Hackers

Retour à Sécurité

Security Affairs

    • 5 août 2021Conti ransomware affiliate leaked gang’s training material and tools
      An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with the info about one of the operators. An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers of its RaaS, he also published the info about one of the operators. The Conti Ransomware operators offer their services to their affiliates and main …

    • 5 août 2021Cryptominer ELFs Using MSR to Boost Mining Process
      The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver.  By UPTYCS THREAT RESEARCH  Original research by Siddarth Sharma The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and …

    • 5 août 2021Italian energy company ERG hit by LockBit 2.0 ransomware gang
      ERG SPA, an Italian energy company, reports a minor impact on its operations after the recent ransomware attack conducted by LockBit 2.0 gang. Recently the Italian energy company ERG was hit by the LockBit 2.0 ransomware gang, now the company reported “only a few minor disruptions” for its ICT infrastructure. The company is active in the production of wind energy, solar energy, hydroel …

    • 5 août 2021Cisco fixes critical, high severity vulnerabilities in VPN routers
      Cisco fixed critical, high severity pre-auth security vulnerabilities impacting multiple Small Business VPN routers. Cisco addressed critical and high severity pre-auth security vulnerabilities that impact multiple Small Business VPN routers. An attacker could exploit the issues to trigger a denial of service condition or execute commands and arbitrary code on impacted multiple Small Business VPN …

    • 4 août 2021Advanced Technology Ventures discloses ransomware attack and data breach
      The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with more than $1.8 billion in capital under management. The venture capital firm this week disclosed a ransomware attack, threat actors have also stolen …

    • 4 août 2021US CISA and NSA publish guidance to secure Kubernetes deployments
      US CISA and NSA released new guidance that provides recommendations on how to harden Kubernetes deployments and minimize the risk of hack. US CISA and NSA released new guidance that provides recommendations to harden Kubernetes deployments. Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management. In recent months the numbe …

    • 4 août 2021China-linked APT31 targets Russia for the first time
      China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US, and Russia. Researchers from Positive Technologies reported that China-linked APT31 group has been using a new piece of malware in a recent wave of attacks targeting Mongolia, Belarus, Canada, the United States, and Russia. Experts found many similarities between the malware …

    • 4 août 2021INFRA:HALT flaws impact OT devices from hundreds of vendors
      INFRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. Security researchers from security teams at Forescout and JFrog have disclosed today 14 vulnerabilities that impact a popular TCP/IP library named NicheStack commonly used in industrial equipment and Operational Technology (OT) devices manufactured by more than 200 v …

    • 3 août 2021Cyber Defense Magazine – August 2021 has arrived. Enjoy it!
      Cyber Defense Magazine August 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 148 pages of excellent content. Cyber Defense eMagazine August Edition for 2021Grab this PDF version and help fund our operations:https://cyberdefensemagazine.tradepub.com/free/w_cyba125/Here’s the Yumpu Magazine Versionhttps://www.yumpu.com/en/document/read/65794079/cyber-defense- …

    • 3 août 2021China-linked APT groups target telecom companies in Southeast Asia
      China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017. Cybereason researchers identified three clusters of activity associated with China-linked threat actors that carried out a series of attacks against networks of at least five major telecommunications companies located in South Asia since 2017. “The g …

The Hackers News

    • 5 août 2021Salesforce Release Updates — A Cautionary Tale for Security Teams
      On the surface, Salesforce seems like a classic Software-as-a-Service (SaaS) platform. Someone might even argue that Salesforce invented the SaaS market. However, the more people work with the full offering of Salesforce, the more they realize that it goes beyond a traditional SaaS platform’s capabilities. For example, few people talk about managing the security aspects of Salesforce Release …

    • 5 août 2021A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service
      Multiple cybercriminal groups are leveraging a malware-as-a-service (MaaS) solution to distribute a wide range of malicious software distribution campaigns that result in the deployment of payloads such as Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish against individuals in Belgium as well as government agencies, companies, and corporations in the U.S. <!–adsense–>Dubbe …

    • 5 août 2021Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks
      Multiple unpatched security vulnerabilities have been disclosed in Mitsubishi safety programmable logic controllers (PLCs) that could be exploited by an adversary to acquire legitimate user names registered in the module via a brute-force attack, unauthorizedly login to the CPU module, and even cause a denial-of-service (DoS) condition. The security weaknesses, disclosed by Nozomi Networks, …

