Facebook Tracks APT32 OceanLotus Hackers to IT Company in Vietnam

Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware. Tracked as APT32 or Bismuth, OceanLotus, and Cobalt Kitt...

DarkSide - Tool Information Gathering And Social Engineering

Features: Hacker Dashboard Hacker News thehackernews.com/ New Exploits Exploit-db.com Hacking Tutorials Video youtube.com The Latest Prices OF Digital Currencies Rials , Usd Information Gathering Bypass Cloud Flare Cms Detect Trace Toute Reverse IP Port Scan IP location Finder Show HTTP Header Fi...

FireEye Hacked

FireEye was hacked by -- they believe -- "a nation with top-tier offensive capabilities": During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security. These tools mimic the behavior of many...

Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen

FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. The company said it's...

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, leaving millions of home and business networks open to cyberattacks—even if they are secured with a strong password. Discovered by researchers at Digital Defense, the three securi...

OGUsers hacking forum hacked; user database compromised

By Sudais Asif OGUsers hacking forum was hacked twice in past as well. Here's what happened back then and what happened this time. This is a post from HackRead.com Read the original post: OGUsers hacking forum hacked; user database compromised...

Karkinos - Penetration Testing And Hacking CTF's Swiss Army Knife With: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of hosting...

High-Severity Chrome Bugs Allow Browser Hacks

Google has updated its Chrome web browser, fixing four bugs with a severity rating of “high” and eight overall. Three are use-after-free flaws, which could allow an adversary to generate an error in the browser’s memory, opening the door to a browser hack and host computer compromise. On Friday,...

Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking

A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit,...

Several Unpatched Popular Android Apps Put Millions of Users at Risk of Hacking

A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit,...

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether its any safer months after its first vulnerability was reported. We talked about how Apples security is hampering the detection of potentially unwante...

Become a White Hat Hacker — Get 10 Top-Rated Courses at 97% OFF

Many of us here would love to turn hacking into a full-time career. To make that dream come true, you need to master your subject and earn some key certifications. To speed up this process, you might want to take a little guidance from the experts. Featuring 98 hours of content from top...

Robotic vacuum cleaners could be hacked to spy on you

By Sudais Asif According to researchers, robotic vacuum cleaners can be hacked to spy on users by recording both conversations and music. This is a post from HackRead.com Read the original post: Robotic vacuum cleaners could be hacked to spy on you...

More on the Security of the 2020 US Election

Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that while the election seems to have been both secure and accurate voter suppression notwithstanding, we still need to work to secure our...

WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages

GO SMS Pro, a popular messaging app for Android with over 100 million installs, has been found to have an unpatched security flaw that publicly exposes media transferred between users, including private voice messages, photos, and videos. "This means any sensitive media shared between users of th...

Windows 10, iOS, Chrome, Firefox and Others Hacked at Tianfu Cup Competition

Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have bee...

Feds Seize $1B in Bitcoin from Silk Road

The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. The federal coffers are now $1 billion richer. Silk Road was known for the place to go to broker illegal drugs, murder-for-hire, child pornography and malware – such as passwo...

Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope

More than half of cybersecurity professionals in a recent survey — 57 percent — reported that the cybersecurity skills shortage is either “bad” or “very bad” at their companies. That’s according to a recent survey and whitepaper published by Trustwave, which also outlined a prescription for...

A week in security (October 26 – November 1)

We had a very busy week at Malwarebytes Labs. We offered advice on Googles patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash...

Monitorr 1.7.6m Remote Code Execution

!/usr/bin/python -- coding: UTF-8 -- Exploit Title: Monitorr 1.7.6m - Remote Code Execution Unauthenticated Date: September 12, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description:...