30,000 private Facebook images allegedly downloaded by Meta employee

Every tech company tells you your data is safe. They've hopefully got encryption, access controls, and zero-trust architectures—the whole glossy security brochure. And then someone on the inside writes a script to steal your private photos anyway. That's what a former Meta employee based in Londo...

WarLock Ransomware group Claims Breach at Colt Telecom and Hitachi

WarLock ransomware claims breach at Colt and Hitachi, with Colt investigating and working to restore systems while experts…...

Unmasking Phishing: Strategies for identifying 0ktapus domains and beyond

Wiz Research looks at phishing tactics, along with how to trace and investigate these campaigns...

Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached

By Deeba Ahmed While Fujitsu did not disclose in-depth details, the company confirmed investigating a cyberattack that may have led to a data breach. This is a post from HackRead.com Read the original post: Fujitsu Scrambles After Malware Attack: Customer Data Potentially Breached...

British Cosmetics Retailer Lush Investigating Cyber Attack

By Waqas From Bubbles to Bytes: Lush investigates 'cyber incident' without giving any substantial information to customers. This is a post from HackRead.com Read the original post: British Cosmetics Retailer Lush Investigating Cyber Attack...

New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand

A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021. Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal...

Investigating BlackSuit Ransomware’s Similarities to Royal

In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware...

Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

May 9, 2023 update: Releases for Microsoft Products has been updated with the release of CVE-2023-29324 - Security Update Guide - Microsoft - Windows MSHTML Platform Security Feature Bypass Vulnerability March 24, 2023 update: Impact Assessment has been updated to a link to Guidance for...

FBI Hack – Agency Investigating Internal Network Breach

By Habiba Rashid The Federal Bureau of Investigation FBI is investigating an internal network breach caused by an isolated incident, which the agency claims is now contained. This is a post from HackRead.com Read the original post: FBI Hack - Agency Investigating Internal Network Breach...

[SECURITY] Fedora 36 Update: onionscan-0.2-6.fc36

OnionScan is a free and open source tool for investigating the Dark Web...

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their...

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covered the evolution of the threat, how it spreads, and how it impacts organizations. Part 2 provides a deep dive on the attacker...

Pre-Installed Malware Dropper Found On German Gigaset Android Phones

In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app. "The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui,...

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update system...

Contact Form Submissions <= 1.6.4 - Authenticated SQL Injection

The wpcf7contactform GET parameter is vulnerable to SQL injection when submitting a filter request as a high privilege user admin+ Edit WPScanTeam September 28th, 2020 - Escalated to WP & WP Investigating October 26th, 2020 - Received another submission related a SQL injection in the same paramet...

Microsoft investigating Windows XP, Server 2003 source code leak

By Waqas Microsoft Windows XP may be old but still powers roughly 1% of all desktop and laptop computers worldwide. This is a post from HackRead.com Read the original post: Microsoft investigating Windows XP, Server 2003 source code leak...

Testimonial Rotator < 3.0.3 - Authenticated Stored Cross-Site Scripting (XSS)

A Stored XSS vulnerability has been found in the 'Author Information' textarea in testimonials from the plugin, which could allow an authenticated medium-privileged user contributor+ to inject arbitrary JavaScript. The XSS will be triggered for anyone visiting public posts or testimonial page...

Ultimate Membership Pro < 8.6.1 - Multiple Critical Vulnerabilities

Multiple Critical Vulnerabilities found in Ultimate Membership Pro could leads to Authenticated using a low privilege account, such as subscriber Remote Code Execution on default Installation, as well as PII disclosure such as emails, IP addresses, hashed passwords, usernames, User-Agent and so o...

Introducing Guardicore Cyber Threat Intelligence

Introducing Cyber Threat Intelligence CTI, a freely available resource to assist in identifying and investigating malicious IP addresses and domains...

Cybersecurity Teardown: Using Hash Values

Welcome to the final installment of Hash Values in our greater Cybersecurity Teardown series. In today's post, we'll cover the 'How' of hash values - which includes: Traiging alerts for deeper research Investigating an issue for malicious activity Reassembling our previous examples within a CB...