Exclusive: Pakistan and India to armaments. Researchers from Cybaze-Yoroi ZLab gathered intelligence on the return of Operation Transparent Tribe is back 4 years later Introduction The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages…
Category: Security Affairs
DOD DISA US agency discloses a security breach
The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The Defense Information Systems Agency (DISA), the DoD agency that is in charge of the security…
Dragos Report: Analysis of ICS flaws disclosed in 2019
More than 400 flaws affecting industrial control systems (ICS) were disclosed in 2019, more than 100 were zero-day vulnerabilities. According to a report published by Dragos, the experts analyzed 438 ICS vulnerabilities that were reported in 212 security advisories, 26%…
Croatia’s largest petrol station chain INA group hit by ransomware attack
Some operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain were disrupted by a cyber attack. A ransomware attack has disrupted operations at INA Group, Croatia’s biggest oil company, and its largest petrol station chain.…
UK, US and its allies blame Russia’s GRU for 2019 cyber-attacks on Georgia
Britain and the United governments blame Russia for being behind a destructive cyber attack that hit Georgia during 2019. The governments of Britain and the US declared that Russia’s military intelligence service GRU is behind the massive cyber attack that…
Adobe released out-of-band updates for After Effects and Media Encoder apps
Adobe released out-of-band security updates for After Effects and Media Encoder applications that address two new critical vulnerabilities. Adobe released out-of-band security updates for After Effects and Media Encoder applications that fix two new critical vulnerabilities (CVE-2020-3765, CVE-2020-3764). Adobe After…
Cisco fixes a static default credential issue in Smart Software Manager tool
Cisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. The types of fixed vulnerabilities include remote access…
Personal details of 10.6M MGM Resorts guests leaked online
The personal information of 10.6 million guests who stayed at MGM Resorts hotels was stolen by hackers this summer and posted a hacking forum this week. ZDNet revealed in exclusive that the personal details of more than 10.6 million users…
Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts
A new flaw was discovered in a WordPress plugin, this time experts found a zero-day vulnerability in the ThemeREX Addons to create admin accounts. Security experts from WordFence have discovered a zero-day vulnerability in the ThemeREX Addons that was actively…
DRBControl cyber-espionage group targets gambling, betting companies
The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group tracked as DRBControl…
Uncovering New Magecart Implant Attacking eCommerce
Security expert Marco Ramilli shared the results of an analysis of a skimmer implant spotted in the wild that could be potentially linked to Magecart group. If you are a credit card holder, this post could be of your interest.…
5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure
Artificial intelligence is an immensely helpful tool for businesses and consumers alike, how to use artificial intelligence to secure sensitive Information Artificial intelligence (AI) is an immensely helpful tool for businesses and consumers alike. By processing data quickly and predicting…
US CISA warns of Ransomware attacks impacting pipeline operations
The Cybersecurity and Infrastructure Security Agency (CISA) is warning critical U.S. infrastructure operators of a recent ransomware attack that affected a natural gas compression facility. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert across critical U.S. infrastructure sectors about…
Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack
Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Experts at firmware security firm Eclypsium have discovered that many peripheral device manufacturers have not implemented security checks to prevent…
Hacking IoT devices with Focaccia-Board: A Multipurpose Breakout Board to hack hardware in a clean and easy way!
Go grab a copy of the Gerbers and 3D-printed Case STL files at https://github.com/whid-injector/Focaccia-Board and print through your favorite FAB. Prologue Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of you, with a multitude of…
CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability
A security expert found a flaw in SharePoint that could be exploited to remotely execute arbitrary code by sending a specially crafted SharePoint application package. Summary:A few days ago I saw a post from Alienvault which says attackers are still exploiting SharePoint…
Flaw in WordPress ThemeGrill Demo Importer WordPress theme plugin expose 200K+ sites to hack
A serious flaw in the ThemeGrill Demo Importer WordPress theme plugin with over 200,000 active installs can be exploited to wipe sites and gain admin access to the site. Experts from the security firm WebARX have discovered a serious flaw…
FC Barcelona and the International Olympic Committee Twitter accounts hacked
The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The popular hacker group has hacked the official Twitter account of the FC…
Russian govn blocked Tutanota service in Russia to stop encrypted communication
Tutanota, the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Since early February, the Russian government has blocked other encrypted email and VPN…
Russian govn blocked Tutanova service in Russia to stop encrypted communication
Tutanota, the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Since early February, the Russian government has blocked other encrypted email and VPN…
Launching the First “Yomi Hunting” Challenge!
