Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. Group-IB, a global threat hunting and adversary-centric cyber intelligence company specializing in investigating and preventing hi-tech cybercrimes, has discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum on […]
Zero-day exploit broker Zerodium is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. Zero-day exploit broker Zerodium announced it is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. The company will pay up to $100,000 for zero-days in Pidgin, which is a free and open-source multi-platform instant […]
The US DoJ seized two domains used by APT29 group in recent attacks impersonating the U.S. USAID to spread malware. The US Department of Justice (DoJ) and the Federal Bureau of Investigation have seized two domains used by the Russia-linked APT29 group in spear-phishing attacks that targeted government agencies, think tanks, consultants, and NGOs. Russia-linked […]
The Swedish Public Health Agency has shut down the country’s infectious diseases database, SmiNet, last week after multiple hacking attempts. The Swedish Public Health Agency was forced to shut down its infectious diseases database, named SmiNet, in response to a series of hacking attempts. The Swedish Agency cannot report complete data from Wednesday at 4 […]
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug in PatchGuard that could be exploited by an attacker to load unsigned malicious code into the Windows operating system kernel. The PatchGuard, also known as […]
Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. Workers are going back to offices after months of remote working and crooks […]
Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. Researchers from Ruhr-University Bochum have disclosed two new attack techniques, dubbed Evil Annotation and Sneaky Signature attacks, on certified PDF documents that could potentially allow attackers to modify visible content without invalidating their digital signature. The […]
Researchers from FireEye warn that China-linked APT groups continue to target Pulse Secure VPN devices to compromise networks. Cybersecurity researchers from FireEye warn once again that Chinese APT groups continue to target Pulse Secure VPN devices to penetrate target networks and deliver malicious web shells to steal sensitive information. FireEye monitored the activities of two […]
Microsoft experts uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind SolarWinds hack. Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign conducted by NOBELIUM APT. The NOBELIUM APT is the threat actor that conducted supply chain attack against SolarWinds which involved multiple families of implants, including the SUNBURST […]
The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN. “The FBI is […]