Facebook Sues Israeli NSO Spyware Firm For Hacking WhatsApp Users

Finally, for the very first time, an encrypted messaging service provider is taking legal action against a private entity that has carried out malicious attacks against its users. Facebook filed a lawsuit against Israeli mobile surveillance firm NSO Group on Tuesday, alleging that the company was...

Fancy Bear Targets Sporting, Anti-Doping Orgs As 2020 Olympics Loom

At least 16 anti-doping authorities and sporting organizations around the world have been hit by cyberattacks as the world begins to gear up for the Tokyo Summer Olympic Games, which kick off July 2020. The attacks, which began Sept. 16, have been linked to infamous Russian threat group Fancy Bea...

Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics

As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers. Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group o...

Pwn2Own Expands Into Industrial Control Systems Hacking

Industrial control systems ICS used to manage critical infrastructure and manufacturing will be the main target in next year’s popular Pwn2Own’s annual hacking competition. Over the past few years, Pwn2Own – a hacking contest that draws in white-hat hackers looking for fame and fortune through...

Raccoon Malware Scavenges 100,000+ Devices to Steal Data

A new information stealer, dubbed Raccoon, is rapidly gaining popularity with cybercriminals. In just a few months, researchers say the malware has already infected hundreds of thousands of devices across the world to rove through victims’ credit card data, email credentials and more. The malware...

FTC Cracks Down on Stalkerware With Retina-X App Bans

UPDATE The Federal Trade Commission FTC has barred the sale of three “stalking apps” until their developer can prove they are used legally. The case is the first crackdown by the FTC on “stalkerware,” which is software that can be installed on devices to track their owners’ location, activity and...

Instagram clamps down on fake messages with anti-phishing tool

Instagram accounts will always be a popular target for scammers. You might not think it’s a big deal if someone has their account swiped, but it’s often the vanguard of many online businesses. A takeover, or a deletion, can be absolutely devastating. Smart hacking crews are always in the...

SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks

Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS. If you are unaware, the name "SimJacker" has...

Details on Uzbekistan Government Malware: SandCat

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers. The group's lax operational security includes using the name of a military group with ties to the SSS to register a domain used in its attack infrastructure; installing Kaspersky...

A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments

Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems. Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has...

Former Yahoo Employee Admits Hacking into 6000 Accounts for Sexual Content

An ex-Yahoo! employee has pleaded guilty to misusing his access at the company to hack into the accounts of nearly 6,000 Yahoo users in search of private and personal records, primarily sexually explicit images and videos. According to an press note released by the U.S. Justice Department, Reyes...

Pay What You Wish — 9 Hacking Certification Training Courses in 1 Bundle

The greatest threat facing most nations is no longer a standing army. It's a hacker with a computer who can launch a crippling cyber attack from thousands of miles away—potentially taking down everything from server farms to entire power grids with a few lines of code. So it should come as no...

On Chinese "Spy Trains"

The trade war with China has reached a new industry: subway cars. Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. Part of the reasoning behind this legislation is...

[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly

An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned. One of the reasons why the vulnerability should b...

Zebrocy Retools for New Political Attacks

The APT known as the Sednit threat group also known as Sofacy, APT28 and Fancy Bear has kicked off a fresh spearphishing campaign, that was spotted targeting government entities with the Zebrocy backdoor. The malware features a rewritten and newly-improved backdoor and downloader, indicating an...

1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp

A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the...

Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples

Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace,...

A week in security (September 16 -22)

Last week on Labs, we sounded the alarm about the relaunch of Emotet, one of the year's most dangerous forms of malware, with a new spam campaign. We also reported on how international students in UK are targeted by visa scammers, what CEOs think about a potential US data privacy law, and...

These Hacks Require Literally Sneaking in the Backdoor

After slipping past security, picking a backdoor lock and gaining access to a company’s inner sanctum, a skilled hacker can cause mayhem. They can plant malware on a network, grab physical files and walk out the front door with a donut pilfered from the employee break room. Meet the world of a...

US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks

The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups for conducting several destructive cyberattacks on US critical infrastructure. Besides this, the hacking groups have also been accused of stealing possibly hundreds of...