About a year ago, Yoroi released the Yomi Hunter sandbox, today, they love to challenge the malware community with the first “Yomi Hunting” contest. About a year ago, we publicly released the Yomi Hunter sandbox for a few simple reasons:…
Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign
Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. Introduction Gamaredon Group is a Cyber Espionage persistent operation attributed to Russians FSB (Federal Security Service) in…
IDF soldiers tricked into installing malicious apps by Hamas operatives posing as attractive women
Israeli Force (IDF) announced it has thwarted an attempt by the Hamas militant group to hack soldiers’ phones by posing as attractive women on social media. Israeli Defence Force (IDF) announced it has thwarted an attempt by the Hamas militant…
Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. During…
US administration requests $9.8B for cyber 2021 budget for the Department of Defense
The US administration requested $9.8 billion for cyber in next year’s budget for the Department of Defense, the amount is the same as last year. The US administration requested $9.8 billion for cyber operations in next year’s budget for the…
Organizers of major hacking conferences in Asia put them on hold due to Coronavirus outbreak
Organizers of Black Hat Asia and DEF CON China security conferences announced that they put the events on hold due to the Coronavirus outbreak. Bad news for cybersecurity passionates and experts, organizers of Black Hat Asia and DEF CON China…
Security Affairs newsletter Round 251
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Maastricht University finally paid a 30 bitcoin ransom to crooks Massive DDoS attack brought down 25% Iranian Internet connectivity The number of cyber…
IOTA cryptocurrency shuts down entire network after a coordinated attack on its Trinity wallet
IOTA Foundation behind the IOTA cryptocurrency was forced to shut down its entire network following a cyber attack that resulted in the theft of funds. Hackers have exploited a vulnerability in the official IOTA wallet to steal funds from the…
NextMotion plastic surgery tech firm data leak
Photos and personal information belonging to patients of the NextMotion plastic surgery tech firm have been exposed online through an unsecured S3 bucket. Hundreds of thousands of documents containing photos and personal information belonging to patients of the plastic surgery…
SweynTooth Bluetooth flaws affect devices from major system-on-a-chip (SoC) vendors
Security experts have discovered multiple flaws, dubbed SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major system-on-a-chip (SoC) vendors. A group of researchers has discovered multiple vulnerabilities, tracked as SweynTooth, in the Bluetooth Low Energy (BLE) implementations of major…
The cyber attack against Austria’s foreign ministry has ended
Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state…
US Govt agencies detail North Korea-linked HIDDEN COBRA malware
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new…
Russian watchdog fines Twitter, Facebook for not moving user data to local servers
A Russian court fined Twitter and Facebook 4 million rubles each for refusing to store the personal data of Russian citizens on local servers. At the end of January, Russia’s telecommunications watchdog Roskomnadzor instituted administrative proceedings against Facebook and Twitter after they refused…
Nedbank client data compromised in security breach at third-party provider
Nedbank bank announced on Thursday that a security breach at a third-party supplier has compromised the details of as many as 1.7 million of its clients. Nedbank bank disclosed on Thursday a security breach at a third-party supplier that has compromised…
PoS malware infected systems at 71 locations operated by US store chain Rutter’s
US store chain Rutter disclosed a security breach, 71 locations were infected with a point-of-sale (POS) malware used to steal customers’ credit card information. The Rutter’s, a U.S. convenience store, fast food restaurant, and gas station chain owner, has disclosed…
Helix Bitcoin Mixer operator charged for laundering over $300M worth of Bitcoin
An American was charged with money laundering while operating the dark web Helix Bitcoin mixer service between 2014 and 2017. Larry Dean Harmon (36), from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin while he…
Three Italian universities hacked by LulzSec_ITA collective
The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for…
MoleRATs APT group targets Palestinian territories
Security experts uncovered a new cyberespionage campaign conducted by one of the Gaza Cybergang groups (aka MoleRATs) targeting the Middle East. Experts from the Cybereason Nocturnus team have uncovered a cyber espionage campaign allegedly carried out by one of the…
US officials claim Huawei Equipment has secret backdoor for spying
Huawei can secretly tap into communications through the networking equipment, states a U.S. official, while White House urge allies to ban the Chinese giant. This week The Wall Street Journal reported that U.S. officials say Huawei can covertly access telecom…
Google Play Protect prevented 1.9 billion malware installs from Third-party stores in 2019
Google Play Protect now scans over 100 billion applications on Android devices every day, these amazing figures were disclosed by Google. In May 2017, Google introduced a security defense system called Google Play Protect to protect the devices running its mobile OS.…
600+ installs of WordPress Cookie Consent Plugin vulnerable to hack. Fix it now!
