There are new articles available, click to refresh the page.
Yesterday β€” 20 January 2022The Hacker News

Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers

20 January 2022 at 13:18
An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could have been exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, whoΒ discoveredΒ and reported theΒ twoΒ flawsΒ last year, said the issues

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

20 January 2022 at 10:20
A coordinated law enforcement operation has resulted in the arrest of 11 members allegedly belonging to a Nigerian cybercrime gang notorious for perpetrating business email compromise (BEC) attacks targeting more than 50,000 victims in recent years. The disruption of the BEC network is the result of a ten-day investigation dubbedΒ Operation Falcon IIΒ undertaken by the Interpol along with

A Trip to the Dark Site β€” Leak Sites Analyzed

20 January 2022 at 07:30
Gone are the days when ransomware operators were happy with encrypting files on-site and more or less discretely charged their victims money for a decryption key. What we commonly find now is encryption with the additional threat of leaking stolen data, generally called Double-Extortion (or, as we like to call it: Cyber Extortion or Cy-X). This is a unique form of cybercrime in that we can

DoNot Hacking Team Targeting Government and Military Entities in South Asia

20 January 2022 at 07:41
A threat actor with potential links to an Indian cybersecurity company has been nothing if remarkably persistent in its attacks against military organizations based in South Asia, including Bangladesh, Nepal, and Sri Lanka, since at least September 2020 by deploying different variants of its bespoke malware framework. Slovak cybersecurity firm ESET attributed the highly targeted attack to a

New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets

20 January 2022 at 05:26
A new evasive crypto wallet stealer named BHUNT has been spotted in the wild with the goal of financial gain, adding to a list of digital currency stealing malware such as CryptBot,Β Redline Stealer, andΒ WeSteal. "BHUNT is a modular stealer written in .NET, capable of exfiltrating wallet (Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, Litecoin wallets) contents, passwords stored in the

Microsoft: Hackers Exploiting New SolarWinds Serv-U Bug Related to Log4j Attacks

20 January 2022 at 04:57
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked asΒ CVE-2021-35247Β (CVSS score: 5.3), the issue is an "input validation vulnerability that could allow attackers to build a query given some input and send that query
Before yesterdayThe Hacker News

Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute Malware

19 January 2022 at 14:31
Potential connections between a subscription-based crimeware-as-a-service (Caas) solution and a cracked copy of Cobalt Strike have been established in what the researchers suspect is being offered as a tool for its customers to stage post-exploitation activities. Prometheus, as the service is called, first came to light in August 2021 when cybersecurity company Group-IB disclosed details of

Cyber Threat Protection β€” It All Starts with Visibility

19 January 2022 at 14:30
Just as animals use their senses to detect danger, cybersecurity depends on sensors to identify signals in the computing environment that may signal danger. The more highly tuned, diverse and coordinated the senses, the more likely one is to detect important signals that indicate danger. This, however, can be a double-edged sword. Too many signals with too little advanced signal processing just

FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks

19 January 2022 at 12:29
The financially motivatedΒ FIN8 actor, in all likelihood, has resurfaced with a never-before-seen ransomware strain called "White Rabbit" that was recently deployed against a local bank in the U.S. in December 2021. That's according to new findings published by Trend Micro, calling out the malware's overlaps with Egregor, which was taken down by Ukrainian law enforcement authorities in February

DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

19 January 2022 at 07:32
An IRCΒ (Internet Relay Chat) bot strain programmed in GoLang is being used to launch distributed denial-of-service (DDoS) attacks targeting users in Korea. "The malware is being distributed under the guise of adult games," researchers from AhnLab's Security Emergency-response Center (ASEC)Β saidΒ in a new report published on Wednesday. "Additionally, the DDoS malware was installed via downloader

Ukraine: Recent Cyber Attacks Part of Wider Plot to Sabotage Critical Infrastructure

19 January 2022 at 06:56
The coordinated cyberattacks targetingΒ Ukrainian government websitesΒ and the deployment of a data-wiper malware calledΒ WhisperGateΒ on select government systems are part of a broader wave of malicious activities aimed atΒ sabotaging critical infrastructureΒ in the country. The Secret Service of Ukraine on Monday confirmed that the two incidents are related, adding the breaches also exploited the

Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts

18 January 2022 at 14:40
Cybersecurity researchers have disclosed details of a now-patched bug in Box's multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification. "Using this technique, an attacker could use stolen credentials to compromise an organization's Box account and exfiltrate sensitive data without access to the victim's phone," Varonis researchersΒ said

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

18 January 2022 at 13:23
VPNLab.net, aΒ VPN providerΒ that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 and rendering it inoperable as part of a disruptive action that took place across Germany, the

Don't Use Public Wi-Fi Without DNS Filtering

18 January 2022 at 13:10
Providing public Wi-Fi is a great service to offer your customers as it becomes more and more standard in today's society. I like the fact that I do not have to worry about accessing the Internet while I am away, or spending a lot of money on an international connection, or just staying offline while I am away. With public Wi-Fi, modern life has become a constant connection to the Internet,

Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors

18 January 2022 at 08:02
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. "The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in Hong Kong, COVID-

Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central

18 January 2022 at 05:13
Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked asΒ CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "may allow an attacker to read unauthorized data or write an arbitrary zip

Chrome Limits Websites' Direct Access to Private Networks for Security Reasons

17 January 2022 at 13:33
Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases consisting of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification called

Dark Web's Largest Marketplace for Stolen Credit Cards is Shutting Down

17 January 2022 at 08:08
UniCC, the biggest dark web marketplace for stolen credit and debit cards, has announced that it's shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. "Don't build any conspiracy theories about us leaving," the anonymous operators of UniCC said in a farewell posted on dark web carding forums, according to

High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites

17 January 2022 at 05:18
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. "This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could trick a site's administrator into performing an action, such as clicking on a