HackDig : Dig high-quality web security articles

Cyberattack halted the production at the Iranian state-owned Khuzestan Steel company

Iranian state-owned Khuzestan Steel Company was hit by a cyber attack that forced the company to halt its production. The Khuzestan Steel Company is one of the major steel companies owned by the Iranian government. The company was forced to halt production due to a cyberattack. According to the Associated Press, Khuzestan Steel Company has a
Publish At:2022-06-27 09:23 | Read:144 | Comments:0 | Tags:Breaking News Cyber warfare Hacking hacking news information

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. The malspam messages have the topic “Free primary le
Publish At:2022-06-27 08:10 | Read:198 | Comments:0 | Tags:Breaking News Malware Hacking hacking news information secur

Threat actors stole $100M in crypto assets from Harmony

Threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony on Thursday evening. Last week threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. Today @HarmonyProtocol disclosed a breach which resulted in the theft of 85,837.252 Ethereum (approx. $99,334,302.58 USD as of this w
Publish At:2022-06-27 05:25 | Read:166 | Comments:0 | Tags:Breaking News Digital ID Hacking Blockchain hacking news Har

Threat actors sell access to tens of vulnerable networks compromised by exploiting Atlassian 0day

A threat actor is selling access to 50 vulnerable networks that have been compromised exploiting the recently disclosed Atlassian Confluence zero-day. A threat actor is selling access to 50 vulnerable networks that have been compromised by exploiting the recently discovered Atlassian Confluence zero-day flaw (CVE-2022-26134). The discovery was made by
Publish At:2022-06-26 15:20 | Read:238 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Atlassian Atlassian Conflu

Security Affairs newsletter Round 371 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion MiddlewareMultiple malicious packages in PyPI
Publish At:2022-06-26 11:10 | Read:187 | Comments:0 | Tags:Breaking News data breach hacking news information security

China-linked APT Bronze Starlight deploys ransomware as a smokescreen

China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The experts ob
Publish At:2022-06-26 09:59 | Read:292 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Bronze Starlight Chin

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Russian threat actors may be behind the explosion at a liquefied natural gas plant in Texas, the incident took place on June 8. A Russian hacking group may be responsible for a cyber attack against a liquefied natural gas plant in Texas that led to its explosion on June 8. The explosion took place at the Freeport Liquefied Natural Gas (Freeport LNG) li
Publish At:2022-06-26 06:01 | Read:250 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion Middleware

Researchers disclose technical details of a critical flaw in Fusion Middleware, tracked as CVE-2022–21445, that Oracle took six months to patch. Security researchers have published technical details of a critical Fusion Middleware vulnerability, tracked as CVE-2022–21445, that was reported to Oracle by researchers PeterJson of VNG Corporation and Nguyen J
Publish At:2022-06-25 17:31 | Read:215 | Comments:0 | Tags:Breaking News Hacking Security Fusion Middleware hacking new

Multiple malicious packages in PyPI repository found stealing AWS secrets

Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info. Sonatype researchers discovered multiple Python packages in the official PyPI repository that have been developed to steal secrets (i.e. AWS credentials and environment variables) and also upload these to a publicly exposed en
Publish At:2022-06-25 14:09 | Read:244 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Attackers exploited a zero-day in Mitel VOIP devices to compromise a network 

Experts warn threat actors have exploited a zero-day vulnerability in a Mitel VoIP appliance in a ransomware attack. CrowdStrike researchers recently investigated the compromise of a Mitel VOIP appliance as an entry point in a ransomware attack against the network of an organization.  The attackers exploited a remote code execution zero-day vulnerabili
Publish At:2022-06-25 08:10 | Read:281 | Comments:0 | Tags:Breaking News Hacking Malware hacking news information secur

Threat actors continue to exploit Log4Shell in VMware Horizon Systems

The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), published a joint advisory to warn of hacking attempts exploiting the Log4Shell flaw in VMware Horizon serve
Publish At:2022-06-24 11:10 | Read:192 | Comments:0 | Tags:APT Breaking News Hacking Security CISA hacking news IT Info

Vulnerabilities in the Jacuzzi SmartTub app could allow to access users’ data

Researchers discovered multiple vulnerabilities in Jacuzzi SmartTub app web interface that can expose private data. Multiple vulnerabilities in Jacuzzi SmartTub app web interface could have disclosed private data to attackers, security researcher Eaton Zveare warns. The experts attempted to notify the company without success, meantime the flaws have b
Publish At:2022-06-24 09:59 | Read:179 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users wit
Publish At:2022-06-24 05:25 | Read:268 | Comments:0 | Tags:Breaking News Intelligence Malware Hacking hacking news info

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. Check Point Research uncovered an activity cluster with ties to China-linked APT Tropic Trooper (aka Earth Centaur, KeyBoy, and Pirate Panda) which involved the use of a previously undescribed loader (dubbed “Nimbda”) written in Nim la
Publish At:2022-06-23 15:20 | Read:241 | Comments:0 | Tags:APT Breaking News Hacking Intelligence Malware hacking news

NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. NSO Group’s General Counsel Chaim Gelfand admitted that the co
Publish At:2022-06-23 09:59 | Read:215 | Comments:0 | Tags:Breaking News Digital ID Intelligence Malware Security Cyber

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3