New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure...

New Malware Families Found Targeting VMware ESXi Hypervisors

Threat actors have been found deploying never-before-seen post-compromise implants in VMware's virtualization software to seize control of infected systems and evade detection. Google's Mandiant threat intelligence division referred to it as a "novel malware ecosystem" that impacts VMware ESXi,...

Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild

A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun to actively exploit one of the critical flaws in the wild. Tracked as CVE-2022-22954, the security shortcoming relates to a remote code execution vulnerability...

Critical LFI Vulnerability Reported in Hashnode Blogging Platform

Researchers have disclosed a previously undocumented local file inclusion LFI vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server's IP address, and other network information. "The LFI originates in a Bulk Markdo...

Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability

Apple on Monday released a security update for iOS and iPad to address a critical vulnerability that it says is being exploited in the wild, making it the 17th zero-day flaw the company has addressed in its products since the start of the year. The weakness, assigned the identifier CVE-2021-30883...

Chinese APT Group Targets Media, Finance, and Electronics Sectors

Cybersecurity researchers on Tuesday uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S., and China. Linking the attacks to Palmerworm aka BlackTech — likely a China-based advanced persistent threat APT —...

Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers

As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless...

Deal: Cloud And Networking Certification Training ~ Get 97% OFF

Cloud computing and networking are two of the most significant areas of growth in the IT business. Companies need engineers who can maintain distributed software and keep the company connected. If you want to work in either niche, the Essential Cloud & Networking Certification Training Bundle...

Two Former Twitter Employees Caught Spying On Users For Saudi Arabia

Two former employees of Twitter have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government, likely with the purpose of unmasking the identity of dissidents. According to an indictment filed on November 5 and unsealed just yesterday, one of the...

Two Hackers Who Extorted Money From Uber and LinkedIn Plead Guilty

Two grey hat hackers have pleaded guilty to blackmailing Uber, LinkedIn, and other U.S. corporations for money in exchange for promises to delete data of millions of customers they had stolen in late 2016. In a San Jose courthouse in California on Wednesday, Brandon Charles Glover 26 of Florida a...

Over 1,300 Android Apps Caught Collecting Data Even If You Deny Permissions

Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices. The security model of modern mobile operating systems, like Android and iOS, is primarily based on permissions that explicitly define which sensiti...

Cynet Launches Free Offering For Incident Response Service Providers

More and more, organizations take the route of outsourcing incident response to Managed Security Service Providers. This trend is distinct regardless of the organization's cyber maturity level and can be found across a wide range of cyber maturity, from small companies with no dedicated security...

U.S. Charges Chinese Hacker For 2015 Anthem Data Breach

The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies. Fujie Wang 王 福 杰 and another hacker named John Doe...

Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites

Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain,...

New Unpatched macOS Flaw Lets Apps Spy On Your Safari Browsing History

A new security vulnerability has been discovered in the latest version of Apple's macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app. Discovered by application developer Jeff Johnson on February 8, the...

Microsoft Says Russia Tried to Hack Three 2018 Midterm Election Candidates

Microsoft said it detected and helped the US government to block Russian hacking attempts against at least three congressional candidates this year, a Microsoft executive revealed speaking at the Aspen Security Forum today. Although the company refused to name the targets but said, the three...

Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

It's more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch. It was one of the biggest flaws in the Internet's history that...

Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail

A security researcher recently reported a critical vulnerability in one of the most popular open source PHP libraries used to send emails that allowed a remote attacker to execute arbitrary code in the context of the web server and compromise a web application. Disclosed by Polish security...

Mission '1 Billion' — Microsoft will Automatically Offer Windows 10 Upgrade

Microsoft wholeheartedly wants you to upgrade your PCs to Windows 10, so much so that the company plans to automatically download its new operating system to Windows 7/8 computers next year. Just two weeks ago, Microsoft accidentally pushed Windows 10 installation to Windows 7 and Windows 8/8.1...

Scientists have Increased Fiber Optic capacity Nearly 20 Times

There’s a lot of speculations and fears regarding the fiber optic network that delivers the Internet to your home and offices — What will happen when the fiber optic cables max out? Well, there is nothing to fear about it. Your Internet is Safe! Scientists at the University of California, San...

NSA denies Report that Agency knew and exploited Heartbleed Vulnerability

The Bloomberg claimed that the U.S. National Security Agency NSA knew about the most critical Heartbleed flaw and has been using it on a regular basis to gather “critical intelligence” and sensitive information for at least past two years and decided to keep the bug secret, citing two sources...

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 CVSS score: 6.6, is case of...

CL0P's Ransomware Rampage - Security Measures for 2024

2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 t...

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization SEV technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines VMs and even perform privilege escalation. The attack has been codenamed CacheWarp...

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

The Forum of Incident Response and Security Teams FIRST has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to provide the highest...

Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability

VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 CVSS score: 9.8, has been described as an out-of-bounds write vulnerability in the implementation of the DCE/R...

Asylum Ambuscade: A Cybercrime Group with Espionage Ambitions

The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020. "It is a crimeware group that targets bank customers and cryptocurrency traders in various regions, including North America and Europe," ESET said in an...

N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware

The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services IIS servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center ASEC, which detailed the advanced...

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider MSP located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the...

GuLoader Malware Utilizing New Techniques to Evade Security Software

Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. "New shellcode anti-analysis technique attempts to thwart researchers and hostile environments by scanning entire process memory for any virtua...

Telecom and BPO Companies Under Attack by SIM Swapping Hackers

A persistent intrusion campaign has set its eyes on telecommunications and business process outsourcing BPO companies at lease since June 2022. "The end objective of this campaign appears to be to gain access to mobile carrier networks and, as evidenced in two investigations, perform SIM swapping...

Cisco Business Routers Found Vulnerable to Critical Remote Hacking Flaws

Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution RCE or cause a denial-of-service DoS condition on affected devices. The most critical of the flaws impact Cisco Small...

FBI Shut Down Russia-linked "Cyclops Blink" Botnet That Infected Thousands of Devices

The U.S. Department of Justice DoJ announced that it neutralized Cyclops Blink, a modular botnet controlled by a threat actor known as Sandworm, which has been attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation GRU. "The operation...

Cisco Issues Patch for Critical Enterprise NFVIS Flaw — PoC Exploit Available

Cisco has patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software NFVIS that could be exploited by an attacker to take control of an affected system. Tracked as CVE-2021-34746, the weakness has been rated 9.8 out of a maximum of 1...

VMware Issues Patches to Fix Critical Bugs Affecting Multiple Products

VMware has released security updates for multiple products to address a critical vulnerability that could be exploited to gain access to confidential information. Tracked as CVE-2021-22002 CVSS score: 8.6 and CVE-2021-22003 CVSS score: 3.7, the flaws affect VMware Workspace One Access Access,...

Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files

While it's a norm for phishing campaigns that distribute weaponized Microsoft Office documents to prompt victims to enable macros in order to trigger the infection chain directly, new findings indicate attackers are using non-malicious documents to disable security warnings prior to executing mac...

Attention! FluBot Android Banking Malware Spreads Quickly Across Europe

Attention, Android users! A banking malware capable of stealing sensitive information is "spreading rapidly" across Europe, with the U.S. likely to be the next target. According to a new analysis by Proofpoint, the threat actors behind FluBot aka Cabassous have branched out beyond Spain to target...

Gigaset Android Update Server Hacked to Install Malware on Users' Devices

Gigaset has revealed a malware infection discovered in its Android devices was the result of a compromise of a server belonging to an external update service provider. Impacting older smartphone models — GS100, GS160, GS170, GS180, GS270 plus, and GS370 plus series — the malware took the form of...

PHP Site's User Database Was Hacked In Recent Source Code Backdoor Attack

The maintainers of the PHP programming language have issued an update regarding the security incident that came to light late last month, stating that the actors may have gotten hold of a user database containing their passwords to make unauthorized changes to the repository. "We no longer believ...

Google limits which apps can access the list of installed apps on your device

Apps on Android have been able to infer the presence of specific apps, or even collect the full list of installed apps on the device. What's more, an app can also set to be notified when a new app is installed. Apart from all the usual concerns about misuse of such a data grab, the information ca...

New Browser Attack Allows Tracking Users Online With JavaScript Disabled

Researchers have discovered a new side-channel that they say can be reliably exploited to leak information from web browsers that could then be leveraged to track users even when JavaScript is completely disabled. "This is a side-channel attack which doesn't require any JavaScript to run," the...

The Top Free Tools for Sysadmins in 2021

It's no secret that sysadmins have plenty on their plates. Managing, troubleshooting, and updating software or hardware is a tedious task. Additionally, admins must grapple with complex webs of permissions and security. This can quickly become overwhelming without the right tools. If you're a...

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...

Hackers Exploited Twitter Bug to Find Linked Phone Numbers of Users

Twitter today issued a warning revealing that attackers abused a legitimate functionality on its platform to unauthorizedly determine phone numbers associated with millions of its users' accounts. According to Twitter, the vulnerability resided in one of the APIs that has been designed to make it...

Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices

Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution...

WARNING — Malware Found in CamScanner Android App With 100+ Million Users

Beware! Attackers can remotely hijack your Android device and steal data stored on it, if you are using free version of CamScanner, a highly-popular Phone PDF creator app with more than 100 million downloads on Google Play Store. So, to be safe, just uninstall the CamScanner app from your Android...

Hostinger Suffers Data Breach – Resets Password For 14 Million Users

Popular web hosting provider Hostinger has been hit by a massive data breach, as a result of which the company has reset passwords for all customers as a precautionary measure. In a blog post published on Sunday, Hostinger revealed that "an unauthorized third party" breached one of its servers an...

'GozNym' Banking Malware Gang Dismantled by International Law Enforcement

In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe,...

WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum

WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London—that's almost seven years after he took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. According to a short note released by London's Metropolitan Police Service, Assange was...

Reminder—Third Party Gmail Apps Can Read Your Emails, "Allow" Carefully!

Reminder—If you've forgotten about any Google app after using it once a few years ago, be careful, it may still have access to your private emails. When it comes to privacy on social media, we usually point fingers at Facebook for enabling third-party app developers to access users personal...