HackDig : Dig high-quality web security articles

Ryuk ransomware operation updates hacking techniques

Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network.The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the public internet.Furthermore, using targeted phishing emails to deliver the
Publish At:2021-04-17 12:34 | Read:190 | Comments:0 | Tags:Security ransomware hack

6 out of 11 EU agencies running Solarwinds Orion software were hacked

SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in
Publish At:2021-04-17 04:24 | Read:160 | Comments:0 | Tags:Breaking News Hacking EU hacking news information security n

HackBoss malware poses as hacker tools on Telegram to steal digital coins

The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications.Researchers have named the malware HackBoss and say that its operators likely stole more than $500,000 from wannabe hackers that fell for the trick.Fake user interfaceAlthough there is nothing sophistica
Publish At:2021-04-16 13:04 | Read:124 | Comments:0 | Tags:Security hack

Popular Codecov code coverage tool hacked to steal dev credentials

Codecov online platform for hosted code testing reports and statistics announced on Thursday that a threat actor had modified its Bash Uploader script, exposing sensitive information in customers’ continuous integration (CI) environment.The company learned of the compromise on April 1st but the investigation determined that the first signs of this soft
Publish At:2021-04-16 13:04 | Read:96 | Comments:0 | Tags:Security hack

Industry Reactions to FBI Cleaning Up Hacked Exchange Servers: Feedback Friday

U.S. authorities revealed this week that the FBI executed a court-authorized cyber operation to remove malicious web shells from hundreds of compromised Microsoft Exchange servers located in the United States.FBI agents removed the backdoors by issuing a command through the web shell to the server. The agency said it may have been more challenging for indivi
Publish At:2021-04-16 11:25 | Read:232 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Incident Response Ma

Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack

Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world.The hack occurred four months ago but was only discovered in the wild by a Codecov custome
Publish At:2021-04-15 23:40 | Read:114 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Vulnerabilities hack

US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (ska A
Publish At:2021-04-15 21:04 | Read:192 | Comments:0 | Tags:Breaking News Cyber warfare Hacking hacking news information

US government confirms Russian SVR behind the SolarWinds hack

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.In a brief announcing sanctions on Russia for actions against the U.S. interests, the White House is naming the Cozy Bear group of advanced hackers a
Publish At:2021-04-15 13:34 | Read:70 | Comments:0 | Tags:Security hack

NSA: Russian Hackers Exploiting VPN Vulnerabilities - Patch Immediately

The U.S. government on Thursday warned that Russian APT operators are exploiting five known -- and already patched -- vulnerabilities in corporate VPN infrastructure products, insisting it is “critically important” to mitigate these issues immediately.The urgent advisory was issued by the National Security Agency (NSA) to call attention to a quintet of CVEs
Publish At:2021-04-15 11:55 | Read:175 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities exploit hack

NSA: Top 5 vulnerabilities actively abused by Russian govt hackers

A joint advisory from the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) warn that the Russian Foreign Intelligence Service (SVR) is exploiting five vulnerabilities in attacks against U.S. organizations and interests.In an advisory issued today, the NSA
Publish At:2021-04-15 09:39 | Read:171 | Comments:0 | Tags:Security hack

Months After Hack, US Poised to Announce Sanctions on Russia

The Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said.The sanctions, foreshadowed for weeks by the administration, would represent the first retaliatory action announced against the Kremlin
Publish At:2021-04-15 08:00 | Read:97 | Comments:0 | Tags:Cyberwarfare NEWS & INDUSTRY hack

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on commun
Publish At:2021-04-14 17:39 | Read:155 | Comments:0 | Tags:Breaking News Hacking Mobile hacking news information securi

Sweden blames Russia for Swedish Sports Confederation hack

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish Sports Confederation is the umbrella organisation of the Swedish sports movement, it was hacked by Russian military intelligence in a campaign conducted between December 2017 and May 2018, officials sai
Publish At:2021-04-14 02:31 | Read:125 | Comments:0 | Tags:Breaking News Cyber warfare Intelligence GRU Hacking hacking

FBI Agents Secretly Deleted Web Shells From Hacked Microsoft Exchange Servers

FBI agents executed a court-authorized cyber operation to delete malicious web shells from hundreds of previously hacked Microsoft Exchange servers in the United States, unbeknownst to their owners, the U.S. Department of Justice (DoJ) said Tuesday.After a wave of major in-the-wild zero-day attacks against Exchange Server installations that occurred globally
Publish At:2021-04-14 00:40 | Read:105 | Comments:0 | Tags:NEWS & INDUSTRY Email Security Incident Response FBI hac

FBI nuked web shells from hacked Exchange Servers without telling owners

A court-approved FBI operation was conducted to remove web shells from compromised US-based Microsoft Exchange servers without first notifying the servers' owners.On March 2nd, Microsoft released a series of Microsoft Exchange security updates for vulnerabilities actively exploited by a hacking group known as HAFNIUM.These vulnerabilities
Publish At:2021-04-13 22:24 | Read:117 | Comments:0 | Tags:Security FBI hack