1056 matches found
Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort
In what's a case of hacking the hackers, the darknet infrastructure associated with the Hive ransomware-as-a-service RaaS operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of...
Friday Squid Blogging: Grounded Fishing Boat Carrying 16,000 Pounds of Squid
Rough seas are hampering efforts to salvage the boat: The Speranza Marie, carrying 16,000 pounds of squid and some 1,000 gallons of diesel fuel, hit the shoreline near Chinese Harbor at about 2 a.m. on Dec. 15. Six crew members were on board, and all were rescued without injury by another fishing...
Top Zeus Botnet Suspect “Tank” Arrested in Geneva
Vyacheslav "Tank" Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources. Wanted Ukrainian...
Brazilian Police Arrest Suspected Member of Lapsus$ Hacking Group
The Federal Police of Brazil on Wednesday announced it had arrested an individual for purported links to the notorious LAPSUS$ extortionist gang. The arrest was made as part of a new law enforcement effort, dubbed Operation Dark Cloud, that was launched in August 2022, the agency noted. Not much ...
Rockstar Games: Modifying Sprunk vs eCola crew data
In this report, the researcher demonstrated an Insecure Direct Object Reference vulnerability that was exploitable in certain Rockstar Official Crews on the Social Club website. Rockstar Official Crews, unlike user-made Crews, use a flat hierarchy where all members are set to the same effective...
Google Created 'Open Source Maintenance Crew' to Help Secure Critical Projects
Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine...
New Backdoor Targets French Entities via Open-Source Package Installer
Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attribute...
WordPress WooCommerce Role Based Pricing by Meow Crew plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce Role Based Pricing by Meow Crew plugin versions = 1.0.1. Solution Update the WordPress WooCommerce Role Based Pricing by Meow Crew plugin to the latest available version at least 1.0.2...
WordPress WooCommerce Role Based Pricing by Meow Crew plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Role Based Pricing by Meow Crew plugin versions = 1.0.1. Solution Update the WordPress WooCommerce Role Based Pricing by Meow Crew plugin to the latest available version at least 1.0.2...
Why hackers don’t fly coach
Physical security is relied on too heavily for cabin-based systems on the Airline Information Services Domain AISD. Whilst the Aircraft Control Domain ACD is separated, there are still plenty of interesting information, data and systems that are accessible from the cabin, for those who are prepar...
2034, Part III: One Left to Tell the Tale
“When the planes didn't attack, a silence fell over the crew. Why didn't they finish the job?”...
Interpol Arrests 3 Nigerian BEC Scammers For Targeting Over 500,000 Entities
Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise BEC scams have been arrested in the city of Lagos, Interpol reported yesterday. The investigation, dubbed...
DEF CON 28: 747 Walkthrough from a Hacker’s Perspective
This post is a companion to the DEF CON 28 video available here Airframe tour Alex: Welcome to this virtual 747-400 walkthrough. One of the advantages of DEF CON Safe Mode this year is that we’re able to bring you things like this. Nothing beats being able to climb onboard and poke around a real...
Authorities bust hacker group planning to hit hospitals with ransomware
By Deeba Ahmed PentaGuard Hackers Crew was operating from Romania. This is a post from HackRead.com Read the original post: Authorities bust hacker group planning to hit hospitals with ransomware...
An Unfixable Flaw Threatens 5 Years of Intel Chips
Plus: A J. Crew breach, CIA hacking, and more of the week's top security news...
Mapping the Attack Surface of an Airport
Aviation security is a complex environment. What first sparked my interest in avionics security was a comment from an airport customer of ours. They had seen the media coverage of the DHS work against a Boeing 757 a few years ago and were concerned that an ‘infected’ airplane might create a fresh...
MailCarrier 2.51 - RCPT TO Buffer Overflow
MailCarrier 2.51 - RCPT TO Buffer Overflow !/usr/bin/python Exploit Title: MailCarrier 2.51 'RCPT TO' - Buffer Overflow Remote Date: 12/04/2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Software Link: N.A Contact:...
FTPShell Server 6.83 - Account name to ban Local Buffer
FTPShell Server 6.83 - Account name to ban Local Buffer !/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Account name to ban' Buffer Overflow Date: 09-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link :...
Hacking Superyachts. Advice for captains
I’ve blogged already about how superyachts are the homes, the offices, the play areas for their owners. However, they are also the charge of the captains and homes of the crew, most owners simply see themselves as guests on the captain’s yacht, so what do you the captain and crew need to think...
New APT Could Signal Reemergence of Notorious Comment Crew
A recently observed APT campaign, dubbed Operation Oceansalt, could herald the return of the infamous China-linked hacking group known as Comment Crew or APT1. Attacks are cunning and are defined by their their deep targeting and use of an innovative multi-wave attack methodology. Operation...