Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit

Recently we reported about a critical code execution vulnerability in Microsoft Word that was being exploited in the wild by cyber criminal groups to distribute malware like Dridex banking trojans and Latentbot. Now, it turns out that the same previously undisclosed vulnerability in Word...

Real Identity of Hacker Who Sold LinkedIn, Dropbox Databases Revealed

The real identity of Tessa88—the notorious hacker tied to several high-profile cyber attacks including the LinkedIn, DropBox and MySpace mega breaches—has been revealed as Maksim Vladimirovich Donakov Максим Владимирович Донаков, a resident of Penza, Russian Federation. In early 2016, a hacker wi...

Just Answering A Video Call Could Compromise Your WhatsApp Account

What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just b...

How Heartbleed Bug Exposes Your Passwords to Hackers

Are you safe from the critical bug Heartbleed?? OpenSSL- the encryption technology used by millions of websites to encrypt the communication and is also used to protect our sensitive data such as e-mails, passwords or banking information. But a tiny, but most critical flaw called "Heartbleed" in...

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver BYOVD attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security...

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets. Dubbed 'Kr00k' and track...

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher...

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in...

3 New Severe Security Vulnerabilities Found In SolarWinds Software

Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code execution with elevated privileges. Two of the flaws CVE-2021-25274 and CVE-2021-25275 were identified in...

Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper today released proof-of-concept PoC exploit for a new zero-day vulnerability affecting Microsoft's Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day...

Microsoft Issues Patches for Actively Exploited Critical Vulnerabilities

Besides a previously undisclosed code-execution flaw in Microsoft Word, the tech giant patches two more zero-day vulnerabilities that attackers had been exploiting in the wild for months, as part of this month's Patch Tuesday. In total, Microsoft patches 45 unique vulnerabilities in its nine...

Microsoft Issues March 2020 Updates to Patch 115 Security Flaws

Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history. Of the 115 bugs spanning its various products —...

Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies

Nothing is free in this world. If you are searching for free hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a scam. For example, Cobian RAT and a Facebook hacking tool that we previously reported on The Hack...

'Exodus' Surveillance Malware Found Targeting Apple iOS Users

Cybersecurity researchers have discovered an iOS version of the powerful mobile phone surveillance app that was initially targeting Android devices through apps on the official Google Play Store. Dubbed Exodus, as the malware is called, the iOS version of the spyware was discovered by security...

Reminder: Microsoft to end support for Windows 7 in 1-year from today

A new reminder for those who are still holding on to the Windows 7 operating system—you have one year left until Microsoft ends support for its 9-year-old operating system. So it's time for you to upgrade your OS and say goodbye to Windows 7, as its five years of extended support will end on...

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers

A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially. "The Beastmode aka B3astmode Mirai-based DDoS campaign has aggressively updat...

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

A zero-day remote code execution RCE vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept PoC exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts...

Police Arrest 21 WeLeakInfo Customers Who Bought Breached Personal Data

21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo.com, a now-defunct online service that had been previously selling access to data hacked from other websites. The suspects used stolen personal credentials to commit further cyber...

Adobe Releases February 2019 Patch Updates For 75 Vulnerabilities

Welcome back! Adobe has today released its monthly security updates to address a total of 75 security vulnerabilities across its various products, 71 of which resides in Adobe Acrobat and Reader alone. February 2019 patch Tuesday updates address several critical and important vulnerabilities in...

Cybercrime Group TA558 Targeting Hospitality, Hotel, and Travel Organizations

A financially motivated cybercrime group has been linked to an ongoing wave of attacks aimed at hospitality, hotel, and travel organizations in Latin America with the goal of installing malware on compromised systems. Enterprise security firm Proofpoint, which is tracking the group under the name...

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data...

Chinese Spying Chips Found Hidden On Servers Used By US Companies

A media report today revealed details of a significant supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs from a nation-state. According to a lengthy report published today by Bloomberg, a tiny surveillance chip, not much bigger than a gra...

Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack

Threat actors are actively weaponizing unpatched servers affected by the newly identified "Log4Shell" vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even...

OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks

In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown. Have you ever noticed they all had at least one thing in common? That's OpenSSH. As a...

Get paid up to $40,000 for finding ways to hack Facebook or Instagram accounts

Here we have great news for all bug bounty hunters. Now you can get paid up to $40,000 for finding and responsibly reporting critical vulnerabilities in the websites and mobile applications owned by Facebook that could allow cyber attackers to take over user accounts. In the latest post published...

Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware

FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash,...

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

A previously undocumented threat actor has been identified as behind a string of attacks targeting fuel, energy, and aviation production industries in Russia, the U.S., India, Nepal, Taiwan, and Japan with the goal of stealing data from compromised networks. Cybersecurity company Positive...

Apple Releases Urgent 0-Day Bug Patch for Mac, iPhone and iPad Devices

Apple on Monday rolled out an urgent security update for iOS, iPadOS, and macOS to address a zero-day flaw that it said may have been actively exploited, making it the thirteenth such vulnerability Apple has patched since the start of this year. The updates, which arrive less than a week after th...

Hackers Found Exploiting Oracle WebLogic RCE Flaw to Spread Ransomware

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware. As suspected, a recently-disclosed critical vulnerability in the widely...

Worok Hackers Target High-Profile Asian Companies and Governments

High-profile companies and local governments located primarily in Asia are the subjects of targeted attacks by a previously undocumented espionage group dubbed Worok that has been active since late 2020. "Worok's toolset includes a C++ loader CLRLoad, a PowerShell backdoor PowHeartBeat, and a C...

Learn Ethical Hacking Online – A to Z Training Bundle 2019

Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level. The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical...

Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws

Google's cybersecurity researchers have finally disclosed details and proof-of-concept exploits for 4 out of 5 security vulnerabilities that could allow remote attackers to target Apple iOS devices just by sending a maliciously-crafted message over iMessage. All the vulnerabilities, which require...

Last Years Open Source - Tomorrow's Vulnerabilities

Linus Torvalds, the creator of Linux and Git, has his own law in software development, and it goes like this: "given enough eyeballs, all bugs are shallow." This phrase puts the finger on the very principle of open source: the more, the merrier - if the code is easily available for anyone and...

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

A critical vulnerability has been discovered in PHPMailer, which is one of the most popular open source PHP libraries to send emails used by more than 9 Million users worldwide. Millions of PHP websites and popular open source web applications, including WordPress, Drupal, 1CRM, SugarCRM, Yii, an...

LodaRAT Windows Malware Now Also Targets Android Devices

A previously known Windows remote access Trojan RAT with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker's espionage motives. "The developers of LodaRAT have added Android as a targeted platform," Cisco Talos...

Update Your Windows Computers to Patch 6 New In-the-Wild Zero-Day Bugs

Microsoft on Tuesday released another round of security updates for Windows operating system and other supported software, squashing 50 vulnerabilities, including six zero-days that are said to be under active attack. The flaws were identified and resolved in Microsoft Windows, .NET Core and Visu...

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

The United States Cybersecurity and Infrastructure Security Agency CISA yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution RCE vulnerability in Pulse Secure VP...

New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!

Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent...

Ransomware Attack Caused Power Outages in the Biggest South African City

Yesterday, some residents of Johannesburg, the largest city in South Africa, were left without electricity after the city's power company got attacked by a ransomware virus. City Power, the company responsible for powering South Africa's financial capital Johannesburg, confirmed Thursday on Twitt...

Hackers are exploiting a new zero-day flaw in GPON routers

Even after being aware of various active cyber attacks against the GPON Wi-Fi routers, if you haven't yet taken them off the Internet, then be careful—because a new botnet has joined the GPON party, which is exploiting an undisclosed zero-day vulnerability in the wild. Security researchers from...

North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository

Three additional rogue Python packages have been discovered in the Package Index PyPI repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors. The findings come from...

Facebook Hacked — 10 Important Updates You Need To Know About

If you also found yourself logged out of Facebook on Friday, you are not alone. Facebook forced more than 90 million users to log out and back into their accounts in response to a massive data breach. On Friday afternoon, the social media giant disclosed that some unknown hackers managed to explo...

Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw

Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild. Tracked as CVE-2022-1364, the tech giant described the high-severity bug as a case of type confusion in the V8 JavaScript engine...

KickAss Torrent Download Website Seized

So far, the torrent users didn’t forget the incident of The Pirate Bay seizer, that another most popular Torrent website, KickAss Torrents, has been kicked off by the Somalian registry. KickAss Torrent download website has lost access to its Kickass.so - the Somalian domain with millions of uniqu...

Hacker Discloses Unpatched Windows Zero-Day Vulnerability (With PoC)

A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft's Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine. And guess what? The zero-day flaw has been...

Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk

The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as...

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves...

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks

QNAP, Taiwanese maker of network-attached storage NAS devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x bel...

A New 'Arbitrary File Copy' Flaw Affects ProFTPD Powered FTP Servers

A German security researcher has publicly disclosed details of a serious vulnerability in one of the most popular FTP server applications, which is currently being used by more than one million servers worldwide. The vulnerable software in question is ProFTPD, an open source FTP server used by a...

How Just Opening A Site In Safari Could Have Hacked Your Apple macOS

Earlier this week Dropbox team unveiled details of three critical vulnerabilities in Apple macOS operating system, which altogether could allow a remote attacker to execute malicious code on a targeted Mac computer just by convincing a victim into visiting a malicious web page. The reported...