There are new articles available, click to refresh the page.
Before yesterdayGeneral Security News

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

14 October 2021 at 16:30
Google's Threat Analysis Group (TAG) on ThursdayΒ saidΒ it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33% increase from 2020, the internet giant said, with the spike largelyΒ stemmingΒ from "blocking an

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems

15 October 2021 at 14:10
The U.S. Cybersecurity Infrastructure and Security Agency (CISA) on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities (WWS), highlighting five incidents that occurred between March 2019 and August 2021. "This activityβ€”which includes attempts to compromise system integrity via unauthorized accessβ€”threatens the ability of WWS facilities to provide

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages

15 October 2021 at 14:23
A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers connected to an

Attackers Behind Trickbot Expanding Malware Distribution Channels

15 October 2021 at 14:40
The operators behind the pernicious TrickBot malware have resurfaced with new tricks that aim to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked under the monikers ITG23 and Wizard Spider, has been found to partner with other cybercrime gangs known Hive0105, Hive0106 (aka TA551 or Shathak),

Windows 10, Linux, iOS, Chrome and Many Others at Hacked Tianfu Cup 2021

18 October 2021 at 05:53
Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China. Targets this yearΒ includedΒ Google Chrome running on Windows 10 21H1, Apple Safari running on Macbook Pro, Adobe

REvil Ransomware Gang Goes Underground After Tor Sites Were Compromised

18 October 2021 at 06:49
REvil, the notorious ransomware gang behind a string of cyberattacks in recent years, appears to have gone off the radar once again, a little over a month after the cybercrime group staged a surprise return following a two-month-long hiatus. The development, firstΒ spottedΒ by Recorded Future'sΒ Dmitry Smilyanets, comes after a member affiliated with the REvil operation posted on the XSS hacking

Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting

18 October 2021 at 08:21
Representatives from the U.S., the European Union, and 30 other countries pledged to mitigate the risk of ransomware and harden the financial system from exploitation with the goal of disrupting the ecosystem, calling it an "escalating global security threat with serious economic and security consequences."Β  "From malign operations against local health providers that endanger patient care, to

Cybersecurity Experts Warn of a Rise in Lyceum Hacker Group Activities in Tunisia

19 October 2021 at 06:11
A threat actor, previously known for striking organizations in the energy and telecommunications sectors across the Middle East as early as April 2018, has evolved its malware arsenal to strike two entities in Tunisia. Security researchers at Kaspersky, who presented their findings at the VirusBulletin VB2021 conference earlier this month, attributed the attacks to a group tracked asΒ LyceumΒ (aka

A New Variant of FlawedGrace Spreading Through Mass Email Campaigns

19 October 2021 at 12:03
Cybersecurity researchers on Tuesday took the wraps off a mass volume email attack staged by a prolific cybercriminal gang affecting a wide range of industries, with one of its region-specific operations notably targeting Germany and Austria. Enterprise security firm Proofpoint tied the malware campaign with high confidence toΒ TA505, which is the name assigned to the financially motivated threat

Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services

19 October 2021 at 15:07
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine.Β  Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used

Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices

20 October 2021 at 07:20
Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism. Tracked asΒ CVE-2021-42299Β (CVSS score: 5.6), the issue has been codenamed "TPM Carte Blanche" by Google software engineer Chris

LightBasin Hackers Breach at Least 13 Telecom Service Providers Since 2019

20 October 2021 at 08:01
A highly sophisticated adversary named LightBasin has been identified as behind a string of attacks targeting the telecom sector with the goal of collecting "highly specific information" from mobile communication infrastructure, such as subscriber information and call metadata.Β  "The nature of the data targeted by the actor aligns with information likely to be of significant interest to signals

Researchers Break Intel SGX With New 'SmashEx' CPU Attack Technique

20 October 2021 at 13:27
A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems. The vulnerability (CVE-2021-0186, CVSS score: 8.2) was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense

Two Eastern Europeans Sentenced for Providing Bulletproof Hosting to Cyber Criminals

21 October 2021 at 03:42
Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, have been each sentenced to 24 months and 48 months in prison,

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts

21 October 2021 at 07:03
Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's Threat Analysis Group (TAG), which said it disrupted financially motivated phishing campaigns targeting

U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes

21 October 2021 at 07:43
The U.S. Commerce Department on Wednesday announced new rules barring the sales of hacking software and equipment to authoritarian regimes and potentially facilitate human rights abuse for national security (NS) and anti-terrorism (AT) reasons. TheΒ mandate, which is set to go into effect in 90 days, will forbid the export, reexport and transfer of "cybersecurity items" to countries of "national

Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices

21 October 2021 at 11:00
Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question β€” namedΒ okhsa,Β klow, andΒ klownΒ β€” were published by the same

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

21 October 2021 at 13:16
A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version of the software running version 5.70. "This

Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild

22 October 2021 at 12:41
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware "FiveSys," calling out its possible credential theft and in-game-purchase hijacking