The U.S. Department of Justice charged nine individuals connected to a hacking crew focused on identity theft and SIM swapping attacks. The U.S. DoJ announced charges against nine individuals, 6 members of a hacking group known as ‘The Community’ and 3 former employees of mobile phone providers. The latter group helped the hackers to steal roughly […]
According to researchers at AT&T Alien Labs, threat actors are attempting to exploit the CVE-2019-0604 Microsoft Sharepoint vulnerability in attacks in the wild. AlienLabs has seen a number of reports related to the active exploitation of the CVE-2019-0604 vulnerability in Microsoft Sharepoint. The CVE-2019-0604 vulnerability is a remote code execution flaw that is caused by […]
Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. The flaw tracked as CVE-2019-8285 affects Kaspersky Lab Antivirus Engine version before 04.apr.2019 and potentially allows arbitrary code execution. […]
A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Fxmsp is a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. The group is offering the accesses to the […]
US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. The US Department of Justice indicted Fujie Wang (32), a member of sophisticated Chinese hacking group that breached at several US companies, including the health insurer Anthem […]
Since December 2015, Alpine Linux Docker images have been shipped with hardcoded credentials, a NULL password for the root user. Security researchers from Cisco revealed that Alpine Linux Docker images distributed via the official Docker Hub portal since December 2015 have been using a NULL password for the root account, The NULL password for the root […]
Global information services company Wolters Kluwer took offline has taken offline many of its applications and platforms in response to a ransomware attack. Another ransomware attack made hit a big company, this time the victim is the Global information services giant Wolters Kluwer that took offline some of the affected systems after the incident. Wolters […]
Security researcher discovered a browser address bar spoofing flaw that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Security researcher and bug hunter Arif Khan has discovered a browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. The vulnerability affects latest version of the UC Browser 12.11.2.1184 and UC Browser Mini […]
Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. SANS expert Renato Marinho uncovered an ongoing malicious campaign that is targeting vulnerable Apache Jenkins installs to deliver a Monero cryptominer dubbed Kerberods. According to the SANS Instituteâs Internet Storm Center, attackers are exploiting the […]
Hackers steal $41 Million worth of Bitcoin from Binance, one of the worldâs largest cryptocurrency exchange The hack of another cryptocurrency exchange made the headlines, hackers steal $41 Million worth of Bitcoin (over 7,000 bitcoins) from Binance. Binance is one of the worldâs largest cryptocurrency exchanges, its founder and CEO Changpeng Zhao confirmed that the […]