20793 matches found
Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location
A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The...
British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies
A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous...
British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies
A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous...
A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems
German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf UKD caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a...
A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems
German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf UKD caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a...
A Bug Could Let Attackers Hijack Firefox for Android via Wi-Fi Network
Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. ESET security researcher Lukas Stefanko yesterday tweeted an alert demonstrating the exploitation of a recently disclos...
A Bug Could Let Attackers Hijack Firefox for Android via Wi-Fi Network
Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. ESET security researcher Lukas Stefanko yesterday tweeted an alert demonstrating the exploitation of a recently disclos...
Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents
Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian...
Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents
Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian...
U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...
U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...
Android 11 — 5 New Security and Privacy Features You Need to Know
After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost...
Android 11 — 5 New Security and Privacy Features You Need to Know
After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost...
Zenscrape: A Simple Web Scraping Solution for Penetration Testers
Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It...
Zenscrape: A Simple Web Scraping Solution for Penetration Testers
Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It...
U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin a...
U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin a...
FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and...
FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and...
2 Hackers Charged for Defacing Sites after U.S. Airstrike Killed Iranian General
The US Department of Justice DoJ on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. Behzad Mohammadzadeh aka Mrb3hz4d, 19, and Marwan Abusrour aka...
2 Hackers Charged for Defacing Sites after U.S. Airstrike Killed Iranian General
The US Department of Justice DoJ on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. Behzad Mohammadzadeh aka Mrb3hz4d, 19, and Marwan Abusrour aka...
New Report Explains COVID-19's Impact on Cyber Security
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is...
New Report Explains COVID-19's Impact on Cyber Security
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is...
Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web
In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over...
Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web
In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over...
CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
The US Cybersecurity and Infrastructure Security Agency CISA issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese Ministry of State Security-affiliated cyber threat...
CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
The US Cybersecurity and Infrastructure Security Agency CISA issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese Ministry of State Security-affiliated cyber threat...
New Linux Malware Steals Call Details from VoIP Softswitch Systems
Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP VoIP softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, includin...
New Linux Malware Steals Call Details from VoIP Softswitch Systems
Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP VoIP softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, includin...
New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of...
New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of...
Hackers Stole $5.4 Million From Eterbase Cryptocurrency Exchange
Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered...
Hackers Stole $5.4 Million From Eterbase Cryptocurrency Exchange
Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered...
A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption
IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes. Many reasons end-users may contact the helpdesk. However, password relate...
A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption
IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes. Many reasons end-users may contact the helpdesk. However, password relate...
New Raccoon Attack Could Let Attackers Break SSL/TLS Encryption
A group of researchers has detailed a new timing vulnerability in Transport Layer Security TLS protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a...
New Raccoon Attack Could Let Attackers Break SSL/TLS Encryption
A group of researchers has detailed a new timing vulnerability in Transport Layer Security TLS protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a...
Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine
We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent. I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that...
Cynet Takes Cyber Threat Protection Automation to the Next Level with Incident Engine
We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent. I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that...
Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor
A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...
Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor
A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...
Microsoft Releases September 2020 Security Patches For 129 Flaws
As part of this month's Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software. Of the 129 bugs spanning its various products —...
Microsoft Releases September 2020 Security Patches For 129 Flaws
As part of this month's Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software. Of the 129 bugs spanning its various products —...
Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks
Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download,...
Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks
Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download,...
New PIN Verification Bypass Flaw Affects Visa Contactless Payments
Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered an authentication flaw in the company's EMV enabled payment cards that permits cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly. The...
New PIN Verification Bypass Flaw Affects Visa Contactless Payments
Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered an authentication flaw in the company's EMV enabled payment cards that permits cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly. The...
SMB Cybersecurity Catching Up to Enterprise… But the Human Element Still a Major Concern
Cyberattacks on small to medium-sized businesses SMBs are continuing at a relentless pace, with the vast majority of data breaches coming from outside the organization. Some believe hackers are aggressively targeting these smaller firms because they believe SMBs lack adequate resources and...
SMB Cybersecurity Catching Up to Enterprise… But the Human Element Still a Major Concern
Cyberattacks on small to medium-sized businesses SMBs are continuing at a relentless pace, with the vast majority of data breaches coming from outside the organization. Some believe hackers are aggressively targeting these smaller firms because they believe SMBs lack adequate resources and...
Evilnum hackers targeting financial firms with a new Python-based RAT
An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan RAT that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereas...