HackDig : Dig high-quality web security articles

A member of the FIN7 group was sentenced to 10 years in prison

Fedir Hladyr (35), a Ukrainian national was sentenced today to 10 years in prison for his role in the financially motivated group FIN7, aka Carbanak. The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated group FIN7, aka C
Publish At:2021-04-18 10:55 | Read:19 | Comments:0 | Tags:Breaking News Cyber Crime Carbanak Cybercrime FIN7 Hacking i

Security Affairs newsletter Round 310

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Is the recent accident at Iran Natanz nuclear plant a cyber attack?Joker malware infected 538,000 Huawei Android devicesPersonal data of 1.3 million Clubhouse users leaked onlineFitch Ratings: Cyberattac
Publish At:2021-04-18 08:21 | Read:88 | Comments:0 | Tags:Breaking News data breach Hacking hacking news information s

Is BazarLoader malware linked to Trickbot operators?

Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. The campaigns aimed at employees of large organizations, the messages attempt
Publish At:2021-04-18 07:49 | Read:101 | Comments:0 | Tags:Breaking News Cyber Crime Malware BazarLoader malware Hackin

Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model

Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before disclosing associated technical details. The Google Project Zero security team announced an update to its vulnerability disclosure policy, it could include additional 30 days to the disclosure process for some bugs to give end-us
Publish At:2021-04-17 15:20 | Read:107 | Comments:0 | Tags:Breaking News Security Google Hacking hacking news informati

6 out of 11 EU agencies running Solarwinds Orion software were hacked

SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in
Publish At:2021-04-17 04:24 | Read:160 | Comments:0 | Tags:Breaking News Hacking EU hacking news information security n

Critical RCE can allow attackers to compromise Juniper Networks devices

Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This f
Publish At:2021-04-16 16:39 | Read:161 | Comments:0 | Tags:Breaking News Security DOS Hacking hacking news information

Industry Reactions to FBI Cleaning Up Hacked Exchange Servers: Feedback Friday

U.S. authorities revealed this week that the FBI executed a court-authorized cyber operation to remove malicious web shells from hundreds of compromised Microsoft Exchange servers located in the United States.FBI agents removed the backdoors by issuing a command through the web shell to the server. The agency said it may have been more challenging for indivi
Publish At:2021-04-16 11:25 | Read:232 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ma

Russia-linked APT SVR actively targets these 5 flaws

The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have published a joint advisory that warns that Russia-linked APT
Publish At:2021-04-16 08:49 | Read:210 | Comments:0 | Tags:Breaking News Cyber warfare Hacking hacking news information

Mirai code re-use in Gafgyt

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code.  Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt”, via threat intelligence systems and our in-house osquery-based sandbox. Upon ana
Publish At:2021-04-16 05:26 | Read:151 | Comments:0 | Tags:Breaking News Cyber Crime Malware botnet Gafgyt botnet Hacki

Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto

Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses. The simple nature of such attacks combined with the use of malicious JavaScript code for intercepting payment data attrac
Publish At:2021-04-16 02:50 | Read:147 | Comments:0 | Tags:APT Breaking News Hacking information security news IT Infor

US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (ska A
Publish At:2021-04-15 21:04 | Read:192 | Comments:0 | Tags:Breaking News Cyber warfare Hacking hacking news information

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016, were moved on Wednesday to new accounts. On August 2016, the Asian Bitfinex suffered a security breach that resulted in the the
Publish At:2021-04-15 13:14 | Read:202 | Comments:0 | Tags:Breaking News Digital ID Hacking Bitfinex information securi

April 2021 Security Patch Day fixes a critical flaw in SAP Commerce

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce. April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released ones, among the issues addressed by the software giant there is a critical flaw in SAP Commerce. &#
Publish At:2021-04-15 09:19 | Read:165 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

For the second time in a week, a Google Chromium zero-day released online

For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple browsers impacted. A new Chromium zero-day remote code execution exploit has been released on Twitter this week, kile the previous one that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based b
Publish At:2021-04-15 04:38 | Read:157 | Comments:0 | Tags:Breaking News Hacking Chrome Chromium zero-day hacking news

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on commun
Publish At:2021-04-14 17:39 | Read:155 | Comments:0 | Tags:Breaking News Hacking Mobile hacking news information securi

Keywords