U.S. Warns Against North Korean Hackers Posing as IT Freelancers

Highly skilled software and mobile app developers from the Democratic People's Republic of Korea DPRK are posing as "non-DPRK nationals" in hopes of landing freelance employment in an attempt to enable the regime's malicious cyber intrusions. That's according to a joint advisory from the U.S...

Hospital Management System SQL注入漏洞

Hospital Management System is a hospital management system. A SQL injection vulnerability exists in Hospital Management System v1.0, which includes modules for patient information management, appointment services, and financial management. The vulnerability is related to the lack of validation of...

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub revealed details tied to last week’s incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. “We do not believe the attacker obtained these tokens via a compromise of GitHub or its systems because the tokens in question are not stored by GitHub in thei...

Slackware: Security Advisory (SSA:2020-009-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2022-1452)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to recover files encrypted by Yanluowang

Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident on a large corporate network. Kaspersky experts have found a vulnerability in the Yanluowang encryption algorithm and created a free decryptor to help victims of this...

Why the Mitre Engenuity ATT&CK Evaluations Matter

This year’s MITRE Engenuity™ ATT&CK Evaluation simulates techniques associated with notorious threat groups Wizard Spider and Sandworm to test solutions' ability to detect and stop APT and Targeted Attacks...

Elon Musk warns of possible targeted attacks on Starlink in Ukraine

By Deeba Ahmed As per a tweet posted by Elon Musk, theres a high probability of the Starlink satellite internet service… This is a post from HackRead.com Read the original post: Elon Musk warns of possible targeted attacks on Starlink in Ukraine...

Hackers Planted Fake Digital Evidence on Devices of Indian Activists and Lawyers

A previously unknown hacking group has been linked to targeted attacks against human rights activists, human rights defenders, academics, and lawyers across India in an attempt to plant "incriminating digital evidence." Cybersecurity firm SentinelOne attributed the intrusions to a group it tracks...

Mageia: Security Advisory (MGASA-2020-0009)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0120)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group APT41. Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the...

CVE-2019-11707

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 60.7.1, Firefox 67.0.3, and Thunderbird 60.7.2...

IT threat evolution Q3 2021

IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile statistics Targeted attacks WildPressure targets macOS Last March, we reported a WildPressure campaign targeting industrial-related entities in the Middle East. While tracking this...

APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users

A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar. The new variants have "incorporated ne...

High-Severity Intel Processor Bug Exposes Encryption Keys

A security vulnerability in Intel chips opens the door for encrypted file access and espionage, plus the ability to bypass copyright protection for digital content. That’s according to Positive Technologies PT, which found that the vulnerability CVE-2021-0146 is a debugging functionality with...

HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks

HTML smuggling, a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript features, is increasingly used in email campaigns that deploy banking malware, remote access Trojans RATs, and other payloads related to targeted attacks. Notably, this technique was observe...

Iran's Lyceum Hackers Target Telecoms, ISPs in Israel, Saudi Arabia, and Africa

A state-sponsored threat actor allegedly affiliated with Iran has been linked to a series of targeted attacks aimed at internet service providers ISPs and telecommunication operators in Israel, Morocco, Tunisia, and Saudi Arabia, as well as a ministry of foreign affairs MFA in Africa, new finding...

Security Researchers Reveal Activity Targeting ManageEngine ADSelfService Plus

On September 16, CISA released a joint alert on exploitation of a vulnerability CVE-2021-40539 in ManageEngine ADSelfService Plus. On November 8, security researchers from Palo Alto Networks and Microsoft Threat Intelligence Center MSTIC released separate reports on targeted attacks against...

Bopscrk - Tool To Generate Smart And Powerful Wordlists

bopscrk B efore O utset P aS sword CR acK ing is a tool to generate smart and powerful wordlists for targeted attacks. Included in BlackArch Linux pentesting distribution and Rawsec'sCybersecurity Inventory since August 2019. Targeted-attack wordlist creator : introduce personal info related to...