19 matches found
Pegasus spyware creator ordered to reveal code used to spy on WhatsApp users
A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. Meta-owned WhatsApp has been fighting NSO in court since 2019, after Pegasus was allegedly used against 1,400 WhatsApp users over th...
Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense
Overview Electronic Deliverables Creation Support Tool provided by Ministry of Defense improperly restricts XML external entity references XXE CWE-611. Toyama Taku of NEC Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
JVN#40049211: Improper restriction of XML external entity references (XXE) in Electronic Deliverables Creation Support Tool provided by Ministry of Defense
Electronic Deliverables Creation Support Tool provided by Ministry of Defense improperly restricts XML external entity references XXE CWE-611. Impact Processing a specially crafted XML file may lead to exposure of internal files on the system. Solution Update the Software Update the software to t...
Ministry of Defense Electronic Deliverables Creation Support Tool Security Breach
Ministry of Defense Electronic Deliverables Creation Support Tool is an electronic deliverables creation support tool from Ministry of Defense, Japan. A security vulnerability exists in Ministry of Defense Electronic Deliverables Creation Support Tool Construction Edition version 1.0.4, Electroni...
Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware
The Computer Emergency Response Team of Ukraine CERT-UA this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed...
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti
Yanluowang Ransomware Leaks Analysis: Organization, Collaboration with HelloKitty, Babuk and Conti By Jambul Tologonov· November 22, 2022 Introduction On October 31, 2022, Yanluowang’s TOR site was hacked displaying a message “check and mate!! Yanluowang Matrix chat hacked @yanluowangleaks Time’s...
DDoS attacks in Q1 2022
News overview The DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of...
Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks
Ghostwriter – a threat actor previously linked with the Belarusian Ministry of Defense – has glommed onto the recently disclosed, nearly invisible “Browser-in-the-Browser” BitB credential-phishing technique in order to continue its ongoing exploitation of the war in Ukraine. In a Wednesday post,...
Official website of Russian Parliament, MoD and Kremlin go offline
By Waqas The Kremlin domain is the official website of President Vladimir Putin which according to NetBlocks is among the… This is a post from HackRead.com Read the original post: Official website of Russian Parliament, MoD and Kremlin go offline...
Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries
Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms operating in the nation are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reporte...
Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries
Overview Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated wit...
JVN#41185163: Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries
Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact This vulnerability can be exploited when the following condition is met. If this vulnerabilit...
CVE-2017-0199 Used as Zero Day to Distribute FINSPY Espionage Malware and LATENTBOT Cyber Crime Malware
FireEye recently identified a vulnerability – CVE-2017-0199 – that allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a Microsoft Office RTF document containing an embedded exploit. We worked with Microsoft and published the...
Update: Hacking Group TeaMp0isoN Claims Breach of T-Mobile
The hacking group TeaMp0isoN claims to have compromised Web servers used by T-Mobile, and absconded with account information for company employees, including members of T-Mobile’s media team. The group used a post on its official Twitter account taking responsibility for the attack, which targete...
CapitalOne Bank taken down by Anonymous hackers
CapitalOne Bank taken down by Anonymous hackers Anonymous Hackers claim to taken down the official website of CapitalOne Bank. Currently Site is showing message on Homepage that "Site under maintenance". In a pastebin release Anonymous Hacker wrote "ya know.. every guy Fawkes day companies go hir...
Syrian Hackers Deface AnonPlus - Anonymous Social Network
Syrian Hackers Deface AnonPlus - Anonymous Social Network After the hacking gang Anonymous took credit for defacing Syria's Ministry of Defense website, a Syrian group retaliated on Monday by posting gruesome photos on Anonymous embryonic social network. The defacement of AnonPlus...
Youth Peer Education Network (YPEER) Of Syria Defaced by Cocain TeaM
Youth Peer Education Network Of Syria Defaced by Cocain TeaM Hacker from Cocain Underground Team today deface the website of Youth Peer Education Network Of Syria . The Youth Peer Education Network YPEER, is a groundbreaking and comprehensive youth-to-youth initiative pioneered by UNFPA.Y-PEER...
Syrian Ministry of Defense hacked by Anonymous Hackers
Syrian Ministry of Defense hacked by Anonymous Hackers The official website of Syrian Ministry of Defense has been hacked by Anonymous Hackers and defaced. The Anonymous Logo and a note can be seen on homepage. The Original words of Note is : To the Syrian people: The world stands with you agains...
Syrian Ministry of Defense hacked by Anonymous Hackers
Syrian Ministry of Defense hacked by Anonymous Hackers The official website of Syrian Ministry of Defense has been hacked by Anonymous Hackers and defaced. The Anonymous Logo and a note can be seen on homepage. The Original words of Note is : To the Syrian people: The world stands with you agains...