HackDig : Dig high-quality web security articles

Identity Reveal: Threat Actor Behind Golden Chicken Malware Service Exposed

Researchers have identified the real-world identity of the threat actor behind Golden Chickens Malware-as-a-Service (MaaS), known as “badbullzvenom.”A 16-month-long investigation by eSentire’s Threat Response Unit revealed multiple instances of the badbullzvenom account being shared between two individuals.The second threat actor, Frapstar,
Publish At:2023-01-30 12:10 | Read:26923 | Comments:0 | Tags:Cybersecurity News

SwiftSlicer New Data-Wiping Malware Attacks Windows Operating Systems

Researchers discovered a new attack on a Ukrainian target performed by Russian threat actors that used a new wiper malware that compromises the Windows operating system.SwiftSlicer, as the new malware was named, is attributed to the Sandworm malicious group known to work for the Russian General Staff Main Intelligence Directorate (GRU).More on the New SwiftS
Publish At:2023-01-30 12:10 | Read:34192 | Comments:0 | Tags:Cybersecurity News

New Mimic Ransomware Uses Windows Search Engine to Find and Encrypt Files

Cybersecurity researchers uncovered a new strain of ransomware named Mimic. Mimic uses Everything API, a file search tool for Windows, to search for files to encrypt.Some of the code in Mimic is similar to that found in Conti, whose source code was leaked to a Ukrainian researcher in March 2022.As a sophisticated malware, Mimic can eliminate shadow copies, s
Publish At:2023-01-30 12:10 | Read:25647 | Comments:0 | Tags:Cybersecurity News ransomware

Aurora Infostealer Malware Deploys Shapeshifting Tactics

One of the most recent finds exposed the Aurora Stealer malware imitating popular applications to infect as many users as possible.Cyble researchers were able to determine that, in order to target a variety of well-known applications, the threat actors are actively changing and customizing their phishing websites. Aurora targets data from web browsers and cr
Publish At:2023-01-27 12:10 | Read:60697 | Comments:0 | Tags:Cybersecurity News

FBI Closes Down Hive Ransomware Gang: What Does This Mean for the Security Landscape?

Federal authorities have taken down a website run by a notorious ransomware gang known to extort millions of dollars from victims as part of a global cybercrime operation.The FBI seized a cache of computer servers supporting the Hive group in Los Angeles late Wednesday, according to Attorney General Merrick Garland. At the same time, foreign law enforcement
Publish At:2023-01-27 08:12 | Read:42908 | Comments:0 | Tags:Cybersecurity News FBI security ransomware

Security Flaws Disclosed in Samsung’s Galaxy Store App for Android

Flaws found in the Galaxy App Store gave attackers the ability to install apps without the user’s knowledge and send them to malicious sites.Samsung was notified regarding flaws CVE-2023-21433 and CVE-2023-21434, in November and December 2022. After flagging the first bug as high and the second one as moderate risk, the company announced fixing both, o
Publish At:2023-01-27 08:12 | Read:44525 | Comments:0 | Tags:Cybersecurity News security android

Lazarus Group Is Responsible for $100 Million Cryptocurrency Theft

The Federal Bureau of Investigation (FBI) has confirmed that the cyberattacks on Harmony Horizon, which resulted in the theft of $100 million worth of Ethereum, were coordinated by North Korean state-sponsored hacking group, Lazarus.The North Korean APT has moved $63.5 million from the Harmony Horizon hack it was responsible for last year.1/2 North Korea’s L
Publish At:2023-01-26 08:12 | Read:52294 | Comments:0 | Tags:Cybersecurity News

How Hackers Used Legitimate Software to Breach U.S. Federal Agencies

A phishing scam using legitimate remote monitoring and management (RMM) software was used to target at least two federal agencies in the U.S.Specifically, cyber-criminal actors sent phishing emails that led to the download of legitimate RMM software – ScreenConnect (now ConnectWise Control) and AnyDesk – which they then used in a refund scam to s
Publish At:2023-01-26 08:12 | Read:50925 | Comments:0 | Tags:Cybersecurity News hack

Killnet Russian Hacking Group Launches DDoS Attacks on German Websites

On January 25th, Killnet Russian activist threat group put several German websites offline after performing a DDoS attack.The hackers claimed they targeted government websites, banks, and airports as a reaction to Germany`s decision to supply Ukraine with 2 Leopard tanks. According to Germany’s BSI cyber agency, the attack campaign had low, short-term effect
Publish At:2023-01-26 08:12 | Read:54106 | Comments:0 | Tags:Cybersecurity News DDOS hack

Riot Games Receives a $10 Million Ransom Demand

Last week, video game developer Riot Games, which is behind popular games such as League of Legends and Valorant had its development environment compromised by threat actors through a social engineering attack. This week, the attackers demanded a $10 million ransom for source code stolen from League of Legends.The LA-based publisher took to Twitter to declar
Publish At:2023-01-25 08:12 | Read:61697 | Comments:0 | Tags:Cybersecurity News

Google Sued for Monopolizing the Online Ad Market

Google has been sued by the U.S. Justice Department (DOJ) for exploiting its market dominance in online advertising.Tuesday, 24 January 2023, a lawsuit was filed by the DOJ along with eight states: Virginia, California, Colorado, Connecticut, New Jersey, New York, Rhode Island, and Tennessee.Why Is Google in the Wrong?The American firm is accused of buying o
Publish At:2023-01-25 08:12 | Read:79899 | Comments:0 | Tags:Cybersecurity News

DDoS Attacks in 2022 Exceeded All Records, Says Russia’s Largest ISP

The largest Russian ISP, Rostelecom, reports that DDoS attacks against Russian businesses hit an all-time high in 2022.In distributed denial of service attacks (DDoS), threat actors try to make a website or service that uses the internet inaccessible by flooding it with so many requests that the server can’t accept any more connections. This makes the
Publish At:2023-01-25 08:12 | Read:56665 | Comments:0 | Tags:Cybersecurity News DDOS

App Spoofing Ad Fraud Affects 11 Million Devices

An “expansive” adware operation that spoofs over 1,700 apps from 120 publishers and affects around 11 million devices has been stopped by researchers.Dubbed VASTFLUX, the malvertising attack injected malicious JavaScript code into digital ad creatives and allowed threat actors to stack invisible ad videos behind one another to register ad revenue
Publish At:2023-01-23 12:10 | Read:75262 | Comments:0 | Tags:Cybersecurity News

WhatsApp Sanctioned with €5.5 Million Over Enforcing Data-Processing Update

On Thursday, 19 January 2023, The Irish Data Protection Commission (DPC) announced a fine of €5.5 million for WhatsApp over breaking privacy laws when handling users’ private information.Why the Fine Was Issued?The issue of the fine is an update dating from May 2018, just days before the General Data Protection Regulation (GDPR). In that update for Wha
Publish At:2023-01-23 12:10 | Read:169490 | Comments:0 | Tags:Cybersecurity News

T-Mobile API Data Breach Affects 37 Million Customers

T-Mobile announced a new data breach after a threat actor used one of its Application Programming Interfaces to steal personal data from 37 million active postpaid and prepaid customer accounts (APIs).37 Million Accounts ImpactedOn Thursday, the telecommunication giant T-Mobile revealed that it detected malicious activity on January 5, 2023. The attacker sta
Publish At:2023-01-20 12:10 | Read:85089 | Comments:0 | Tags:Cybersecurity News

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud