HackDig : Dig high-quality web security articles

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. The instances o
Publish At:2022-05-28 13:15 | Read:105 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware DDoS Gamaredon APT H

The strange link between Industrial Spy and the Cuba ransomware operation

The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping Computer reported the launch of a new dark web marketplace called Industrial Spy that sells stolen data and offers free stolen data to its members. MalwareHunterTeam researchers spotted malware samples [1, 2]
Publish At:2022-05-28 11:07 | Read:61 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cuba Ransomware Cy

GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials. GitHub provided additional details about the incident that suffered in April, the attackers were able to steal nearly 100K NPM users’ credentials. In April, GitHub uncovered threat actors usin
Publish At:2022-05-28 07:09 | Read:117 | Comments:0 | Tags:Breaking News Hacking GitHub hacking news IT Information Sec

Android pre-installed apps are affected by high-severity vulnerabilities

Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research Team discovered four vulnerabilities (CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework, owned by mce Systems, that is used by several mobile carri
Publish At:2022-05-27 18:27 | Read:145 | Comments:0 | Tags:Breaking News Hacking Mobile Android hacking news informatio

FBI: Compromised US academic credentials available on various cybercrime forums

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI issued an alert to inform the higher education sector about the availability of login credentials on dark web forums that can be used by threat actors to launch attacks against individuals and o
Publish At:2022-05-27 10:31 | Read:173 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Deep Web Hacking Repor

ERMAC 2.0 Android Banking Trojan targets over 400 apps

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 can target an increasing number of applications, passing from 378 to 467 target applications to steal account credentials and crypto-wallets. ERMAC was first spotted by researchers from Threatfabric in July 2021,
Publish At:2022-05-27 06:33 | Read:166 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android banking tro

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers have released a proof-of-concept (PoC) exploit and technical analysis for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products.
Publish At:2022-05-27 02:35 | Read:177 | Comments:0 | Tags:Breaking News Hacking Security CVE-2022-22972 hacking news i

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Below is the list of the four vulnerabilities, the most severe one is a command in
Publish At:2022-05-26 18:38 | Read:155 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Exposed: the threat actors who are poisoning Facebook

An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning Facebook Original post @ https://cybernews.com/security/exposed-the-threat-actors-who-are-poisoning-facebook/ An investigation of the infamous “Is That You?” video scam has led Cybernews researchers to a cybercriminal stron
Publish At:2022-05-26 18:38 | Read:155 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Security Social Networks C

Experts warn of a new malvertising campaign spreading the ChromeLoader

Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary observed a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive b
Publish At:2022-05-26 10:42 | Read:148 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware ChromeLoader Cyber

Italy announced its National Cybersecurity Strategy 2022/26

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government’s commitment to addressing cyber threats and increasing the resilience of the country to cyber attacks.
Publish At:2022-05-26 06:44 | Read:183 | Comments:0 | Tags:Breaking News Reports Security Cybersecurity Hacking hacking

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. The maintainers confirmed that Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. “We recommend that you stop using Tails until the release of 5.1 (Ma
Publish At:2022-05-26 06:44 | Read:145 | Comments:0 | Tags:Breaking News Digital ID Security Firefox Hacking hacking ne

Unknown APT group is targeting Russian government entities

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine.
Publish At:2022-05-25 19:15 | Read:181 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware hacking news

Chaining Zoom bugs is possible to hack users in a chat by sending them a message

Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set of four security flaws in the popular video conferencing service Zoom could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages.Tracked from CVE-2022
Publish At:2022-05-25 10:31 | Read:157 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel (CVE-2021-1048 and CVE-2021-0920)
Publish At:2022-05-25 06:33 | Read:156 | Comments:0 | Tags:Breaking News Security CISA Hacking hacking news information

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3