A new botnet, tracked as HEH, discovered botnet implements a disk-wiping feature that allows it to wipe all data from the infected systems. Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected […]
The CISA agency is warning of a surge in Emotet attacks targeting multiple state and local governments in the US since August. The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to warn of a surge of Emotet attacks that have targeted multiple state and local governments in the U.S. since August. During that […]
Using a WordPress flaw (File-Manager pluginâCVE-2020-25213) to leverage Zerologon (CVE-2020-1472) and attack companiesâ Domain Controllers. Recently, a critical vulnerability called Zerologon â CVE-2020-1472 â has become a trending subject around the globe. This vulnerability would allow a malicious agent with a foothold on your internal network to essentially become Domain Admin with just one click. This scenario […]
The legendary cyber security expert John McAfee has been indicted on charges of tax evasion by the DoJ, authorities arrested him in Spain The popular cyber security expert and cryptocurrency evangelist John McAfee has been indicted on charges of tax evasion by the Department of Justice (DOJ). The expert has been arrested in Spain and is awaiting extradition. According […]
The United Nations International Maritime Organization (IMO) disclose a cyber attack that disrupted its IT systems. The United Nations International Maritime Organization (IMO) is a global standard-setting authority for the safety, security and environmental performance of international shipping. The UN Maritime Organization is the United Nations that develops a regulatory framework that is adopted on […]
The credit card skimming group Fullz House has compromised the website of US mobile virtual network operator (MVNO) Boom! Mobile. The credit card skimming group Fullz House has compromised the website of US mobile virtual network operator (MVNO) Boom! Mobile in a classic MageCart attack. Boom! Mobile offers postpaid and prepaid no-contract wireless service plans to its customers that […]
Microsoft researchers reported that Iranian cyber espionage group MuddyWater is exploiting the Zerologon vulnerability in attacks in the wild. Microsoft published a post and a series of tweets to warn of cyber attacks exploiting the Zerologon vulnerability carried out by the Iran-linked APT group known as MuddyWater, aka Mercury. The Zerologon vulnerability, tracked as CVE-2020-1472, is […]
A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four […]
Researchers disclosed details of security flaws in popular antivirus software that could allow threat actors to increase privileges. Security researchers from CyberArk Labs disclosed details of security vulnerabilities found in popular antivirus software that could be exploited by attackers to elevate their privileges on the target system. Antivirus solutions that are supposed to protect the systems from […]
Cybernews has found an exposed data bucket that belongs to the Australian news sharing platform Snewpit containing around 80,000 user records. Original post at https://cybernews.com/security/australian-social-news-platform-leaks-80000-user-records/ To increase efforts to secure user data, Snewpit will be reviewing âall server logs and access control settingsâ to confirm that no unauthorized access took place and to ensure that […]