Janet Jackson’s ‘Rhythm Nation’ Can Crash Old Hard Drives

Plus: The Twilio hack snags a reporter, a new tool to check for spyware, and the Canadian weed pipeline gets hit by a cyberattack...

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "highly persistent threat actor" whose objectives align closely with Russian state interests. The company is tracking the espionage-oriented activity cluster under its chemical element-themed moniker...

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users. "For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned...

Disrupting SEABORGIUM’s ongoing phishing operations

The Microsoft Threat Intelligence Center MSTIC has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state...

Black Hat and DEF CON Roundup

There was nothing typical this year at BSides LV, Black Hat USA and DEF CON – also known collectively as Hacker Summer Camp. The weeklong collection of cybersecurity conferences featured an eclectic mix of attendees to learn, network, hack and have fun. The week even included a rare Las Vegas fla...

What the Zola Hack Can Teach Us About Password Security

Password security is only as strong as the password itself. Unfortunately, we are often reminded of the danger of weak, reused, and compromised passwords with major cybersecurity breaches that start with stolen credentials. For example, in May 2022, the popular wedding planning site, Zola, was th...

KMSpico explained: No, KMS is not "kill Microsoft"

Thanks to Pieter Arntz and the Threat Intelligence Team who contributed to the research. A hack tool is a program that allows users to activate software even without a legitimate, purchased key. Hack tools are often used to root devices in order to among others remove barriers that stop users fro...

An Attack on Albanian Government Suggests New Iranian Aggression

A Tehran-linked hack of a NATO member marks a significant escalation against the backdrop of US-Iran nuclear talks...

8,000 Solana Wallets Drained Millions Worth of Crypto in Cyberattack

By Waqas An unknown hacker targeted the Solana ecosystem on Wednesday and drained approx. $5 million worth of SOL and… This is a post from HackRead.com Read the original post: 8,000 Solana Wallets Drained Millions Worth of Crypto in Cyberattack...

A week in security (July 25 – July 31)

Last week on Malwarebytes Labs: Update Google Chrome now! New version includes 11 important security patches Lightning Framework, modular Linux malware Malware spent months hoovering up credit card details from 300 US restaurants Lock down your Neopets account: Data breach being investigated Demo...

Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits

A cyber mercenary that "ostensibly sells general security and information analysis services to commercial customers" used several Windows and Adobe zero-day exploits in limited and highly-targeted attacks against European and Central American entities. The company, which Microsoft describes as a...

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...

Ducktail Malware Exploits LinkedIn to Hack Facebook Business Accounts

By Waqas Ducktail malware targets users and organizations on Facebook Business and Ads platform in this financially motivated malicious new… This is a post from HackRead.com Read the original post: Ducktail Malware Exploits LinkedIn to Hack Facebook Business Accounts...

Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India

By Deeba Ahmed Currently, over 30 sites have been marked as malicious by Googles Safe Browsing feature. Google TAG Threat Analysis… This is a post from HackRead.com Read the original post: Google cracks down on sites with ties to hack-for-hire groups in UAE, Russia, India...

Google Blocks Dozens of Malicious Domains Operated by Hack-for-Hire Groups

Google's Threat Analysis Group TAG on Thursday disclosed it had acted to block as many as 36 malicious domains operated by hack-for-hire groups from India, Russia, and the U.A.E. In a manner analogous to the surveillanceware ecosystem, hack-for-hire firms equip their clients with capabilities to...

MAL-2022-3132 Malicious code in free-fire-diamonsd-hakc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57f9f661cd7ffd4e4267786e0d00ea2da4b3be497a524769515cf785216f4d61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3133 Malicious code in free-fire-diamonsd-hakc-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e8b0f26a0fe826ca7436e2013ae339298577c224928be39024b08088d5bea9aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3128 Malicious code in free-cashapp-money-hakc-akp-donwload-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4dcdc4bce10b5f6e8373ccc05a861fd868068c54eb502e95f7c7681139221880 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3129 Malicious code in free-cashapp-money-hakc-apk-donwload-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e882b594c41385c88a7c2afbfba23801a539bd8123c9123f0e3ed68681c53b87 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1841 Malicious code in cashapp-referral-code-hakc-2022 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1aabf0eb5dcedf4bd0f44edeea90c89694e5e579cce534cdee53358059d1547b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...