    • 5 août 2021Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs
      Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition. The issues, tracked as CVE-2021-1609 (CVSS score: 9.8) and CVE-2021-1610 (CVSS score: 7.2), reside in the web-based management interface of the …

    • 5 août 2021Several Malware Families Targeting IIS Web Servers With Malicious Modules
      A systematic analysis of attacks against Microsoft’s Internet Information Services (IIS) servers has revealed as many as 14 malware families, 10 of them newly documented, indicating that the Windows-based web server software continues to be a hotbed for natively developed malware for close to eight years. The findings were presented today by ESET malware researcher Zuzana Hromcova at the Black …

    • 5 août 2021Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus
      An amalgam of multiple state-sponsored threat groups from China may have been behind a string of targeted attacks against Russian federal executive authorities in 2020. The latest research, published by Singapore-headquartered company Group-IB, delves into a piece of computer virus called « Webdav-O » that was detected in the intrusions, with the cybersecurity firm observing similarities between …

    • 4 août 2021New Chinese Spyware Being Used in Widespread Cyber Espionage Attacks
      A threat actor presumed to be of Chinese origin has been linked to a series of 10 attacks targeting Mongolia, Russia, Belarus, Canada, and the U.S. from January to July 2021 that involve the deployment of a remote access trojan (RAT) on infected systems, according to new research. The intrusions have been attributed to an advanced persistent threat named APT31 (FireEye), which is tracked by the …

    • 4 août 2021Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices
      Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology (OT) devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical infrastructure sectors. The shortcomings, collectively dubbed « INFRA:HALT, » target NicheStack, potentially …

    • 4 août 2021Chinese Hackers Target Major Southeast Asian Telecom Companies
      Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. « The goal of the attackers behind these intrusions was to gain and maintain continuous access to telecommunication providers and to …

    • 3 août 2021Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs
      As cyber incidents increase in scope and impact, more and more organizations come to realize that outsourcing their defenses is the best practice—significantly increasing the Managed Security Service Provider (MSSP) market opportunities. Until recently, IT integrators, VARs, and MSPs haven’t participated in the growing and profitable MSSP market as it entailed massive investments in …

Dark Reading

WeLiveSecurity

Threatpost

E Hacking News | Latest Hacker News and IT Security News

    • 5 août 2021Over 92% of Pharmaceutical Firms are Prone to Cyber Attacks, New Report Highlights
       Reposify, the leading external attack surface management platform published its Pharmaceutical Industry Attack Surface Exposures Report analyzing the security status of the world’s leading pharmaceutical firms and their 900-plus branches.Data analysts at Reposify examined the data covering a two-week period in March 2021 and discovered that 92% of the pharmaceutical companies had at least on …

    • 5 août 2021 A Silicon Valley Venture Capital Firm Attacked by A Ransomware; Asked for Ransom
      A Silicon Valley advanced technology venture capital organization was hit hard by a ransomware attack in July 2021. The firm with more than $1.8 billion possessions is going through a search operation and fixing its systems. According to the data, malicious actors got access into the system and stole important data including the personal information of the company’s private investors, and lim …

    • 5 août 2021New Robocall Bot on Telegram can Trick Targets Into Giving Up Their Password
       Researchers at CyberNews have identified a new form of automated social engineering tool that can harvest one-time passwords (OTPs) from users in the United States, the United Kingdom, and Canada. Without any direct connection with the victim, the so-called OTP Bot may mislead victims into providing criminals credentials to their bank accounts, email, and other internet services. It’s e …

    • 5 août 2021Lemon Duck Develops into a Botnet Trying Hands-On-Keyboard Attacks
       Throughout the past two years, a fine crypto-mining malware outbreak has developed into a gigantic botnet system and is now experimenting in infiltrated networks using hands-on-keyboard invasions, foreshadowing a serious turn that the group’s controllers could see in the future with ransomware or other risky attacks. The botnet observed by the Israeli security company Guardicore during …

    • 5 août 2021Widespread Cyber Espionage Attacks Use New Chinese Spyware
       According to new research, a threat actor believed to be of Chinese origin was linked to a series of ten attacks from January to July 2021 that involved the deployment of a remote access trojan (RAT) on infected computers and targeted Mongolia, Russia, Belarus, Canada, and the United States. The breaches have been linked to APT31 (FireEye), an advanced persistent threat that has been dubbed …

