HackDig : Dig high-quality web security articles

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. The Microsoft Threat Intelligence Center (MSTIC) has disrupted activity by SEABORGIUM (aka ColdRiver, TA446), a Russia-linked threat actor that is behind a persistent hacking campaign targeting people and organizations in NATO countries. M
Publish At:2022-08-15 18:09 | Read:71 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Intelligence Cyberes

SOVA Android malware now also encrypts victims’ files

Security researchers from Cleafy reported that the SOVA Android banking malware is back and is rapidly evolving. The SOVA Android banking trojan was improved, it has a new ransomware feature that encrypts files on Android devices, Cleafy researchers report. The malware has been active since 2021 and evolves over time. The latest version of the SOVA Tro
Publish At:2022-08-15 14:11 | Read:107 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android Banking Mal

VNC instances exposed to Internet pose critical infrastructures at risk

Researchers from threat intelligence firm Cyble reported a surge in attacks targeting virtual network computing (VNC). Virtual Network Computing (VNC) is a graphical desktop-sharing system that leverages the Remote Frame Buffer (RFB) protocol to control another machine remotely. It transmits the keyboard and mouse input from one computer to another, relay
Publish At:2022-08-15 14:11 | Read:118 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA Security critical infrastruc

Iron Tiger APT is behind a supply chain attack that employed messaging app MiMi

China-linked threat actors Iron Tiger backdoored a version of the cross-platform messaging app MiMi to infect systems. Trend Micro researchers uncovered a new campaign conducted by a China-linked threat actor Iron Tiger that employed a  backdoored version of the cross-platform messaging app MiMi Chat App to infect Windows, Mac, and Linux systems
Publish At:2022-08-15 06:15 | Read:137 | Comments:0 | Tags:APT Breaking News Cyber warfare Hacking Malware hacking news

A new PyPI Package was found delivering fileless Linux Malware

Security Researchers discovered a new PyPI Package designed to drop fileless cryptominer to Linux systems. Sonatype researchers have discovered a new PyPI package named ‘secretslib‘ that drops fileless cryptominer to the memory of Linux machine systems. The package describes itself as “secrets matching and verification made easy,R
Publish At:2022-08-15 06:15 | Read:74 | Comments:0 | Tags:Cyber Crime Malware Security fileless malware Hacking IT Inf

A flaw in Xiaomi phones using MediaTek Chips could allow to forge transactions

Flaws in Xiaomi Redmi Note 9T and Redmi Note 11 models could be exploited to disable the mobile payment mechanism and even forge transactions. Check Point researchers discovered the flaws while analyzing the payment system built into Xiaomi smartphones powered by MediaTek chips. Trusted execution environment (TEE) is an important component of mobile de
Publish At:2022-08-14 14:23 | Read:94 | Comments:0 | Tags:Breaking News Hacking Mobile hacking news information securi

CISA, FBI shared a joint advisory to warn of Zeppelin ransomware attacks

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are warning of Zeppelin ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have published a joint advisory to warn of Zeppelin ransomware attacks. The Zeppelin ransomware first appeared on the threat l
Publish At:2022-08-14 03:04 | Read:148 | Comments:0 | Tags:Breaking News Cyber Crime Malware Security Cybercrime Hackin

Killnet claims to have breached Lockheed Martin

Russian hacker group Killnet claims to have launched a DDoS attack on the aerospace and defense giant Lockheed Martin.  The Moscow Times first reported that the Pro-Russia hacker group Killnet is claiming responsibility for a recent DDoS attack that hit the aerospace and defense giant Lockheed Martin. The Killnet group also claims to have stolen data f
Publish At:2022-08-13 13:23 | Read:235 | Comments:0 | Tags:Breaking News Hacking Security DDoS hacking news information

Three flaws allow attackers to bypass UEFI Secure Boot feature

Researchers discovered a flaw in three signed third-party UEFI boot loaders that allow bypass of the UEFI Secure Boot feature. Researchers from hardware security firm Eclypsium have discovered a vulnerability in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that can be exploited to bypass the UEFI Secure Boot feature.
Publish At:2022-08-13 06:03 | Read:190 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

The US offers a $10M rewards for info on the Conti ransomware gang’s members

The U.S. State Department announced a $10 million reward for information related to five individuals associated with the Conti ransomware gang. The U.S. State Department announced a $10 million reward for information on five prominent members of the Conti ransomware gang. The government will also reward people that will provide details about Conti and its
Publish At:2022-08-12 14:11 | Read:313 | Comments:0 | Tags:Breaking News Cyber Crime Security Conti ransomware Hacking

BazarCall attacks have revolutionized ransomware operations

The Conti ransomware gang is using BazarCall phishing attacks as an initial attack vector to access targeted networks. BazarCall attack, aka call back phishing, is an attack vector that utilizes targeted phishing methodology and was first used by the Ryuk ransomware gang in 2020/2021. The BazarCall attack chain is composed of the following stages: S
Publish At:2022-08-12 05:27 | Read:206 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware bazarcall Conti ra

Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite

Threat actors are exploiting an authentication bypass Zimbra flaw, tracked as CVE-2022-27925, to hack Zimbra Collaboration Suite email servers worldwide. An authentication bypass affecting Zimbra Collaboration Suite, tracked as CVE-2022-27925, is actively exploited to hack ZCS email servers worldwide. Zimbra is an email and collaboration platform used
Publish At:2022-08-12 05:27 | Read:185 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Cisco fixed a flaw in ASA, FTD devices that can give access to RSA private key

Cisco addressed a high severity flaw, tracked as CVE-2022-20866, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco addressed a high severity vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The flaw, tracked as CVE-2022-20866, impacts the handling of RSA key
Publish At:2022-08-11 02:05 | Read:261 | Comments:0 | Tags:Breaking News Hacking Security CISCO CISCO ASA Cisco FTD inf

Ex Twitter employee found guilty of spying for Saudi Arabian government

A former Twitter employee was found guilty of spying on certain Twitter users for Saudi Arabia. A former Twitter employee, Ahmad Abouammo (44), was found guilty of gathering private information of certain Twitter users and passing them to Saudi Arabia. “Ahmad Abouammo, a US resident born in Egypt, was found guilty by a jury Tuesday of charges inc
Publish At:2022-08-11 02:05 | Read:219 | Comments:0 | Tags:Breaking News Cyber Crime Intelligence Security Social Netwo

Cisco was hacked by the Yanluowang ransomware gang

Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. Cisco disclosed a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data. The investigation conducted by Cisco Security Incident Response (CSIRT) and Cisco Ta
Publish At:2022-08-10 17:33 | Read:272 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware CISCO Cybercrime h

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud