Sometimes, you canât even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge links leading to malicious sites through them. Cybernews researchers have discovered two BMW subdomains that were vulnerable to SAP redirect vulnerability. They were used to access […]
Crypto platform Orbit Chain suffered a cyberattack, threat actors have stolen more than $81 million worth of cryptocurrency. Orbit Chain has suffered a security breach that has resulted in the theft of more than $81 million worth of cryptocurrency. Orbit Chain is a multi-asset blockchain platform that connects various blockchains through Inter-Blockchain Communication (IBC). It […]
Ukraineâs SBU revealed that Russia-linked threat actors hacked surveillance cameras to spy on air defense forces and critical infrastructure in Kyiv. Ukraineâs SBU announced they shut down two surveillance cameras that were allegedly hacked by the Russian intelligence services to spy on air defense forces and critical infrastructure in Kyiv. The surveillance cameras were located […]
A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomwareâs encryption algorithm and exploited it to create a free decryptor. The Black Basta ransomware group has been active since April […]
JinxLoader is a new Go-based loader that was spotted delivering next-stage malware such as Formbook and XLoader. Researchers from Palo Alto Networks and Symantec warned of a new Go-based malware loader called JinxLoader, which is being used to deliver next-stage payloads such as Formbook and XLoader. The name of the threat comes from a League of Legends character. Palo […]
Researchers discovered an SSH vulnerability, called Terrapin, that could allow an attacker to downgrade the connection’s security. Security researchers from Ruhr University Bochum (Fabian BĂ€umer, Marcus Brinkmann, Jörg Schwenk) discovered a vulnerability, called Terrapin (CVE-2023-48795, CVSS score 5.9), in the Secure Shell (SSH) cryptographic network protocol. An attacker can trigger the flaw to downgrade the […]
Hudson Researchers reported that a mysterious hacker launched a series of attacks against industry-leading companies in Iran. Hudson Researchers reported that on December 20th, a hacker using the moniker ‘irleaks’ announced the availability for sale of over 160,000,000 records allegedly stolen from 23 leading insurance companies in Iran. The hacker claims that stolen data includes […]
These are the Top 2023 Security Affairs cybersecurity stories ⊠enjoy it. CYBERCRIMINALS LAUNCHED âLEAKSMASâ EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported. 1.7 TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE […]
CloudSEK researchers analyzed a zero-day exploit that can allow the generation of persistent Google cookies through token manipulation. In October 2023, a developer known as PRISMA first uncovered an exploit that allows the generation of persistent Google cookies through token manipulation. An attacker can use the exploit to access Google services, even after a user’s […]
Google has agreed to settle a $5 billion privacy lawsuit, which alleged that the company monitored individuals using the Chrome “incognito” mode. Google agreed to settle a $5 billion privacy lawsuit over claims that the company monitored online activity of people who used the ‘incognito’ mode in its Chrome web browser. The class action, filed […]