Developers of the popular WordPress GDPR Cookie Consent plugin have addressed a critical bug that could potentially impact 700K users. Critical vulnerabilities in the WordPress GDPR Cookie Consent plugin could be exploited by potential attackers to delete and change the content of…
Microsoft recommends Exchange admins to disable the SMBv1 protocol
Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet.…
Siemens fixed multiple DoS flaws in several products
Siemens issued Patch Tuesday updates for February 2020 that fixed serious denial-of-service (DoS) flaws in several of its products. Siemens released Patch Tuesday updates for February 2020 that address serious denial-of-service (DoS) flaws in several of its products. According to…
Reading the 2019 Internet Crime Complaint Center (IC3) report
The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report, a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3), one of the…
Crypto AG was spied for US, German intelligence agencies for decades
Swiss authorities are investigating into allegations the company Crypto AG, a Switzerland-based maker of encryption devices, was a front company for the CIA and German intelligence. According to a joint report published by Germany’s ZDF public broadcaster and The Washington Post…
Microsoft Patch Tuesday updates for February 2020 fix IE 0day flaw
Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild. Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet…
440M records found online in unprotected database belonging to Estée Lauder
A security expert discovered that the Cosmetic firm Estée Lauder exposed 440 million records online in a database that was left unsecured. The security expert Jeremiah Fowler discovered an unsecured database belonging to the Cosmetic firm Estée Lauder that contained…
Adobe addresses 42 flaws in its five products
Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in five products, dozens of them rated as critical severity. Adobe February 2020 Patch Tuesday updates address a total of 42 vulnerabilities in Framemaker, Acrobat and Reader, Flash Player, Digital Editions and…
OT attacks increased by over 2000 percent in 2019, IBM reports
According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the…
Dell SupportAssist flaw exposes computers to hack, patch it asap!
Dell addresses a flaw in the Dell SupportAssist Client software that could allow local attackers to execute arbitrary code with Administrator privileges. Dell released a security update to address a vulnerability, tracked as CVE-2020-5316, in its SupportAssist Client software. The flaw could be…
Safer internet day – Cybercrime facts Infographic
Dear readers, I decided to create a simple Infographic that shows Cybercrime facts in 2019, I’ve done it for Safer Internet Day 2020. Enjoy it! Pierluigi Paganini (SecurityAffairs – cybercrime, hacking) The post Safer internet day – Cybercrime facts Infographic appeared first…
South Korean Woori Bank is accused of unauthorized use of customer data
Unauthorized use of customer information by Woori Bank, ‘crime act’ for customers. The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the passwords of 23,000 customer dormant accounts without consent in July 2018.…
The Altsbit exchange will exit in May following a hack
The Italy-based cryptocurrency exchange Altsbit announced that it has suffered a security breach that led to the theft of its customer’s funds. Crypto-currency exchange Altsbit recently disclosed a security breach, the company claimed that hackers have stolen almost all its…
Chinese Military personnel charged with hacking into credit reporting agency Equifax
The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The United States Department of Justice officially charged 4 members of the China’s PLA’s 54th Research Institute, a division of the Chinese…
Netanyahu’s party Elector app exposes data on over 6.5M Israelis
A misconfiguration in the Elector election day app developed by Likud, the Netanyahu’s party might have exposed data on over 6.5 million Israelis. A misconfiguration in an election day app developed by the Netanyahu’s party Likud, might have exposed personal…
1.2 million CPR numbers for Danish citizen leaked through tax service
A glitch in the TastSelv Borger tax service has sent over one million Danish CPR numbers to the US companies Google and Adobe. The Danish Agency for Development and Simplification has discovered the data leak that involved the TastSelv Borger…
A sad story of pedophilia on how disgusting images fed the web
The journalist Livio Varriale sheds the light on a story about pedophilia that starts from afar and still today finds its roots in the darker side of the internet. Today, I’m going to tell you a horrible story that dwells…
Malaysia’s MyCERT warns cyber espionage campaign carried out by APT40
Malaysia’s MyCERT issued a security alert to warn of a hacking campaign targeting government officials that was carried out by the China-linked APT40 group. Malaysia’s Computer Emergency Response Team (MyCERT) warns of a cyber espionage campaign carried out by the…
A cyber-attack on major banks could trigger a liquidity crisis, ECB President Christine Lagarde warns
The president of the European Central Bank (ECB), Christine Lagarde, is warning that a cyber-attack on a major financial institution could trigger a liquidity crisis. The president of the European Central Bank (ECB), Christine Lagarde, has warned that a coordinated…
Massive DDoS attack brought down 25% Iranian Internet connectivity
Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet,…
The number of cyber attacks on Saudi Aramco is increasing
