Pegasus spyware found on UK government office phone

“When we found the No. 10 case, my jaw dropped." John Scott-Railton recalled after finding out on July 7, 2020 that Pegasus, the highly sophisticated flagship spyware of Israels NSO Group, was used to infect a phone linked to the network at 10 Downing Street, the UK Prime Ministers home and offic...

Keeping A Critical Eye on IoT Devices

Keeping a Critical Eye on IoT Devices By Sam Quinn · April 21, 2022 Trellix Labs is excited to announce the beginning of a new video series which captures one of our senior vulnerability researchers work on hacking an IoT device from beginning to end. This will conclude with the releasing of a ne...

FBI, Europol Seize RaidForums Hacker Forum and Arrest Admin

An international law enforcement operation raided and took down RaidForums, one of the world's largest hacking forums notorious for selling access to hacked personal information belonging to users. Dubbed Tourniquet, the seizure of the cybercrime website involved authorities from the U.S., U.K.,...

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

The US Department of Justice DoJ and Microsoft have taken the sting out of two operations believed to be controlled by the Russian Federation’s Main Intelligence Directorate GRU. On Wednesday, the DOJ announced that it had disrupted GRU’s control over thousands of internet-connected firewall...

WatchGuard Didn't Explicitly Disclose a Flaw Exploited by Hackers

The security vendor kept a critical vulnerability in its firewall appliances quiet even as it was under attack from a Russian hacking group...

Ukrainian FIN7 Hacker Gets 5-Year Sentence in the United States

A 32-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for the individual's criminal work as a "high-level hacker" in the financially motivated group FIN7. Denys Iarmak, who worked as a penetration tester for the cartel from November 2016 through November 2018, ha...

BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums

By Deeba Ahmed Zscaler ThreatLabz researchers have discovered sophisticated new info stealing malware available as malware-as-a-service on Russian hacking forums. In… This is a post from HackRead.com Read the original post: BlackGuard Password Stealing Malware Being Sold on Russian Hacking Forums...

Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware

At least three different advanced persistent threat APT groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and...

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. "BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP...

Improve Your Hacking Skills with 9 Python Courses for Just $39

For anyone with interest in cybersecurity, learning Python is a must. The language is used extensively in white hat hacking, and professionals use Python scripts to automate tests. It also has a use in the "soft" side of cybersecurity — like scraping the web for compromised data and detecting bug...

IT Firm Globant Confirms Breach after LAPSUS$ Leaks 70GB of Data

The LAPSUS$ data extortion gang announced their return on Telegram after a week-long "vacation," leaking what they claim is data from software services company Globant. "We are officially back from a vacation," the group wrote on their Telegram channel – which has nearly around 54,000 members as ...

Hacking Ham Radio: WinAPRS – Part 1

Hackers have been breaching computer system defenses for more than half a century, and the networks they use to exploit those weaknesses have been around for far longer than that. With the internet replacing most wirelines and wavelengths, and with the rise of cybercrime sophistication from petty...

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials

A threat actor of likely Pakistani origin has been attributed to yet another campaign designed to backdoor targets of interest with a Windows-based remote access trojan named CrimsonRAT since at least June 2021. "Transparent Tribe has been a highly active APT group in the Indian subcontinent,"...

Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion

A Chinese-speaking threat actor called Scarab has been linked to a custom backdoor dubbed HeaderTip as part of a campaign targeting Ukraine since Russia embarked on an invasion last month, making it the second China-based hacking group after Mustang Panda to capitalize on the conflict. "The...

100s of Russian Building Controllers Can be Remotely Hacked

By Deeba Ahmed Researcher Jose Bertin has identified critical security vulnerabilities in a building controller made by Russian firm Tekon Avtomatika… This is a post from HackRead.com Read the original post: 100s of Russian Building Controllers Can be Remotely Hacked...

UK Cops Collar 7 Suspected Lapsus$ Gang Members

City of London Police have arrested seven people suspected of being connected to the Lapsus$ gang. The bust came within hours of Bloomberg having published a report about a teenage boy living at his mother’s house near Oxford, England who’s suspected of being the Lapsus$ mastermind. The police...

New Backdoor Targets French Entities via Open-Source Package Installer

Researchers have exposed a new targeted email campaign aimed at French entities in the construction, real estate, and government sectors that leverages the Chocolatey Windows package manager to deliver a backdoor called Serpent on compromised systems. Enterprise security firm Proofpoint attribute...

The Lapsus$ Hacking Group Is Off to a Chaotic Start

Telegram polls. Unusual demands. The latest extortion gang is on an unorthodox rampage...

Lnkbomb - Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares

Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester's machine running Responder or smbserver to gather NTLMv1 or...

Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords

French video game company Ubisoft on Friday confirmed it was a victim of a "cyber security incident," causing temporary disruptions to its games, systems, and services. The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wid...