Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices

Networking equipment maker Zyxel has pushed security updates for a critical vulnerability affecting some of its business firewall and VPN products that could enable an attacker to take control of the devices. "An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions," the company said in an advisory

Apple Issues Patches for 2 Actively Exploited Zero-Days in iPhone, iPad and Mac Devices

Apple on Thursday rolled out emergency patches to address two zero-day flaws in its mobile and desktop operating systems that it said may have been exploited in the wild. The shortcomings have been fixed as part of updates to iOS and iPadOS 15.4.1, macOS Monterey 12.3.1, tvOS 15.4.1, and watchOS 8.5.1. Both the vulnerabilities have been reported to Apple anonymously. Tracked as CVE-2022-22675,

New Python-based Ransomware Targeting JupyterLab Web Notebooks

Researchers have disclosed what they say is the first-ever Python-based ransomware strain specifically designed to target exposed Jupyter notebooks, a web-based interactive computing platform that allows editing and running programs via a browser. "The attackers gained initial access via misconfigured environments, then ran a ransomware script that encrypts every file on a given path on the

Hackers Increasingly Using 'Browser in a Browser' Technique in Ukraine Related Attacks

A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict. The method, which masquerades as a legitimate domain by simulating a browser window within the browser, makes it possible to mount convincing social

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit (JDK) versions 9 and later and is a bypass for another

QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices

Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library. "An infinite loop vulnerability in OpenSSL has been reported to affect certain QNAP NAS," the company said in an advisory published on March 29, 2022. "If exploited, the vulnerability allows

A mitmproxy Vulnerability Could Allow HTTP Request Smuggling Attacks

A major security vulnerability appeared in the mitmproxy service that allowed an adversary to conduct…

A mitmproxy Vulnerability Could Allow HTTP Request Smuggling Attacks on Latest Hacking News.

The State of Malware Analysis and Responses to Emerging Threats

Cybersecurity breaches have become a persistent threat for organizations in today’s tech-driven world. While companies…

The State of Malware Analysis and Responses to Emerging Threats on Latest Hacking News.

Critical Vulnerability Affecting Western Digital My Cloud OS 5 Devices – Patch Now

Western Digital has recently addressed a critical security vulnerability affecting its My Cloud OS 5…

Critical Vulnerability Affecting Western Digital My Cloud OS 5 Devices – Patch Now on Latest Hacking News.

Improve Your Hacking Skills with 9 Python Courses for Just $39

For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests. It also has a use in the “soft” side of cybersecurity — like scraping the web for compromised data and detecting bugs.  Featuring nine full-length video courses, The Complete 2022 Python Programmer Bundle helps you

Women in tech: Unique insights from a lifelong pursuit of innovation

Leading Slovak computer scientist Mária Bieliková shares her experience working as a woman driving technological innovation and reflects on how to inspire the next generation of talent in tech

The post Women in tech: Unique insights from a lifelong pursuit of innovation appeared first on WeLiveSecurity

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data

The LAPSUS$ data extortion gang announced their return on Telegram after a week-long "vacation," leaking what they claim is data from software services company Globant. "We are officially back from a vacation," the group wrote on their Telegram channel – which has nearly around 54,000 members as of writing – posting images of extracted data and credentials belonging to the company's DevOps

CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DoE) are jointly warning of attacks against internet-connected uninterruptible power supply (UPS) devices by means of default usernames and passwords. "Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when normal power sources are

Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition. Tracked as CVE-2022-22274 (CVSS score: 9.4), the issue has been described as a stack-based buffer overflow in the web management interface of SonicOS that

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks. The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and older. It relates to an authentication bypass vulnerability in the User Portal

New Malware Loader 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners

An unidentified threat actor has been observed employing a "complex and powerful" malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems and potentially facilitating the theft of Discord tokens. "The evidence found on victim networks appears to indicate that the goal of the attacker was to install cryptocurrency mining software on victim machines,"

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation

Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an "advanced multi-layered virtual machine" used by the malware to fly under the radar. Wslink, as the malicious loader is called, was first documented by Slovak cybersecurity company ESET in October 2021, with very few telemetry hits

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages

A threat actor dubbed "RED-LILI" has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules. "Customarily, attackers use an anonymous disposable NPM account from which they launch their attacks," Israeli security company Checkmarx said. "As it seems this time, the attacker has fully-automated the process

New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack

An independent security researcher has shared what's a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to the cyber incident at Okta in late January 2022. In a set of screenshots posted on Twitter, Bill Demirkapi published a two-page "intrusion timeline" allegedly prepared by Mandiant, the cybersecurity firm hired by

Severe XSS Vulnerability Found In Microweber CMS

Researchers found a severe cross-site scripting (XSS) vulnerability in Microweber CMS. Exploiting the bug could…

Severe XSS Vulnerability Found In Microweber CMS on Latest Hacking News.

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IceID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers. "The emails use a social engineering technique of conversation hijacking (also known as thread hijacking)," Israeli company Intezer said in a report shared with

Of Cybercriminals and IP Addresses

You don't like having the FBI knocking on your door at 6 am in the morning. Surprisingly, nor does your usual cybercriminal. That is why they hide (at least the good ones), for example, behind layers of proxies, VPNs, or TOR nodes. Their IP address will never be exposed directly to the target's machine. Cybercriminals will always use third-party IP addresses to deliver their attacks. There are

Trojanized Crypto Wallets Flood Android And iOS App Stores

Heads up, crypto users! A flurry of trojanized crypto wallets mimicking popular services has emerged…

Trojanized Crypto Wallets Flood Android And iOS App Stores on Latest Hacking News.

'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

The operators of the Purple Fox malware have retooled their malware arsenal with a new variant of a remote access trojan called FatalRAT, while also simultaneously upgrading their evasion mechanisms to bypass security software. "Users' machines are targeted via trojanized software packages masquerading as legitimate application installers," Trend Micro researchers said in a report published on

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data store that could be abused to achieve remote code execution on the underlying machine. The

Latest Google Chrome Update Fixed Another Zero-Day Flaw

Heads up Chrome users! Google has just pushed another update to its Chrome browser, once…

Latest Google Chrome Update Fixed Another Zero-Day Flaw on Latest Hacking News.

Azurite – An Azure AD Enumeration Tool

What is Azurite? This one’s a doozy folks. With the rapid growth of cloud infrastructure…

Azurite – An Azure AD Enumeration Tool on Latest Hacking News.

FCC Adds Kaspersky and Chinese Telecom Firms to National Security Threat List

The U.S. Federal Communications Commission (FCC) on Friday moved to add Russian cybersecurity company Kaspersky Lab to the "Covered List" of companies that pose an "unacceptable risk to the national security" of the country. The development marks the first time a Russian entity has been added to the list that's been otherwise dominated by Chinese telecommunications firms. Also added alongside

Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion

A Chinese-speaking threat actor called Scarab has been linked to a custom backdoor dubbed HeaderTip as part of a campaign targeting Ukraine since Russia embarked on an invasion last month, making it the second China-based hacking group after Mustang Panda to capitalize on the conflict. "The malicious activity represents one of the first public examples of a Chinese threat actor targeting Ukraine

Week in security with Tony Anscombe

ESET discovers Mustang Panda's Hodur trojan – Crypto malware targeting Android and iOS users alike – Nation-state digital deterrent

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine. An anonymous researcher has been credited with reporting the bug on March 23, 2022. Type confusion errors,

Week in security with Tony Anscombe

ESET discovers Mustang Panda's Hodur trojan – Crypto malware targeting Android and iOS users alike – Nation-state digital deterrent

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

U.S. Charges 4 Russian Govt. Employees Over Hacking Critical Infrastructure Worldwide

The U.S. government on Thursday released a cybersecurity advisory outlining multiple intrusion campaigns conducted by state-sponsored Russian cyber actors from 2011 to 2018 that targeted the energy sector in the U.S. and beyond. "The [Federal Security Service] conducted a multi-stage campaign in which they gained remote access to U.S. and international Energy Sector networks, deployed

7 Suspected Members of LAPSUS$ Hacker Gang, Aged 16 to 21, Arrested in U.K.

The City of London Police has arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang that's linked to a recent burst of attacks targeting NVIDIA, Samsung, Ubisoft, LG, Microsoft, and Okta. The development, which was first disclosed by BBC News, comes after a report from Bloomberg revealed that a 16-year-old Oxford-based

Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users

Researchers have blown the lid off a sophisticated malicious scheme primarily targeting Chinese users via copycat apps on Android and iOS that mimic legitimate digital wallet services to siphon cryptocurrency funds. "These malicious apps were able to steal victims' secret seed phrases by impersonating Coinbase, imToken, MetaMask, Trust Wallet, Bitpie, TokenPocket, or OneKey," said Lukáš Štefanko

North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms

Google's Threat Analysis Group (TAG) on Thursday disclosed that it acted to mitigate threats from two distinct government-backed attacker groups based in North Korea that exploited a recently-uncovered remote code execution flaw in the Chrome web browser. The campaigns, once again "reflective of the regime's immediate concerns and priorities," are said to have targeted U.S. based organizations

Is a nation‑state digital deterrent scenario so far‑fetched?

Why has the conflict in Ukraine not caused the much anticipated global cyber-meltdown?

The post Is a nation‑state digital deterrent scenario so far‑fetched? appeared first on WeLiveSecurity

Crypto malware in patched wallets targeting Android and iOS devices

ESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets

The post Crypto malware in patched wallets targeting Android and iOS devices appeared first on WeLiveSecurity

Chinese APT Hackers Targeting Betting Companies in Southeast Asia

A Chinese-speaking advanced persistent threat (APT) has been linked to a new campaign targeting gambling-related companies in South East Asia, particularly Taiwan, the Philippines, and Hong Kong. Cybersecurity firm Avast dubbed the campaign Operation Dragon Castling, describing its malware arsenal as a "robust and modular toolset." The ultimate motives of the threat actor are not immediately

How to Build a Custom Malware Analysis Sandbox

Before hunting malware, every researcher needs to find a system where to analyze it. There are several ways to do it: build your own environment or use third-party solutions. Today we will walk through all the steps of creating a custom malware sandbox where you can perform a proper analysis without infecting your computer. And then compare it with a ready-made service. Why do you need a malware

Be Aware of What is Out There in Cybersecurity Threats and Protection 2022

Cybersecurity threats are real. Every minute of every day, cybercriminals are hatching up elaborate plans…

Be Aware of What is Out There in Cybersecurity Threats and Protection 2022 on Latest Hacking News.

