Sharing Netflix, Disney+, other passwords is illegal, according to new guidance

The Intellectual Property Office IPO, the UK government body overseeing intellectual property rights in the UK, has quietly released new guidance on piracy and online counterfeit goods. This campaign is a joint effort between IPO and Meta, Facebooks parent company. The general issue on piracy is...

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems

The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and Europe since at least September 2022. "The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake...

Trojaned Windows Installer Targets Ukraine

Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian...

Raspberry Robin Malware Targets Telecom, Governments

We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analyti...

FedRAMP just got better – and is here to stay

Today, President Biden signed the National Defense Authorization Act NDAA, taking a giant step forward in securing the federal governments cloud-first mission. The FedRAMP® Federal Risk and Authorization Management Program Authorization Act, outlined in section 5921 of the NDAA, formalizes the...

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the "socially engineered supply chain" attack around mid-July 2022, said the malicious I...

Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm

The U.S. National Institute of Standards and Technology NIST, an agency within the Department of Commerce, announced Thursday that it's formally retiring the SHA-1 cryptographic algorithm. SHA-1, short for Secure Hash Algorithm 1, is a 27-year-old hash function used in cryptography and has since...

apps.des.qld.gov.au Cross Site Scripting vulnerability OBB-3101770

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Reimagining Democracy

Last week, I hosted a two-day workshop on reimagining democracy. The idea was to bring together people from a variety of disciplines who are all thinking about different aspects of democracy, less from a "what we need to do today" perspective and more from a blue-sky future perspective. My remit ...

Play ransomware attacks city of Antwerp

The city of Antwerps digital systems have come to a grinding halt. The Flemish government under which Antwerp resides has confirmed that this is the result of a ransomware attack. The consequences for the city's inhabitants are drastic, as hundreds of city employees revert to working on paper...

Command Execution Vulnerability in UFIDA GRP-U8 (CNVD-2023-02755)

UFIDA GRP-U8 is a new generation product launched by UFIDA focusing on the national e-government business and based on cloud computing technology, which is the government financial management software in the field of finance for administrative undertakings in China. A command execution...

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a previously undocumented custom malware dubbed Drokbk that uses GitHub as a dead drop resolver to exfiltrate data from an infected computer, or to receive commands. "The use of GitHub as a virtual...

Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics

Hackers with ties to the Iranian government have been linked to an ongoing social engineering and credential phishing campaign directed against human rights activists, journalists, researchers, academics, diplomats, and politicians working in the Middle East. At least 20 individuals are believed ...

Command Execution Vulnerabilities in the Budget Networking Supervision System of the National People's Congress of Beijing UFIDA Government Affairs Software Co.

Beijing UFIDA Government Software Co., Ltd. is a comprehensive business management information solution provider for government departments, institutions and non-profit organizations. A command execution vulnerability exists in the NPC Budget Networking Supervision System of Beijing UFIDA...

Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware

A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices and courts. "Although it disguises itself as a ransomware and extorts money from the victim for 'decrypting' data, it does not actually encrypt, but purposefully destroys data ...

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention CDC were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important...

Iran’s Fars News Agency website hacked as part of anti-govt protests

By Habiba Rashid The hackers from Black Reward Team are also claiming to have deleted nearly 250 terabytes of data from the website from its servers and computers. This is a post from HackRead.com Read the original post: Irans Fars News Agency website hacked as part of anti-govt protests...

Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch FCEB organization where CISA observed suspected advanced persistent threat APT activity. In the course of incident response activities, CISA determined that cyber...

Killnet Hits European Parliament Website with DDoS Attack

By Habiba Rashid The DDoS attack took place moments after the European Parliament voted to declare the Russian government a state sponsor of terrorism. This is a post from HackRead.com Read the original post: Killnet Hits European Parliament Website with DDoS Attack...

Bahamut Cyber Espionage Hackers Targeting Android Users with Fake VPN Apps

The cyber espionage group known as Bahamut has been attributed as behind a highly targeted campaign that infects users of Android devices with malicious apps designed to extract sensitive information. The activity, which has been active since January 2022, entails distributing rogue VPN apps...