Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups

An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée. The newest of the thr...

mongolchamber.mn Cross Site Scripting vulnerability OBB-3239867

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023, that the hacking forum has been officially taken down but emphasized that "it's not the end." "You are allowed to hate me, and disagree with my decision but I promise what is to...

HookSpoofer A Novel Infostealer with Advanced Capabilities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary North Korea-linked hacking group Reaper has recently been observed engaging in surveillance of North Korean defectors. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

Reaper, North Korean hacking group, targets defectors

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary North Korea-linked hacking group Reaper has recently been observed engaging in surveillance of North Korean defectors. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

Kali Linux 2023.1 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2023.1. This release has various impressive updates. he changelog summary since the 2022.4 release from December: Kali Purple - The dawn of a new era. Kali is not only Offense, but starting to be defense Python Changes - Python 3.11 & PIP changes...

Two US Citizens Charged for Hacking into DEA Portal in 2022

By Deeba Ahmed Both suspects, Sagar Steven Singh and Nicholas Ceraolo, were reportedly members of a notorious cybercrime group, ViLE. Two… This is a post from HackRead.com Read the original post: Two US Citizens Charged for Hacking into DEA Portal in 2022...

This Is the New Leader of Russia's Infamous Sandworm Hacking Unit

Evgenii Serebriakov now runs the most aggressive hacking team of Russia’s GRU military spy agency. To Western intelligence, he’s a familiar face...

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency DEA online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised...

Hiatus Hacking Campaign Targets DrayTek Vigor Routers to Steal Data

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A malware campaign called "Hiatus" that targets business-grade routers, specifically DrayTek Vigor models 2960 and 3900 running an i386 architecture. The campaign...

China Is Relentlessly Hacking Its Neighbors

New details reveal that Beijing-backed hackers targeted the Association of Southeast Asian Nations, adding to a string of attacks in the region...

Ethical hacker among 3 arrested for blackmail and ransomware attacks

By Waqas The suspects are allegedly involved in hacking, issuing threats, stealing data, laundering money, and extorting This is a post from HackRead.com Read the original post: Ethical hacker among 3 arrested for blackmail and ransomware attacks...

Security News This Week: Sensitive US Military Emails Exposed

Plus: Iran’s secret torture black sites, hacking a bank account with AI-generated voice, and Lance Bass’ unhinged encounter in Russia...

New Hacking Cluster 'Clasiopa' Targeting Materials Research Organizations in Asia

Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools. Symantec, by Broadcom Software, is tracking the cluster under the moniker Clasiopa. The origins of the hacking group and its affiliations are currently unknown, but ther...

Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data

A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete...

The Impact of Artificial Intelligence on Cybersecurity

Abstract: Artificial Intelligence AI has been a game-changer in many industries, and cybersecurity is no exception. AI has revolutionized the way organizations approach security, providing new and innovative solutions for detecting and mitigating cyber threats. However, with its increasing use, i...

Defending against AI Lobbyists

When is it time to start worrying about artificial intelligence interfering in our democracy? Maybe when an AI writes a letter to The New York Times opposing the regulation of its own technology. That happened last month. And because the letter was responding to an essay we wrote, were starting t...

Revealing the Tonto Team’s Latest Hacks and Menaces

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Tonto Team, a Chinese hacking group, has been linked to attacks on various Asian and Eastern European organizations. In June 2022, an advanced persistent threat APT attempted to hack a cybersecurity...

Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad

Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America. The tech giant's Security Intelligence team is tracking the cluster under the emerging moniker DEV-0147, describing the activity as an "expansion of the group's...

Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails

The advanced persistent threat APT actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It's als...