Saudi Aramco, the Saudi Arabian national petroleum and natural gas company, revealed that it has seen an increase in attempted cyber attacks since the Q4 2019. The energy industry is under attack, Saudi Aramco announced it has seen an increase…
Maastricht University finally paid a 30 bitcoin ransom to crooks
In December, Maastricht University was hit with ransomware attack, now the university admitted to have paid the ransom requested by crooks. In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. Maastricht University…
Security Affairs newsletter Round 250
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Microsoft announces the launch of a bug bounty program for Xbox Microsoft warns TA505 changed tactic in an ongoing malware campaign Russias watchdog…
IoT devices at major Manufacturers infected with crypto-miner
Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world’s largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece…
Facebook’s official Twitter and Instagram accounts hacked by OurMine
The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group OurMine Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and…
Group-IB detects Half a Million Indian Banks’ Cards on Joker’s Stash Cardshop
Group-IB experts detected a database containing over 460,000 payment card records uploaded to Joker’s Stash cardshops, most of records were from the Indian banks. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected a database containing over…
RobbinHood ransomware exploit GIGABYTE driver flaw to kill security software
The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling…
Japanese defense contractors Pasco and Kobe Steel disclose security breaches
Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. Just last week, Japan’s…
Iran-linked APT group Charming Kitten targets journalists, political and human rights activists
Iran-linked APT group Charming Kitten has been targeting journalists, political and human rights activists in a new campaign. Researchers from Certfa Lab reports have spotted a new cyber espionage campaign carried out by Iran-linked APT group Charming Kitten that has…
Critical Android Bluetooth flaw CVE-2020-0022 could be exploited without user interaction
Google addressed a critical vulnerability in its Android OS that affects the Bluetooth subsystem and could be exploited without user interaction. Google has addressed a critical flaw in Android OS that affects the Bluetooth subsystem and could be exploited without…
cdpwn – Millions of devices at risk due to flaws in implementations of Cisco Discovery Protocol (CDP)
A set of vulnerabilities in the Cisco Discovery Protocol (CDP) exposes tens of millions of devices to the risk of cyber attacks. Researchers at IoT security firm Armis discovered a set of five serious vulnerabilities in the implementation of the…
Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs
Check Point experts discovered a high-severity flaw in Philips Hue Smart Light Bulbs that can be exploited to gain entry into a targeted WiFi network. Security experts from Check Point discovered a high-severity flaw (CVE-2020-6007) in Philips Hue Smart Light Bulbs that can be…
Microsoft detects 77,000 active web shells on a daily basis
Microsoft published an interesting report that investigates web shell attacks, the IT giant says it detects 77,000 active web shells daily. According to a report published by Microsoft, the company detects an average of 77,000 active web shells, spreading across…
Expert released PoC exploit code for unpatched backdoor in HiSilicon chips
Researcher published details about a backdoor mechanism he found in HiSilicon chips, but he did not report it to the vendor due to the lack of trust in it. The Russian security expert Vladislav Yarmak has published technical details about…
Dropbox paid more than $1 Million via its bug bounty program
File hosting service company Dropbox paid out $1 million for vulnerabilities reported by researchers through its bug bounty program. Since the launch of its bug bounty program in 2014, the file-hosting company Dropbox has paid out $1 million to date…
Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware
Threat actors are abusing the Bitbucket code hosting service to host seven types of malware that has already claimed more than 500,000 business computers. Cybereason researchers reported that attackers are abusing the Bitbucket code hosting service to store seven types…
Google mistakenly shared private videos of some users with others in 2019
Google has accidentally shared private videos of some users that were stored on its servers with other, the tech giant notified impacted users. Google admitted a new privacy incident, it has accidentally shared private videos saved on its servers with…
Facebook fixed a WhatsApp bug that allowed hackers to access local file system
Facebook addressed a critical issue in WhatsApp that would have allowed attackers to read files from a user’s local file system, on macOS and Windows. Facebook has addressed a critical vulnerability in WhatsApp, tracked as CVE-2019-18426, that would have allowed…
Using 99 mobile phones to create a fake traffic jam in Google Maps
A German artist demonstrated how using a simple trick it is possible to deceive Google Maps and create a virtual traffic jam. The German artist Simon Weckert conducted a simple experiment to demonstrate how to deceive Google Maps and create a…
The city of Racine was offline following a ransomware attack
The city of Racine joins to the long string of US municipalities that were hit with ransomware attack, it was forced offline following the infection. The city of Racine, Wisconsin, was hit with a ransomware, the incident took place on…
Toll Group shuts down some online systems after ransomware attack
The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services. The Australian transportation and logistics giant Toll Group was victim of a ransomware attack, in response to…
Hackers abused Twitter API to match usernames to phone numbers
Twitter discloses a security incident involving third-parties that exploited its official API to match phone numbers with Twitter usernames. On December 24, 2019 the company discovered that its API were exploited by a large network of fake accounts to match Twitter usernames…
NCA arrested six men in UK over Malta Bank Cyber-Heist
Last week NCA arrested six individuals in the United Kingdom because they are suspected to be involved in a Malta cyber-heist and money laundering operation. Britain’s National Crime Agency (NCA) arrested six individuals in the United Kingdom because they are…
Sudo CVE-2019-18634 flaw allows Non-Privileged Linux and macOS Users run commands as Root
Apple researcher discovered an important vulnerability (CVE-2019-18634) in ‘sudo’ utility that allows non-privileged Linux and macOS users to run commands as Root. Security expert Joe Vennix from Apple has discovered an important vulnerability in ‘sudo‘ utility, tracked as CVE-2019-18634, that…
Police are warning crooks are using cleaners to compromise businesses
Cybercriminals are planting so-called “sleepers” in cleaning companies so that they can physically access IT infrastructure and hack them. The alert was launched by a senior police officer, cyber criminals are planting so-called “sleepers” in cleaning companies so that they…
Ransomware brought down services of popular TV search engine TVEyes
TVEyes was brought down after its core server and engineering workstations were infected with a ransomware attack, company CEO confirmed. TVEyes is a company that manages a popular platform for monitoring TV and radio news broadcasts, it is used worldwide by…
Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks
Hackers have already compromised more than 2,300 Linear eMerge E3 building access systems exploiting a severe vulnerability that has yet to be fixed. Linear eMerge E3 smart building access systems designed by Nortek Security & Control (NSC) are affected by…
Apollon Darknet market is allegedly pulling an exit scam
The Apollon market, one of the largest marketplaces, is likely exit scamming after the administrators have locked vendors’ accounts. The Apollon market, one of the darknet’s largest marketplaces, is likely exit scamming, vendors and customers reported suspicious behavior of its…
Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook
Russia’s Roskomnadzor watchdog wants to fine Facebook and Twitter after they refused to store data of Russian users on servers located in the country. Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data…
The Russian Government blocked ProtonMail and ProtonVPN
The popular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. Roskomnadzor explained that the services…
Microsoft announces the launch of a bug bounty program for Xbox
Microsoft announced the launch of an Xbox bug bounty program with rewards of up to $20,000 for critical remote code execution flaws. Microsoft is going to launch an Xbox bug bounty program that will pay rewards of up to $20,000…
Security Affairs newsletter Round 249
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Authorities arrest 3 Indonesian hackers behind many Magecart attacks City of Potsdam offline following a cyberattack A new piece of Ryuk Stealer targets…
Microsoft warns TA505 changed tactic in an ongoing malware campaign
An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs Security experts from Microsoft have uncovered an ongoing phishing campaign launched by the TA505 cybercrime gang (aka Evil Corp) that is employing…
Crooks start exploiting Coronavirus as bait to spread malware
Security researchers warn of malspam campaigns aimed at spreading malware that exploits media attention on the coronavirus epidemic. Unscrupulous cybercriminal groups are attempting to exploit media attention on the coronavirus to infect systems worldwide. Recently, coronavirus is monopolizing media attention,…
Winnti APT Group targeted Hong Kong Universities
Winnti Group has compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. Hackers from the China-linked Winnti group have compromised computer systems at two Hong Kong universities during the Hong Kong…
Hackers penetrated NEC defense business division in 2016
Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016. The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016. The Japanese…
US continues to press UE members to ban Huawei and Chinese 5G technologies
The United States appreciated European Union’s new rules on 5G networks, but pressed them to ban China’s Huawei technology. The EU’s executive Commission this week presented a set of rules and technical measures aimed at reducing cybersecurity risks from the…
NIST Tests Forensic Methods for Getting Data From Damaged Mobile Phones
Crooks sometimes damage their mobile devices to destroy evidence, NIST tests forensic methods for getting data from damaged mobile phones Criminals sometimes damage their mobile phones in an attempt to destroy evidence. They might smash, shoot, submerge or cook their…
Report: Threat of Emotet and Ryuk
Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and…
Iran-linked APT34 group is targeting US federal workers
Iran-linked APT34 group has targeted a U.S.-based research company that provides services to businesses and government organizations. Security experts from Intezer observed targeted attacks on a US-based research company that provides services to businesses and government organizations. “Our researchers Paul Litvak…