Researchers Trace LAPSUS$ Cyber Attacks to 16-Year-Old Hacker from England

Authentication services provider Okta on Wednesday named Sitel as the third-party linked to a security incident experienced by the company in late January that allowed the LAPSUS$ extortion gang to remotely take over an internal account belonging to a customer support engineer. The company added that 366 corporate customers, or about 2.5% of its customer base, may have been impacted by the "

Over 200 Malicious NPM Packages Caught Targeting Azure Developers

A new large scale supply chain attack has been observed targeting Azure developers with no less than 218 malicious NPM packages with the goal of stealing personal identifiable information. "After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure NPM scope, by an attacker that employed an automatic script to create accounts

Mustang Panda’s Hodur: Old tricks, new Korplug variant

ESET researchers have discovered Hodur, a previously undocumented Korplug variant spread by Mustang Panda, that uses phishing lures referencing current events in Europe, including the invasion of Ukraine

The post Mustang Panda’s Hodur: Old tricks, new Korplug variant appeared first on WeLiveSecurity

VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control

VMware on Wednesday released software updates to plug two critical security vulnerabilities affecting its Carbon Black App Control platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows systems. Tracked as CVE-2022-22951 and CVE-2022-22952, both the flaws are rated 9.1 out of a maximum of 10 on the CVSS vulnerability scoring system.

New Variant of Chinese Gimmick Malware Targeting macOS Users

Researchers have disclosed details of a newly discovered macOS variant of a malware implant developed by a Chinese espionage threat actor known to strike attack organizations across Asia. Attributing the attacks to a group tracked as Storm Cloud, cybersecurity firm Volexity characterized the new malware, dubbed Gimmick, a "feature-rich, multi-platform malware family that uses public cloud

Use This Definitive RFP Template to Effectively Evaluate XDR solutions

A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the evolution of Endpoint

Over 200,000 MicroTik Routers Worldwide Are Under the Control of Botnet Malware

Vulnerable routers from MikroTik have been misused to form what cybersecurity researchers have called one of the largest botnet-as-a-service cybercrime operations seen in recent years.  According to a new piece of research published by Avast, a cryptocurrency mining campaign leveraging the new-disrupted Glupteba botnet as well as the infamous TrickBot malware were all distributed using the same

Most Important Facts You Need To Know About Cyber Security in the Cloud

Cyber Security is not just about protecting your network. It’s also about securing your data…

Most Important Facts You Need To Know About Cyber Security in the Cloud on Latest Hacking News.

Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group

Microsoft on Tuesday confirmed that the LAPSUS$ extortion-focused hacking crew had gained "limited access" to its systems, as authentication services provider Okta revealed that nearly 2.5% of its customers have been potentially impacted in the wake of the breach. "No customer code or data was involved in the observed activities," Microsoft's Threat Intelligence Center (MSTIC) said, adding that

How To Do Preemptive Cybersecurity

Preventing cybersecurity threats should be a top priority for any organization, large or small. By…

How To Do Preemptive Cybersecurity  on Latest Hacking News.

Browser-in-The-Browser Attack – A New Phishing Strategy

A security researcher has devised a new browser exploitation technique that can trigger phishing attacks.…

Browser-in-The-Browser Attack – A New Phishing Strategy on Latest Hacking News.

LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta

Microsoft and authentication services provider Okta said they are investigating claims of a potential breach alleged by the LAPSUS$ extortionist gang. The development, which was first reported by Vice and Reuters, comes after the cyber criminal group posted screenshots and source code of what it said were the companies' internal projects and systems on its Telegram channel. The leaked 37GB

Wazuh Offers XDR Functionality at a Price Enterprises Will Love — Free!

Back in 2018, Palo Alto Networks CTO and co-founder Nir Zuk coined a new term to describe the way that businesses needed to approach cybersecurity in the years to come. That term, of course, was extended detection and response (XDR). It described a unified cybersecurity infrastructure that brought endpoint threat detection, network analysis and visibility (NAV), access management, and more under

U.S. Government Warns Companies of Potential Russian Cyberattacks

The U.S. government on Monday once again cautioned of potential cyber attacks from Russia in retaliation for economic sanctions imposed by the west on the country following its military assault on Ukraine last month. "It's part of Russia's playbook," U.S. President Joe Biden said in a statement, citing "evolving intelligence that the Russian Government is exploring options." The development

New Dell BIOS Bugs Affect Millions of Inspiron, Vostro, XPS, Alienware Systems

Five new security weaknesses have been disclosed in Dell BIOS that, if successfully exploited, could lead to code execution on vulnerable systems, joining the likes of firmware vulnerabilities recently uncovered in Insyde Software's InsydeH2O and HP Unified Extensible Firmware Interface (UEFI). Tracked as CVE-2022-24415, CVE-2022-24416, CVE-2022-24419, CVE-2022-24420, and CVE-2022-24421, the

Sandworm: A tale of disruption told anew

As the war rages, the APT group with a long résumé of disruptive cyberattacks enters the spotlight again

The post Sandworm: A tale of disruption told anew appeared first on WeLiveSecurity

In Cyber Warfare, Everyone Worldwide Can Become Collateral Damage

As Russia attacked Ukraine, global leaders have been very careful in making statements that could…

In Cyber Warfare, Everyone Worldwide Can Become Collateral Damage on Latest Hacking News.

