HackDig : Dig high-quality web security articles

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. The instances o
Publish At:2022-05-28 13:15 | Read:105 | Comments:0 | Tags:APT Breaking News Cyber warfare Malware DDoS Gamaredon APT H

The strange link between Industrial Spy and the Cuba ransomware operation

The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping Computer reported the launch of a new dark web marketplace called Industrial Spy that sells stolen data and offers free stolen data to its members. MalwareHunterTeam researchers spotted malware samples [1, 2]
Publish At:2022-05-28 11:07 | Read:61 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cuba Ransomware Cy

Reuters: Russia-linked APT behind Brexit leak website

Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the EU, the Reuters reported. According to a Google cybersecurity official and the former head of UK foreign intelligence, the “Very English Coop d’Etat” website was set up to publish private emails from
Publish At:2022-05-28 10:31 | Read:132 | Comments:0 | Tags:Breaking News Data Breach Hacking Intelligence APT Cold Rive

GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack

GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials. GitHub provided additional details about the incident that suffered in April, the attackers were able to steal nearly 100K NPM users’ credentials. In April, GitHub uncovered threat actors usin
Publish At:2022-05-28 07:09 | Read:117 | Comments:0 | Tags:Breaking News Hacking GitHub hacking news IT Information Sec

Android pre-installed apps are affected by high-severity vulnerabilities

Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research Team discovered four vulnerabilities (CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework, owned by mce Systems, that is used by several mobile carri
Publish At:2022-05-27 18:27 | Read:145 | Comments:0 | Tags:Breaking News Hacking Mobile Android hacking news informatio

GhostTouch: how to remotely control touchscreens with EMI

Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang University and Technical University of Darmstadt devised a technique, dubbed GhostTouch, to remotely control capacitive touchscreens using electromagnetic signals. According to the experts, Gho
Publish At:2022-05-27 11:07 | Read:151 | Comments:0 | Tags:Breaking News Hacking Cybercrime GhostTouch hacking news inf

FBI: Compromised US academic credentials available on various cybercrime forums

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI issued an alert to inform the higher education sector about the availability of login credentials on dark web forums that can be used by threat actors to launch attacks against individuals and o
Publish At:2022-05-27 10:31 | Read:173 | Comments:0 | Tags:Breaking News Cyber Crime Data Breach Deep Web Hacking Repor

ERMAC 2.0 Android Banking Trojan targets over 400 apps

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 can target an increasing number of applications, passing from 378 to 467 target applications to steal account credentials and crypto-wallets. ERMAC was first spotted by researchers from Threatfabric in July 2021,
Publish At:2022-05-27 06:33 | Read:166 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android banking tro

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers have released a proof-of-concept (PoC) exploit and technical analysis for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products.
Publish At:2022-05-27 02:35 | Read:177 | Comments:0 | Tags:Breaking News Hacking Security CVE-2022-22972 hacking news i

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Below is the list of the four vulnerabilities, the most severe one is a command in
Publish At:2022-05-26 18:38 | Read:151 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Exposed: the threat actors who are poisoning Facebook

An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning Facebook Original post @ https://cybernews.com/security/exposed-the-threat-actors-who-are-poisoning-facebook/ An investigation of the infamous “Is That You?” video scam has led Cybernews researchers to a cybercriminal stron
Publish At:2022-05-26 18:38 | Read:155 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Security Social Networks C

Experts warn of a new malvertising campaign spreading the ChromeLoader

Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary observed a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive b
Publish At:2022-05-26 10:42 | Read:148 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware ChromeLoader Cyber

Italy announced its National Cybersecurity Strategy 2022/26

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government’s commitment to addressing cyber threats and increasing the resilience of the country to cyber attacks.
Publish At:2022-05-26 06:44 | Read:183 | Comments:0 | Tags:Breaking News Reports Security Cybersecurity Hacking hacking

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. The maintainers confirmed that Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. “We recommend that you stop using Tails until the release of 5.1 (Ma
Publish At:2022-05-26 06:44 | Read:145 | Comments:0 | Tags:Breaking News Digital ID Security Firefox Hacking hacking ne

Unknown APT group is targeting Russian government entities

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine.
Publish At:2022-05-25 19:15 | Read:181 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware hacking news

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3