TechWorm

    • 20 juillet 2021U.S. And Its Allies Accuse China Of Microsoft Exchange Server Hack
      The U.S. and its allies on Monday formally accused China of carrying out a major cyber-attack on Microsoft Exchange servers in March this year, which had affected at least 30,000 organizations globally. The U.S. was joined by NATO, the European Union, the United Kingdom, Australia, Japan, New Zealand, and Canada in condemning the spying, which U.S. Secretary of State Antony Blinken said posed …

    • 11 juin 2021Hackers Breach Gaming Giant EA, Steal Game Source Code And Tools
      Hackers have breached Electronic Arts (EA), one of the world’s biggest video game publishers, and stolen some of its game source code and related internal tools. For those unaware, Electronic Arts develops and publishes games of established franchises, including Battlefield, Need for Speed, The Sims, Medal of Honor series, Titanfall, as well as the EA Sports titles FIFA, Madden NFL, and NBA …

    • 9 juin 2021U.S. Department Of Justice Recovers $2.3M In Bitcoin Paid To Ransomware Hackers
      The U.S. Department of Justice (DOJ) on Monday announced that it has seized 63.7 Bitcoins currently valued at approximately $2.3 million that individuals in a criminal hacking group known as ‘DarkSide’ had extorted from Colonial Pipeline in a ransomware attack last month. For those unaware, a gang of hackers using the DarkSide ransomware variant had hacked into the computer system of Georgia-based …

    • 27 avril 2021Emotet Malware Destroys Itself From Infected PCs Around The World
      European law enforcement on Sunday used a customized Windows Dynamic Link Library (DLL) to automatically wipe off Windows malware Emotet from thousands of infected computers. For those unaware, Emotet, one of the world’s most infamous botnets, is a network of hijacked computers and devices infected with malware and controlled remotely by cybercriminals. This network is then used to send spam and l …

    • 25 avril 2021Apple Hit In A $50 Million Ransomware Hack Attack
      Apple has been targeted in a $50 million ransomware attack following the theft of a sizeable amount of schematics related to manufacturing and engineering of current and future products from Quanta, a Taiwan-based company that serves as one of Apple’s suppliers for MacBooks and other products. The leak, first reported by The Record, was carried out by REvil, a Russian hacking group also known as S …

GBHackers On Security

    • 5 août 2021Hotcobalt – Cobalt Strike DoS Vulnerability Allows Blocking C2 Communication
      Recently, a Cobalt Strike DoS vulnerability has been detected by the security analysts at SentinelOne. Cobalt Strike is a legitimate attack frame that is quite popular and is build for Red Team Operations. According to the report of security analysts, Cobalt Strike denial of service (DoS) vulnerabilities generally enables blocking beacon command-and-control (C2) communication channels […] Th …

    • 4 août 2021Chinese Hackers Attacking Major Telecoms Using Sophisticated Hacking Tools
      The security researchers of Cybereason Nocturnus have recently detected three malicious cyber-espionage campaigns that are targeting the major telecommunication companies all over SouthEast Asia. According to the report, the analysts reported that they have found that in recent years the hackers have nearly targeted five major telecommunications providers in Southeast Asia.  And this attack h …

    • 3 août 2021PwnedPiper- 9 Severe Bugs in Critical Infrastructure Threats 80% of All Major Hospitals in U.S.
      The TransLogic Pneumatic Tubing System (PTS) is used in thousands of hospitals all over the world, and these pipes connect various departments in comprehensive hospitals.  According to the report, this TransLogic system is installed in more than 3,000 hospitals in the US. And all these pipes work effectively as it enables the movement of delicate […] The post PwnedPiper- 9 Severe Bugs i …

    • 3 août 2021Critical Remote Code Execution Bugs Found in Python PyPI Repository
      Though PyPI has a security folio, it still, they don’t have any transparent policy for the vulnerability assessments. As recently, the operators of the official Python Package Index (PyPI) repository has eliminated 8 libraries that contain malicious code. Here, the developers of PyPI have recently fixed the 3 most severe vulnerabilities, one of which allows […] The post Critical Remote …

Cyber Defense Magazine

    • 5 août 2021The Future of Cybersecurity? Just One Word: Automation
      By Dr. Peter Stephenson If you are not better informed, smarter, better equipped, and faster than the adversary, […] The post The Future of Cybersecurity? Just One Word: Automation appeared first on Cyber Defense Magazine. …

    • 4 août 2021Is The Cloud Leaving You Exposed?
      Exploring the public cloud and addressing its unanticipated security challenges By Chuck Slate, Lead Architect, Attivo Networks, Inc. […] The post Is The Cloud Leaving You Exposed? appeared first on Cyber Defense Magazine. …

    • 3 août 2021Reshaping the future of transportation with the ITS World Congress
      The pandemic, lockdowns and economic fallout threw into stark relief the inadequacies of systems and processes worldwide. As […] The post Reshaping the future of transportation with the ITS World Congress appeared first on Cyber Defense Magazine. …

    • 3 août 2021Threat actors leaked data stolen from EA, including FIFA code
      Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after […] The post Threat actors leaked data stolen from EA, including FIFA code appeared first on Cyber Defense Magazine. …

    • 2 août 2021How to Accelerate SecOps efficiency and extend capabilities with XDR
      By Ed Martin, Director of Product Management, Secureworks Security Operations (SecOps) teams have been under pressure since their […] The post How to Accelerate SecOps efficiency and extend capabilities with XDR appeared first on Cyber Defense Magazine. …

blackMORE Ops

    • 22 avril 2021Can’t connect to WiFi in Linux
      So I installed the latest version of Kali Linux from USB into my RAZER Blade 2016 laptop. Took a while as it seems after 5 years on non-stop use and abuse, this laptop is finally slowing down. Oh yes, touchpad was disabled the whole time I was installing but keyboard was just fine. After finishing … The post Can’t connect to WiFi in Linux appeared first on blackMORE Ops. …

    • 18 novembre 2020How to install the noip2 on Ubuntu and run via systemd systemctl (noIP Dynamic Update Client)
      This post attempts to fix that problem by installing required packages to run the make command, install noip2 binary, fix file permissions if missing, create an init.d script for service command, create a systemd file so that we can control it via systemd and finally enable it via systemctl. The post How to install the noip2 on Ubuntu and run via systemd systemctl (noIP Dynamic Update Client) appe …

    • 23 avril 2020Accessing ESXi console screen from an SSH session
      I’ve had this issue many times where Firewall ports to iDrac, iLo or RSA were not open and I couldn’t access VMWare ESXi host’s setup screen (the yellow screen!) to change configuration or even restart it. In every cases, I had SSH access to the ESXi host but then I just couldn’t remember what command … The post Accessing ESXi console screen from an SSH session appear …

    • 23 avril 2020Accessing the RAID setup on an HP Proliant DL380 G7
      When the HP Proliant DL380 G7 boots up the only displayed BIOS options are F9 for Setup, F11 for the boot disk menu, but neither other these take you to the RAID setup. To get to the RAID setup options, when the screen appears showing the F9 and F11 options press F8 every second or … The post Accessing the RAID setup on an HP Proliant DL380 G7 appeared first on blackMORE Ops. …

    • 7 octobre 2019Change IP address in packet capture file (faking IP)
      I’m sure you bumped into situations where you needed to fake IP address in a capture file. This maybe required when you’re trying to send the capture file to someone that you don’t really share your real IP’s with or you just want to change cause you can. If you’ve tried this and looked around the interwebs, you’d surely know that there’s not many guides available and most people would just tell c …

Hacker Ritz

    • 11 janvier 2019New Wifi Hack Method, Easy and Workable on WPA/WPA2 Securities.
      Looking for how to hack WiFi password OR WiFi hacking software?Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers.Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens ‘Atom’ Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols wit …

    • 7 janvier 2019Bitcoin And Cryptocurrency Litigation : A Game Of Future
      Bitcoin and other cryptocurrencies are gaining more attention as days pass. Aside from the advantages that cryptocurrencies have like anonymity and easy international transactions, people are enticed by the fact that it can become a good investment. Apart from trading bitcoins for cash, you can also use bitcoins to buy gift cards, book flights, and hotels, buy furnitu …

    • 20 novembre 2018 Facebook Bug Could Have Exposed Your Private Information
      Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world’s most popular social network at risk.Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for entered …

    • 20 novembre 2018Instagram Bug : Passwords are in Plain Text
      Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.The company recently started notifying affected users of a security bug that resides in a newly offered feature called « Download Your Data » that allows users to download a copy of their data shared on the social media platform, including photos, comments, p …

    • 19 mai 2018Inside one of the largest hacking conferences in Russia
      Inside one of the largest hacking conferences in RussiaABC NewsWATCHHackers put their skills on display in Moscow conferenceEmailHundreds of aspiring hackers in Moscow faced off against one another earliest this week in different challenges.The event, called Positive Hack Days, is organized by the cybersecurity firm Positive Technologies. More than 4,000 people attended the cybersecurity conferenc …