021
Cybersecurity careers: What to know and how to get started
Want to help make technology safer for everyone? Love solving puzzles? Looking for a rewarding career? Break into cybersecurity! Insights from ESET researchers Aryeh Goretsky and Cameron Camp will put you on the right track.
The post Cybersecurity careers: What to know and how to get started appeared first on WeLiveSecurity
Before and After a Pen Test: Steps to Get Through It
An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can also help validate remedial
Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer
A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version of the software running version 5.70. "This
Product Overview: Cynet SaaS Security Posture Management (SSPM)
Software-as-a-service (SaaS) applications have gone from novelty to business necessity in a few short years, and its positive impact on organizations is clear. It’s safe to say that most industries today run on SaaS applications, which is undoubtedly positive, but it does introduce some critical new challenges to organizations. As SaaS application use expands, as well as the number of
Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices
Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question — named okhsa, klow, and klown — were published by the same
LINE App Admits Limited Mishandling Of User Data – Elaborates On Data Sharing Policies
The Japanese messaging service LINE has recently shared details about the mishandling of users’ data…
LINE App Admits Limited Mishandling Of User Data – Elaborates On Data Sharing Policies on Latest Hacking News.
U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes
The U.S. Commerce Department on Wednesday announced new rules barring the sales of hacking software and equipment to authoritarian regimes and potentially facilitate human rights abuse for national security (NS) and anti-terrorism (AT) reasons. The mandate, which is set to go into effect in 90 days, will forbid the export, reexport and transfer of "cybersecurity items" to countries of "national
Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts
Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's Threat Analysis Group (TAG), which said it disrupted financially motivated phishing campaigns targeting
Wednesday, 20 October 2021
Two Eastern Europeans Sentenced for Providing Bulletproof Hosting to Cyber Criminals
Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, have been each sentenced to 24 months and 48 months in prison,
Brave browser replaces Google with its own search engine
Brave Search will become the default search option for new users in the US, UK, Canada, Germany and France, with more countries to follow soon
The post Brave browser replaces Google with its own search engine appeared first on WeLiveSecurity
1Password Launches Psst! Tool For Secure Password Sharing
The popular password manager 1password has now come up with a new strategy to keep…
1Password Launches Psst! Tool For Secure Password Sharing on Latest Hacking News.
Critical Vulnerability Cripples Visual Tools DVR Allowing RCE Attacks
Researchers have found a serious vulnerability in the Visual Tools DVR that threatens user security.…
Critical Vulnerability Cripples Visual Tools DVR Allowing RCE Attacks on Latest Hacking News.
5 Website Security Tips
As hackers continue to find more sophisticated ways to exploit site vulnerabilities, it is critical…
5 Website Security Tips on Latest Hacking News.
Researchers Break Intel SGX With New 'SmashEx' CPU Attack Technique
A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems. The vulnerability (CVE-2021-0186, CVSS score: 8.2) was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense
OWASP's 2021 List Shuffle: A New Battle Plan and Primary Foe
Code injection attacks, the infamous king of vulnerabilities, have lost the top spot to broken access control as the worst of the worst, and developers need to take notice. In this increasingly chaotic world, there have always been a few constants that people could reliably count on: The sun will rise in the morning and set again at night, Mario will always be cooler than Sonic the Hedgehog, and
LightBasin Hackers Breach at Least 13 Telecom Service Providers Since 2019
A highly sophisticated adversary named LightBasin has been identified as behind a string of attacks targeting the telecom sector with the goal of collecting "highly specific information" from mobile communication infrastructure, such as subscriber information and call metadata. "The nature of the data targeted by the actor aligns with information likely to be of significant interest to signals
Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices
Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism. Tracked as CVE-2021-42299 (CVSS score: 5.6), the issue has been codenamed "TPM Carte Blanche" by Google software engineer Chris
Tuesday, 19 October 2021
$5.2 billion worth of Bitcoin transactions possibly tied to ransomware
Threat actors are increasingly using advanced tactics to obfuscate and launder their illicit gains, a report by the US Government finds
The post $5.2 billion worth of Bitcoin transactions possibly tied to ransomware appeared first on WeLiveSecurity
A recipe for failure: Predictably poor passwords
Security professionals advise to never use ‘beef stew’ as a password. It just isn’t stroganoff.
The post A recipe for failure: Predictably poor passwords appeared first on WeLiveSecurity
Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine. Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used
Subscribe to:
Posts (Atom)