Researchers Find CryptoRom Scam Active Via Sideloaded Apps

After targeting mobile users for about a year, the CryptoRom scam is again active in…

Researchers Find CryptoRom Scam Active Via Sideloaded Apps on Latest Hacking News.

VPN For Streaming – Do You Need One?

It’s safe to say that streaming services like Netflix and HBO Go have changed the…

VPN For Streaming – Do You Need One? on Latest Hacking News.

New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable

A novel phishing technique called browser-in-the-browser (BitB) attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks. According to penetration tester and security researcher, who goes by the handle mrd0x_, the method takes advantage of third-party single sign-on (SSO) options

New Backdoor Targets French Entities via Open-Source Package Installer

Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attributed the attacks to a likely advanced threat actor based on the tactics and the victimology patterns

'CryptoRom' Crypto Scam Abusing iPhone Features to Target Mobile Users

Social engineering attacks leveraging a combination of romantic lures and cryptocurrency fraud have been luring unsuspecting victims into installing fake apps by taking advantage of legitimate iOS features like TestFlight and Web Clips. Cybersecurity company Sophos, which has named the organized crime campaign "CryptoRom," characterized it as a wide-ranging global scam. "This style of

South Korean DarkHotel Hackers Targeted Luxury Hotels in Macau

Luxury hotels in the Chinese special administrative region of Macau were the target of a malicious spear-phishing campaign from the second half of November 2021 and through mid-January 2022. Cybersecurity firm Trellix attributed the campaign with moderate confidence to a suspected South Korean advanced persistent threat (APT) tracked as DarkHotel, building on research previously published by 

Week in security with Tony Anscombe

ESET Research finds another data wiper in Ukraine – Securing data centers against threats – A cultural divide between the military and Silicon Valley

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Defending the data center: The time to act is now

Cyberattacks against data centers may ultimately be everyone's problem – how prepared are their operators for the heightened risk of cyber-assaults?

The post Defending the data center: The time to act is now appeared first on WeLiveSecurity

Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines

A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. Threat intelligence and incident response firm Mandiant is tracking the cluster under the moniker

Experts Find Some Affiliates of BlackMatter Now Spreading BlackCat Ransomware

An analysis of two ransomware attacks has identified overlaps in the tactics, techniques, and procedures (TTPs) between BlackCat and BlackMatter, indicating a strong connection between the two groups. While it's typical of ransomware groups to rebrand their operations in response to increased visibility into their attacks, BlackCat (aka Alphv) marks a new frontier in that the cyber crime cartel

Google Uncovers 'Initial Access Broker' Working with Conti Ransomware Gang

Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform (CVE-2021-40444) as part of

New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers

ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet's "main purpose is to build an infrastructure for further attacks on high-value targets," given that

The Golden Hour of Incident Response

As a CSIRT consultant, I cannot overemphasize the importance of effectively managing the first hour in a critical incident. Finding out what to do is often a daunting task in a critical incident. In addition, the feeling of uneasiness often prevents an incident response analyst from making effective decisions. However, keeping a cool head and actions planned out is crucial in successfully

Critical Remote Code Execution Vulnerability Found In Parse Server

Researchers have discoverd a critical-severity bug in the opensource tool Parse Server. Exploiting this server…

Critical Remote Code Execution Vulnerability Found In Parse Server on Latest Hacking News.

TrickBot Malware Abusing Hacked IoT Devices as Command-and-Control Servers

Microsoft on Wednesday detailed a previously undiscovered technique put to use by the TrickBot malware that involves using compromised Internet of Things (IoT) devices as a go-between for establishing communications with the command-and-control (C2) servers. "By using MikroTik routers as proxy servers for its C2 servers and redirecting the traffic through non-standard ports, TrickBot adds

Hacking Robots: The Future of Production Poses a Security Risk

The goal of every organization is to find easy and more efficient ways of doing…

Hacking Robots: The Future of Production Poses a Security Risk on Latest Hacking News.

Ukraine Secret Service Arrests Hacker Helping Russian Invaders

The Security Service of Ukraine (SBU) said it has detained a "hacker" who offered technical assistance to the invading Russian troops by providing mobile communication services inside the Ukrainian territory. The anonymous suspect is said to have broadcasted text messages to Ukrainian officials, including security officers and civil servants, proposing that they surrender and take the side of

New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host. "Invocation of CVE-2022-0811 can allow an attacker to perform a variety of actions on objectives, including execution of malware, exfiltration of data, and lateral movement across pods," CrowdStrike

US military vs. Silicon Valley – a cultural divide

The US military knows it needs to speed up technology adoption through optimization, something at the heart of Silicon Valley culture

The post US military vs. Silicon Valley – a cultural divide appeared first on WeLiveSecurity

Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters

Researchers have disclosed an unpatched security vulnerability in "dompdf," a PHP-based HTML to PDF converter, that, if successfully exploited, could lead to remote code execution in certain configurations. "By injecting CSS into the data processed by dompdf, it can be tricked into storing a malicious font with a .php file extension in its font cache, which can later be executed by accessing it

Hackers Spread BazarBackdoor Malware Via Website Contact Forms

Once again, the BazarBackdoor malware is running active campaigns in the wild, running campaigns behind…

Hackers Spread BazarBackdoor Malware Via Website Contact Forms on Latest Hacking News.

German Government Warns Against Using Russia's Kaspersky Antivirus Software

Russian cybersecurity firm Kaspersky on Tuesday responded to an advisory released by Germany's Federal Office of Information Security (BSI) against using the company's security solutions in the country over "doubts about the reliability of the manufacturer." Calling that the decision was made on "political grounds," the company said it will "continue to assure our partners and customers of the

Build Your 2022 Cybersecurity Plan With This Free PPT Template

The end of the year is coming, and it's time for security decision-makers to make plans for 2022 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2022 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an

Multiple Flaws Uncovered in ClickHouse OLAP Database System for Big Data

Researchers have disclosed seven new security vulnerabilities in an open-source database management system solution called ClickHouse that could be weaponized to crash the servers, leak memory contents, and even lead to the execution of arbitrary code. "The vulnerabilities require authentication, but can be triggered by any user with read permissions," Uriya Yavnieli and Or Peles, researchers

Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018

The Irish Data Protection Commission (DPC) on Tuesday slapped Facebook and WhatsApp owner Meta Platforms a fine of €17 million (~$18.6 million) for a series of security lapses that occurred in violation of the European Union's GDPR laws in the region. "The DPC found that Meta Platforms failed to have in place appropriate technical and organizational measures which would enable it to readily

How Does Blockchain Impact the Financial Industry?

Increasing productivity while also reducing dependency on centralized systems is basically what blockchain is all…

How Does Blockchain Impact the Financial Industry? on Latest Hacking News.

Importance Of Data Protection In 2022

Today’s corporate environment is entirely data-driven, where businesses rely on bits and pieces of information…

Importance Of Data Protection In 2022 on Latest Hacking News.

CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks

Two weeks after details emerged about a second data wiper strain delivered in attacks against Ukraine, yet another destructive malware has been detected amid Russia's continuing military invasion of the country. Slovak cybersecurity company ESET dubbed the third wiper "CaddyWiper," which it said it first observed on March 14 around 9:38 a.m. UTC. Metadata associated with the executable ("

Massive DDoS Attack Knocked Israeli Government Websites Offline

A number of websites belonging to the Israeli government were felled in a distributed denial-of-service (DDoS) attack on Monday, rendering the portals inaccessible for a short period of time. "In the past few hours, a DDoS attack against a communications provider was identified," the Israel National Cyber Directorate (INCD) said in a tweet. "As a result, access to several websites, among them

'Dirty Pipe' Linux Flaw Affects a Wide Range of QNAP NAS Devices

Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems. "A local privilege escalation vulnerability, also known as 'Dirty Pipe,' has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x," the company

CaddyWiper: New wiper malware discovered in Ukraine

This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malware taking aim at Ukrainian organizations

The post CaddyWiper: New wiper malware discovered in Ukraine appeared first on WeLiveSecurity

A first look at threat intelligence and threat hunting tools

An overview of some of the most popular open-source tools for threat intelligence and threat hunting

The post A first look at threat intelligence and threat hunting tools appeared first on WeLiveSecurity

3 Ways the Cybercriminals Getcha & How to Be Prepared

On the internet, there are so many things that can go wrong. So much of…

3 Ways the Cybercriminals Getcha & How to Be Prepared on Latest Hacking News.

Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups

A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran's MuddyWater, new research has found. The unusual attack chain involved the abuse of stolen credentials to gain unauthorized access to the victim network, ultimately leading to the deployment of

UK Ferry Service Wightlink Admitted Data Breach

UK’s ferry service operator Wightlink has recently admitted a data breach following a cyberattack. While…

UK Ferry Service Wightlink Admitted Data Breach on Latest Hacking News.

New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access

A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic. Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter

SSL Certificates and PKI Management For Better Your Web Security

Size doesn’t matter when it comes to cyber attacks. Big or small, thousands of websites…

SSL Certificates and PKI Management For Better Your Web Security on Latest Hacking News.

Researchers Find New Evidence Linking Kwampirs Malware to Shamoon APT Hackers

New findings released last week showcase the overlapping source code and techniques between the operators of Shamoon and Kwampirs, indicating that they "are the same group or really close collaborators." "Research evidence shows identification of co-evolution between both Shamoon and Kwampirs malware families during the known timeline," Pablo Rincón Crespo of Cylera Labs said. "If Kwampirs is

Sparta- A Network Scanning and Enumeration Tool

What Is Sparta? Sparta, created by SECFORCE is the ultimate tool for recon and network…

Sparta- A Network Scanning and Enumeration Tool on Latest Hacking News.

Legion By GoVanguard- An Automated Reconnaissance Tool

What is Legion Legion is a semi-automated easy to use network penetration testing framework that…

Legion By GoVanguard- An Automated Reconnaissance Tool on Latest Hacking News.

