Feds Forced Travel Firms to Share Surveillance Data on Hacker

The U.S. government ordered two travel companies to provide information about the movement of a Russian citizen suspected of hacking. The surveillance data was used as part of an investigation by the U.S. Secret Service, according to court documents recently unsealed. The revelation of the extent...

Ransomware Task Force priorities see progress in first year

This blog is part of our live coverage from RSA Conference 2022: US President Joseph R. Biden Jr., The White House, and law enforcement agencies across the world paid close attention last year when a group of more than 60 cybersecurity experts launched the Ransomware Task Force, heeding the group...

dpie.nsw.gov.au Cross Site Scripting vulnerability OBB-2638086

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S

A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw...

Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data

By Waqas Rustam Kurmaev and Partners work with the Russian government and other high-profile banking, media, oil, and industrial companies,… This is a post from HackRead.com Read the original post: Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data...

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...

Microsoft collaborates with Tenable to support federal cybersecurity efforts

On May 12, 2021, the White House issued Presidential Executive Order EO 14028 to establish cybersecurity as a national priority.1 As part of this effort, the White House has called for greater public and private sector collaboration to address the evolving threats facing federal agencies. In the...

Good Luck Not Accidentally Hiring a North Korean Scammer

DPRK hackers are tricking their way into jobs with Western firms. A US government alert reminds employers they're on the front lines—and potentially on the hook...

Malware-Infested Smart Card Reader

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal employees clearly will purchase these readers...

The Mystery of China’s Sudden Warnings About US Hackers

The Chinese government recently began saber-rattling about American cyberespionage. The catch? It’s all old news...

How the Saitama backdoor uses DNS tunnelling

Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Understandably, a lot of cybersecurity research and commentary focuses on the act of breaking into computers undetected. But threat actors are often just as concerned with the act of breaking o...

Researchers Find New Malware Attacks Targeting Russian Government Entities

An unknown advanced persistent threat APT group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. "The campaigns ... are designed to implant a Remote Access Trojan RAT that can be used to...

A Year on from the Ransomware Task Force Report

If you follow cybersecurity, you’ve likely seen one of the many articles written recently on the one-year anniversary of the Colonial Pipeline ransomware attack, which saw fuel delivery suspended for six days, disrupting air and road travel across the southeastern states of the US. The Colonial...

explorer-marche-travail.service.canada.ca Cross Site Scripting vulnerability OBB-2624372

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits

Google's Threat Analysis Group TAG on Thursday pointed fingers at a North Macedonian spyware developer named Cytrox for developing exploits against five zero-day aka 0-day flaws, four in Chrome and one in Android, to target Android users. "The 0-day exploits were used alongside n-day exploits as...

CVE-2022-22973

creationtimestamp| type| source ---|---|--- 2022-05-19 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=806 2022-05-19 08:16:48+00:00| seen| https://t.me/ctinow/52262 2022-05-19 12:12:49+00:00| exploited| https://t.me/truesecator/2957 2022-05-19 18:51:26+00:00| seen|...

US Warns Firms About North Korean Hackers Posing as IT Workers

By Deeba Ahmed US government has warned organizations to beware of hackers in the guise of IT freelancers claiming to be… This is a post from HackRead.com Read the original post: US Warns Firms About North Korean Hackers Posing as IT Workers...

Russian Conti Ransomware Gang Threatens to Overthrow New Costa Rican Government

The notorious Conti ransomware gang, which last month staged an attack on Costa Rican administrative systems, has threatened to "overthrow" the new government of the country. "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and...

When Your Smart ID Card Reader Comes With Malware

Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholders appropriate security level. But many government employe...

business.nsw.gov.au Cross Site Scripting vulnerability OBB-2617968

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...