773 matches found
Beirut Airport Screens Hacked with Anti-Hezbollah Message
By Deeba Ahmed The most recent cyber attack occurs against the backdrop of escalating tensions between Lebanon and Israel. This is a post from HackRead.com Read the original post: Beirut Airport Screens Hacked with Anti-Hezbollah Message...
CATSploit - An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring
CATSploit is an automated penetration testing tool using Cyber Attack Techniques Scoring CATS method that can be used without pentester. Currently, pentesters implicitly made the selection of suitable attack techniques for target systems to be attacked. CATSploit uses system configuration...
Iranian Food Delivery Giant Snappfood Cyber Attack: 3TB of Data Stolen
By Waqas Snappfood has acknowledged the cyber attack, leading to a massive data breach. This is a post from HackRead.com Read the original post: Iranian Food Delivery Giant Snappfood Cyber Attack: 3TB of Data Stolen...
Major Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom Operator
Ukraine's biggest telecom operator Kyivstar has become the victim of a "powerful hacker attack," disrupting customer access to mobile and internet services. "The cyberattack on Ukraine's Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics...
Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called...
New SugarGh0st RAT targets Uzbekistan government and South Korea
Cisco Talos recently discovered a malicious campaign that likely started as early as August 2023, delivering a new remote access trojan RAT we dubbed "SugarGh0st." We found evidence suggesting the threat actor is targeting the Uzbekistan Ministry of Foreign Affairs and users in South Korea. We...
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
The U.S. Cybersecurity and Infrastructure Security Agency CISA revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers PLCs to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been...
Mustang Panda Targets Philippines Government Using Legitimate Software
Summary: Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect an antivirus solution based in Indonesi...
Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware
Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEOLURKER. "The malicious...
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks...
Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting...
Hacker Leaks 800,000 Scraped Chess.com User Records
By Waqas Chess.com has not experienced a cyber attack or security breach. This is a post from HackRead.com Read the original post: Hacker Leaks 800,000 Scraped Chess.com User Records...
Hackers Utilize MSIX App Packages to Disseminate GHOSTPULSE Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new cyber attack campaign has emerged, involving the use of fake MSIX Windows app packages masquerading as legitimate applications. These deceptive MSIX packages are employed to distribute a new malwar...
How helpful are estimates about how much cyber attacks cost?
Coming from the newspaper and media industry, Im no stranger to wanting to write catchy headlines. Im certainly at fault for throwing together a story about so-and-sos house sold for X million dollars. But recently Ive been wondering if those "big numbers" for cybersecurity are helpful at all, ev...
Lyca Mobile Suffers Cyber Attack, Investigating Ransomware Possibility
By Waqas Lyca Mobile confirms a cyber attack impacting all markets except the US, Australia, Ukraine, and Tunisia. This is a post from HackRead.com Read the original post: Lyca Mobile Suffers Cyber Attack, Investigating Ransomware Possibility...
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta. "Employees of the targeted company were contacted by a fake recruiter...
Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals
Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles UAVs have been an integral tool used by the Ukrainian military, malware-lace...
What’s the point of press releases from threat actors?
Welcome to this weeks edition of the Threat Source newsletter. As a former reporter, Ive seen my fair share of press releases. But one from a threat actor was definitely a new one for me last week. ALPHV aka BlackCat publicly took credit for a massive cyber attack against MGM, a resort, gambling...
The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack
While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS Advanced Persistent Threats are putting its practical effectiveness to the test. Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehensive insight into...
China-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike Beacons
An ongoing cyber attack campaign originating from China is targeting the Southeast Asian gambling sector to deploy Cobalt Strike beacons on compromised systems. Cybersecurity firm SentinelOne said the tactics, techniques, and procedures point to the involvement of a threat actor tracked as Bronze...