Week in security with Tony Anscombe

Gray zone conflicts in cyberspace – Can you identify fake news? – Top cybersecurity threats for the healthcare sector

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield

Ukraine has been under cyber-fire for years now – here’s what you should know about various disruptive cyberattacks that have hit the country since 2014

The post ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield appeared first on WeLiveSecurity

1Password Raise Bug Bounty Rewards To $1 Million

The popular password management solution 1Password has announced expanding its highest bounty reward limits. Onwards,…

1Password Raise Bug Bounty Rewards To $1 Million on Latest Hacking News.

Russian Pushing New State-run TLS Certificate Authority to Deal With Sanctions

The Russian government has established its own TLS certificate authority (CA) to address issues with accessing websites that have arisen in the wake of sanctions imposed by the west following the country's unprovoked military invasion of Ukraine. According to a message posted on the Gosuslugi public services portal, the Ministry of Digital Development is expected to provide a domestic

True or false? How to spot – and stop – fake news

How can you tell fact from fiction and avoid falling for and spreading falsehoods about the war in Ukraine?

The post True or false? How to spot – and stop – fake news appeared first on WeLiveSecurity

Here's How to Find if WhatsApp Web Code on Your Browser Has Been Hacked

Meta Platforms' WhatsApp and Cloudflare have banded together for a new initiative called Code Verify to validate the authenticity of the messaging service's web app on desktop computers. Available in the form of a Chrome and Edge browser extension, the open-source add-on is designed to "automatically verif[y] the authenticity of the WhatsApp Web code being served to your browser," Facebook said 

SharkBot Android Trojan Mimics Legit Apps To Appear On Google Play Store

Heads up, Android users! Another banking malware has attempted to target Android users by impersonating…

SharkBot Android Trojan Mimics Legit Apps To Appear On Google Play Store on Latest Hacking News.

Surfshark Review: A Robust Online Privacy Solution On Budget

Having a VPN today is a must-have for all internet users. But getting one without…

Surfshark Review: A Robust Online Privacy Solution On Budget on Latest Hacking News.

Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign

The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula with the goal of deploying remote access trojans (RATs) on compromised systems. "The MuddyWater supergroup is highly motivated and can use unauthorized access to conduct espionage, intellectual property theft, and deploy ransomware and destructive

SQL Injection Vulnerability Discovered in Moodle

A researcher has recently explained how a vulnerability in the Moodle platform could allow for…

SQL Injection Vulnerability Discovered in Moodle on Latest Hacking News.

New Exploit Bypasses Existing Spectre-v2 Mitigations in Intel, AMD, Arm CPUs

Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm and stage speculative execution attacks such as Spectre to leak sensitive information from host memory. Attacks like Spectre are designed to break the isolation between different applications by taking advantage of an optimization technique 

Ukrainian Hacker Linked to REvil Ransomware Attacks Extradited to United States

Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July. The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department (DoJ) to file charges of

Emotet Botnet's Latest Resurgence Spreads to Over 100,000 Computers

The insidious Emotet botnet, which staged a return in November 2021 after a 10-month-long hiatus, is once again exhibiting signs of steady growth, amassing a swarm of over 100,000 infected hosts for perpetrating its malicious activities. "While Emotet has not yet attained the same scale it once had, the botnet is showing a strong resurgence with a total of approximately 130,000 unique bots

The Incident Response Plan - Preparing for a Rainy Day

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening.  Just as it wasn’t raining when Noah built the ark, companies must face the fact

Linux Dirty Pipe Exploit Gives Root Access – Patch Now

Newly discovered vulnerability “Dirty Pipe” vulnerability most Linux distros, giving root access to the attacker…

Linux Dirty Pipe Exploit Gives Root Access – Patch Now on Latest Hacking News.

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included "a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to "an unauthenticated attacker gaining root on these devices." Pascom Cloud Phone System is an

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms

Microsoft's Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP's UEFI firmware. The variety of devices affected includes HP's laptops, desktops, point-of-sale

Critical "Access:7" Supply Chain Vulnerabilities Impact ATMs, Medical and IoT Devices

As many as seven security vulnerabilities have been disclosed in PTC's Axeda software that could be weaponized to gain unauthorized access to medical and IoT devices. Collectively called "Access:7," the weaknesses – three of which are rated Critical in severity – potentially affect more than 150 device models spanning over 100 different manufacturers, posing a significant supply chain risk.

The Continuing Threat of Unpatched Security Vulnerabilities

Unpatched software is a computer code containing known security weaknesses. Unpatched vulnerabilities refer to weaknesses that allow attackers to leverage a known security bug that has not been patched by running malicious code. Software vendors write additions to the codes, known as "patches," when they come to know about these application vulnerabilities to secure these weaknesses. Adversaries

Researchers Warn of Linux Kernel ‘Dirty Pipe’ Arbitrary File Overwrite Vulnerability

Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems. Dubbed "Dirty Pipe" (CVE-2022-0847, CVSS score: 7.8) by IONOS software developer Max Kellermann, the flaw "leads to privilege escalation

Microsoft Azure 'AutoWarp' Bug Could Have Let Attackers Access Customers' Accounts

Details have been disclosed about a now-addressed critical vulnerability in Microsoft's Azure Automation service that could have permitted unauthorized access to other Azure customer accounts and take over control. "This attack could mean full control over resources and data belonging to the targeted account, depending on the permissions assigned by the customer," Orca Security researcher Yanir

Cyber‑readiness in the face of an escalated gray zone conflict

Organizations worldwide should remain on high alert for cyberattacks as the risk of major cyber-spillover from the crisis in Ukraine continues to loom large

The post Cyber‑readiness in the face of an escalated gray zone conflict appeared first on WeLiveSecurity

Tech Advancements That are Boosting Cybersecurity

Technology is constantly evolving. The latest tech could hit the market with flaws all over…

Tech Advancements That are Boosting Cybersecurity on Latest Hacking News.

Understanding How Hackers Recon

Cyber-attacks keep increasing and evolving but, regardless of the degree of complexity used by hackers to gain access, get a foothold, cloak their malware, execute their payload or exfiltrate data, their attack will begin with reconnaissance. They will do their utmost to uncover exposed assets and probe their target's attack surface for gaps that can be used as entry points. So, the first line

Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts

Ukraine's Computer Emergency Response Team (CERT-UA) warned of new phishing attacks aimed at its citizens by leveraging compromised email accounts belonging to three different Indian entities with the goal of compromising their inboxes and stealing sensitive information. The agency cautioned that the emails arrive with the subject line "Увага" (meaning "Attention") and claim to be from a

After NVIDIA, Samsung Are The Next Victims Of Data Theft

Samsung emerges as the latest victim of data theft. Reportedly, the same attackers who targeted…

After NVIDIA, Samsung Are The Next Victims Of Data Theft on Latest Hacking News.

SharkBot Banking Malware Spreading via Fake Android Antivirus App on Google Play Store

The threat actor behind a nascent Android banking trojan named SharkBot has managed to evade Google Play Store security barriers by masquerading as an antivirus app. SharkBot, like its malware counterparts TeaBot, FluBot, and Oscorp (UBEL), belongs to a category of financial trojans capable of siphoning credentials to initiate money transfers from compromised devices by circumventing

2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!

Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild. Tracked as CVE-2022-26485 and CVE-2022-26486, the zero-day flaws have been described as use-after-free issues impacting the Extensible Stylesheet Language Transformations (XSLT) parameter processing and the

Chrome Skype Extension Flaw Threatened User Privacy

A serious security flaw in Microsoft’s Skype extension for Chrome browser risked users’ privacy. Thankfully,…

Chrome Skype Extension Flaw Threatened User Privacy on Latest Hacking News.

New Linux Kernel Cgroups Vulnerability Could Let Attackers Escape Container

Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host. The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical groups,

Imperva Thwarts 2.5 Million RPS Ransom DDoS Extortion Attacks

Cybersecurity company Imperva on Friday said it recently mitigated a ransom distributed denial-of-service (DDoS) attack targeting an unnamed website that peaked at 2.5 million requests per second (RPS). "While ransom DDoS attacks are not new, they appear to be evolving and becoming more interesting with time and with each new phase," Nelli Klepfish, security analyst at Imperva, said. "For

CISA Adds Another 95 Flaws to its Actively Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added 95 more security flaws to its Known Exploited Vulnerabilities Catalog, taking the total number of actively exploited vulnerabilities to 478. "These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise," the agency said in an advisory

Week in security with Tony Anscombe

New malware targeting organizations in Ukraine – How organizations can improve their cyber-resiliency – Scammers taking advantage of the crisis

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

Emergency preparedness: How to disaster‑proof your tech

Here are a few tips that will help you get your ‘go bag’ ready if you have to leave at a moment’s notice and need your communications and data to survive

The post Emergency preparedness: How to disaster‑proof your tech appeared first on WeLiveSecurity

Both Sides in Russia-Ukraine War Heavily Using Telegram for Disinformation and Hacktivism

Cyber criminals and hacktivist groups are increasingly using the Telegram messaging app for their activities, as the Russia-Ukraine conflict enters its eighth day. A new analysis by Israeli cybersecurity company Check Point Research has found that "user volume grew a hundred folds daily on Telegram related groups, peaking at 200,000 per group." Prominent among the groups are anti-Russian cyber

ESET Research Podcast: Ukraine’s past and present cyberwar

Press play to hear Aryeh Goretsky, Jean-Ian Boutin and Robert Lipovsky discuss how recent malware attacks in Ukraine tie into years of cyberattacks against the country

The post ESET Research Podcast: Ukraine’s past and present cyberwar appeared first on WeLiveSecurity

Critical Patches Issued for Cisco Expressway Series, TelePresence VCS Products

Cisco this week shipped patches to address a new round of critical security vulnerabilities affecting Expressway Series and Cisco TelePresence Video Communication Server (VCS) that could be exploited by an attacker to gain elevated privileges and execute arbitrary code. The two flaws – tracked as CVE-2022-20754 and CVE-2022-20755 (CVSS scores: 9.0) – relate to an arbitrary file write and a

How to Automate Offboarding to Keep Your Company Safe

In the midst of 'The Great Resignation,' the damage from employees (or contractors) leaving an organization might be one of the greatest risks facing IT teams today. The reality is that in the busy enterprise computing environment, user onboarding and offboarding is a fact of daily life.  When employee counts range into the five-figure territory — and entire networks of contractors have to be

Cybercrime Lurks During Tax Season with New Rules Around Cryptocurrency

Grayson Milbourne, Security Intelligence Director at Webroot, an OpenText company  With less than two months…

Cybercrime Lurks During Tax Season with New Rules Around Cryptocurrency on Latest Hacking News.

Hacking iOS vs Android: Which Generates Most Interest?

One of the world’s leading two-factor authentication firms has used search data to reveal which…

Hacking iOS vs Android: Which Generates Most Interest? on Latest Hacking News.

Hackers Who Broke Into NVIDIA's Network Leak DLSS Source Code Online

American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling (DLSS) technology. "We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the

Report: Nearly 75% of Infusion Pumps Affected by Severe Vulnerabilities

An analysis of data crowdsourced from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% of those medical devices contain security weaknesses that could put them at risk of potential exploitation. "These shortcomings included exposure to one or more of some 40 known cybersecurity vulnerabilities and/or alerts that they had one or

U.S. Senate Passes Cybersecurity Bill to Strengthen Critical Infrastructure Security

The U.S. Senate unanimously passed the "Strengthening American Cybersecurity Act" on Tuesday in an attempt to bolster the cybersecurity of critical infrastructure owners in the country. The new bipartisan legislation, among other things, stipulates entities that experience a cyber incident to report the attacks within 72 hours to the U.S. Cybersecurity and Infrastructure Security Agency (CISA),

An in-Depth Guide to Lateral Movement in Cybersecurity

The number of avenues for cyberattacks seems endless, especially during the digital era we’re experiencing…

An in-Depth Guide to Lateral Movement in Cybersecurity on Latest Hacking News.

Innovation and the Roots of Progress

If you look back at the long arc of history, it’s clear that one of the most crucial drivers of real progress in society is innovation

The post Innovation and the Roots of Progress appeared first on WeLiveSecurity

LIVE Webinar: Key Lessons Learned from Major Cyberattacks in 2021 and What to Expect in 2022

With the COVID-19 pandemic continuing to impact, and perhaps permanently changing, how we work, cybercriminals again leveraged the distraction in new waves of cyberattacks. Over the course of 2021 we saw an increase in multiple attack approaches; some old, some new. Phishing and ransomware continued to grow from previous years, as expected, while new attacks on supply chains and

Critical Bugs Reported in Popular Open Source PJSIP SIP and Media Stack

As many as five security vulnerabilities have been disclosed in the PJSIP open-source multimedia communication library that could be abused by an attacker to trigger arbitrary code execution and denial-of-service (DoS) in applications that use the protocol stack. The weaknesses were identified and reported by JFrog's Security Research team, following which the project maintainers released

Critical Security Bugs Uncovered in VoIPmonitor Monitoring Software

Critical security vulnerabilities have been uncovered in VoIPmonitor software that, if successfully exploited, could allow unauthenticated attackers to escalate privileges to the administrator level and execute arbitrary commands. Following responsible disclosure by researchers from Kerbit, an Ethiopia-based penetration-testing and vulnerability research firm, on December 15, 2021, the issues

TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps

An Android banking trojan designed to steal credentials and SMS messages has been observed sneaking past Google Play Store protections to target users of more than 400 banking and financial apps from Russia, China, and the U.S. "TeaBot RAT capabilities are achieved via the device screen's live streaming (requested on-demand) plus the abuse of Accessibility Services for remote interaction and

Bridgestone Americas At A Standstill After Facing Cyberattack

The automotive giant Bridgestone Americas Inc. has recently suffered a cyberattack on its systems. Following…

Bridgestone Americas At A Standstill After Facing Cyberattack on Latest Hacking News.

Trickbot Malware Gang Upgrades its AnchorDNS Backdoor to AnchorMail

Even as the TrickBot infrastructure closed shop, the operators of the malware are continuing to refine and retool their arsenal to carry out attacks that culminated in the deployment of Conti ransomware. IBM Security X-Force, which discovered the revamped version of the criminal gang's AnchorDNS backdoor, dubbed the new, upgraded variant AnchorMail. AnchorMail "uses an email-based [

IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine

ESET researchers uncover a new wiper that attacks Ukrainian organizations and a worm component that spreads HermeticWiper in local networks

The post IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine appeared first on WeLiveSecurity

Why You Should Never Use a Free Proxy Server?

Some websites can limit their content from audiences in certain geolocations. To overtake the blockage,…

Why You Should Never Use a Free Proxy Server? on Latest Hacking News.

Mip22- A Phishing Tool for Linux and Android

What is Mip22? Mip22 is a modern and advanced cyber security program for use with…

Mip22- A Phishing Tool for Linux and Android on Latest Hacking News.

Microsoft Finds FoxBlade Malware Hit Ukraine Hours Before Russian Invasion

Microsoft on Monday disclosed that it detected a new round of offensive and destructive cyberattacks directed against Ukraine's digital infrastructure hours before Russia launched its first missile strikes last week. The intrusions involved the use of a never-before-seen malware package dubbed FoxBlade, according to the tech giant's Threat Intelligence Center (MSTIC), noting that it added new

China-linked Daxin Malware Targeted Multiple Governments in Espionage Attacks

A previously undocumented espionage tool has been deployed against selected governments and other critical infrastructure targets as part of a long-running espionage campaign orchestrated by China-linked threat actors since at least 2013. Broadcom's Symantec Threat Hunter team characterized the backdoor, named Daxin, as a technologically advanced malware, allowing the attackers to carry out a