#HackerNews A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubb...
Monday, November 14, 2022
New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks #Cybersecurity
Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images #Cybersecurity
#HackerNews A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the pu...
Wednesday, November 9, 2022
APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network #Cybersecurity
#HackerNews The Russia-linked APT29 nation-state actor has been found leveraging a "lesser-known" Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity. "The diplomatic-centric targeting is...
Several Cyber Attacks Observed Leveraging IPFS Decentralized Network #Cybersecurity
#HackerNews A number of phishing campaigns are leveraging the decentralized Interplanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure, and facilitate other attacks. "Multiple malware families are currently being hoste...
Tuesday, November 8, 2022
Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines #Cybersecurity
#HackerNews The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. "Amadey bot, the malware that is used to install LockBit, is being distributed through two methods: one using a malici...
New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader #Cybersecurity
#HackerNews Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing em...
Monday, November 7, 2022
This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others #Cybersecurity
#HackerNews Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. The existence of the tool, which is buried inside a Help Center...
Saturday, November 5, 2022
Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities #Cybersecurity
#HackerNews Microsoft is warning of an uptick in the nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, ...
Tuesday, November 1, 2022
Critical RCE Vulnerability Reported in ConnectWise Server Backup Solution #Cybersecurity
#HackerNews IT service management software platform ConnectWise has released Software patches for a critical security vulnerability in Recover and R1Soft Server Backup Manager (SBM). The issue, characterized as a "neutralization of Special Eleme...
Friday, October 28, 2022
These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets #Cybersecurity
#HackerNews Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and perf...
Tuesday, October 25, 2022
22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library #Cybersecurity
#HackerNews A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs. Tracked a...
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company #Cybersecurity
#HackerNews The Hive ransomware-as-a-service (RaaS) group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago. The incident is said to have occurred on October 3, 2022. The t...
Friday, October 21, 2022
Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware #Cybersecurity
#HackerNews The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems. In an attack chain detected by Trustwave ...
Wednesday, October 19, 2022
Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access #Cybersecurity
#HackerNews Cybersecurity researchers have shared more details about a now-patched security flaw in Azure Service Fabric Explorer (SFX) that could potentially enable an attacker to gain administrator privileges on the cluster. The vulnerability,...
Tuesday, October 18, 2022
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software #Cybersecurity
#HackerNews HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobal...
Saturday, October 15, 2022
Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack #Cybersecurity
#HackerNews Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the N...
Friday, October 14, 2022
Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month #Cybersecurity
#HackerNews Details have emerged about a now-patched security flaw in Windows Common Log File System (CLFS) that could be exploited by an attacker to gain elevated permissions on compromised machines. Tracked as CVE-2022-37969 (CVSS score: 7.8),...
PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks #Cybersecurity
#HackerNews A proof-of-concept (PoC) exploit code has been made available for the recently disclosed critical security flaw affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager, making it imperative that users move quickly to apply the...
Thursday, October 13, 2022
New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems #Cybersecurity
#HackerNews A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can gener...
New Timing Attack Against NPM Registry API Could Expose Private Packages #Cybersecurity
#HackerNews A novel timing attack discovered against the npm's registry API can be exploited to potentially disclose private packages used by organizations, putting developers at risk of supply chain threats. "By creating a list of possible pack...