HackDig : Dig high-quality web security articles

SOHO Exploits Earn Hackers Over $100,000 on Day 3 of Pwn2Own Toronto 2022

Trend Micro’s Zero Day Initiative (ZDI) announced total payouts nearing $1 million after the first three days of Pwn2Own Toronto 2022, and there is one day left to go.On the third day of the event, participants earned a total of $253,500 for hacking NAS devices, printers, smart speakers, routers, and smartphones. ZDI said $681,000 was paid out in the first t
Publish At:2022-12-09 10:31 | Read:6203 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security exploit hac

Diamond Industry Attacked by Iranian Hackers with Data-Wiping Malware

A series of data wiper assaults targeting the diamond industry in South Africa, Israel, and Hong Kong have been ascribed to the Iranian advanced persistent threat (APT) actor Agrius.The wiper, known as Fantasy, is said to have been distributed through a supply-chain attack that was launched in February 2022 and targeted an Israeli software suite developer. V
Publish At:2022-12-09 08:11 | Read:17828 | Comments:0 | Tags:Cybersecurity News hack

Hacked corporate email accounts used to send MSP remote access tool

MuddyWater hackers, a group associated with Iran’s Ministry of Intelligence and Security (MOIS), used compromised corporate email accounts to deliver phishing messages to their targets.The group adopted the new tactic in a campaign that might have started in September but wasn’t observed until October and combined the use of a legitimate remote a
Publish At:2022-12-08 20:10 | Read:24543 | Comments:0 | Tags:Security hack

Samsung Galaxy S22 hacked again on second day of Pwn2Own

Contestants hacked the Samsung Galaxy S22 again during the second day of the consumer-focused Pwn2Own 2022 competition in Toronto, Canada.They also demoed exploits targeting zero-day vulnerabilities in routers, printers, smart speakers, and Network Attached Storage (NAS) devices from HP, NETGEAR, Synology, Sonos, TP-Link, Canon, Lexmark, and Western Digital.
Publish At:2022-12-08 16:12 | Read:25354 | Comments:0 | Tags:Security hack

Iranian Hackers Deliver New 'Fantasy' Wiper to Diamond Industry via Supply Chain Attack

An Iran-linked advanced persistent threat (APT) actor named Agrius is using a new wiper in attacks targeting entities in South Africa, Israel and Hong Kong, cybersecurity firm ESET reports.Mainly focused on victims in Israel and the United Arab Emirates, Agrius is a threat actor active since at least 2020, exploiting known vulnerabilities for initial access.
Publish At:2022-12-08 11:55 | Read:25984 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Virus & Malware

CloudSEK Blames Hack on Another Cybersecurity Company

Digital risk protection company CloudSEK claims that another cybersecurity firm is behind a recent data breach resulting from the compromise of an employee’s Jira account.As part of the targeted cyberattack, an unknown party used session cookies for the employee’s Jira account to gain access to various types of internal data.Because the user never used a pas
Publish At:2022-12-08 10:31 | Read:35581 | Comments:0 | Tags:NEWS & INDUSTRY Incident Response Cybercrime Management

Google Documents IE Browser Zero-Day Exploited by North Korean Hackers

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.Tracked as CVE-2022-41128 (CVSS score of 8.8), the vulnerability was identified in the browser’s ‘JScript9’ JavaScript engine and can be exploited by remote attackers to execute arbitrary co
Publish At:2022-12-07 18:26 | Read:30976 | Comments:0 | Tags:Cyberwarfare Endpoint Security Network Security NEWS & I

Google: State hackers still exploiting Internet Explorer zero-days

Google's Threat Analysis Group (TAG) revealed today that a group of North Korean hackers tracked as APT37 exploited a previously unknown Internet Explorer vulnerability (known as a zero-day) to infect South Korean targets with malware.Google TAG was made aware of this recent attack on October 31 when multiple VirusTotal submitters from South Korea uploaded a
Publish At:2022-12-07 16:11 | Read:26599 | Comments:0 | Tags:Security exploit hack

Hackers use new Fantasy data wiper in coordinated supply chain attack

The Iranian Agrius APT hacking group is using a new 'Fantasy' data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa.The campaign started in February and unfolded at full scale in March 2022, breaching an IT support services firm, a diamond wholesaler, a jeweler, and an HR consulting company.In this campaign, Agrius
Publish At:2022-12-07 16:11 | Read:44250 | Comments:0 | Tags:Security hack

CloudSEK claims it was hacked by another cybersecurity firm

Indian cybersecurity firm CloudSEK says a threat actor gained access to its Confluence server using stolen credentials for one of its employees' Jira accounts.While some internal information, including screenshots of product dashboards and three customers' names and purchase orders, was exfiltrated from its Confluence wiki, CloudSEK says the attackers didn't
Publish At:2022-12-07 16:11 | Read:45623 | Comments:0 | Tags:Security Cloud security cyber cybersecurity hack

Iranian State-backed Hackers Attack Independent Groups in the Middle East

Human rights activists, reporters, researchers, professors, diplomats, and politicians working in the Middle East are being targeted in an ongoing social engineering and credential phishing effort.These attacks have been linked to Iranian state hackers, APT42, which has been shown to have similarities with Charming Kitten (also known as APT35 or Phosphorus).
Publish At:2022-12-07 12:08 | Read:33645 | Comments:0 | Tags:Cybersecurity News Uncategorized hack

Foreign Networks Used by Russian Hackers to Attack Ukraine

Cyber researchers’ study proves that Russian threat actors use vulnerable networks from countries around the world to attack Ukrainian organizations. Even though those countries support Ukraine, like the UK, US, or France, Russian cybercriminals managed to take advantage of them, while trying to meet their goals. Until now, a dam monitoring system, a Fortune
Publish At:2022-12-07 12:08 | Read:40404 | Comments:0 | Tags:Cybersecurity News hack

4 Nigerians Arrested in Europe Over US Charges Involving Hacking, Fraud

Four Nigerians arrested recently in Europe have been charged in the United States over their alleged role in a scheme that involved computer hacking and filing false tax returns.According to the US Justice Department, the suspects are Akinola Taylor, Olakunle Oyebanjo, Kazeem Olanrewaju Runsewe, and Olayemi Adafin, who is a UK citizen. They were arrested in
Publish At:2022-12-07 11:55 | Read:37163 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Cybercrime ha

Pwn2Own Toronto 2022, Day 1: Hackers Earn $400,000 for Galaxy S22, SOHO Exploits

On the first day of the Pwn2Own Toronto 2022 hacking competition, participants earned a total of $400,000 for new exploits targeting phones, printers, routers and NAS devices.The competition organized by Trend Micro’s Zero Day Initiative (ZDI) offers significant prizes for hacking mobile phones, wireless routers, home automation hubs, printers, smart speaker
Publish At:2022-12-07 10:30 | Read:32906 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities IoT Security exploit hac

Pwn2Own Toronto 2022 hacking competition. Samsung S22 hacked

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. White hat hackers that participated in the competition hacked the Samsung Galaxy S22 smartphone twice during the first day
Publish At:2022-12-07 07:51 | Read:32827 | Comments:0 | Tags:Breaking News Hacking Mobile Cybercrime data breach informat

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud