Skip to content

Cybersecurity | english only |

Thomson Reuters collected and leaked at least 3TB of sensitive data

Thomson Reuters collected and leaked at least 3TB of sensitive data

"Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. Attackers could use the details for a supply-chain attack. The Cybernews research team found that Thomson Reuters left at least three of its databases accessible for

Members Public
Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign

Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign

Group uses novel method of reading commands from legitimate IIS logs. Symantec, by Broadcom Software, has discovered a previously undocumented dropper that is being used to install a new backdoor and other tools using the novel technique of reading commands from seemingly innocuous Internet Information Services (IIS) logs. The dropper

Members Public
Security experts targeted with malicious CVE PoC exploits on GitHub

Security experts targeted with malicious CVE PoC exploits on GitHub

Researchers discovered thousands of GitHub repositories that offer fake proof-of-concept (PoC) exploits for various flaws used to distribute malware. A team of researchers at the Leiden Institute of Advanced Computer Science (Soufian El Yadmani, Robin The, Olga Gadyatskaya) discovered thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits

Members Public
Typosquat campaign mimics 27 brands to push Windows, Android malware

Typosquat campaign mimics 27 brands to push Windows, Android malware

A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. Some of the malicious sites were discovered by cyber-intelligence firm Cyble, which published a report this week focusing on domains mimicking popular Android app stores

Members Public
Russians Against Putin: NRA Claims Massive Hack of Russian Government Contractors’ Computers

Russians Against Putin: NRA Claims Massive Hack of Russian Government Contractors’ Computers

The NRA (National Republican Army) claimed they are responsible for the hacking attack against Technoserv. Russia's largest systems integrator Technoserv was hacked by Russian hackers on October 17. In perhaps one of the largest IT-security breaches in Russian history. In total, the hackers managed to get more than

Members Public
Magniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates

Magniber Ransomware Adopts JavaScript, Targeting Home Users with Fake Software Updates

In recent years, “Big Game Hunting” ransomware attacks against enterprises have dominated media headlines because of their high-profile victims and substantial ransom demands. Yet single-client ransomware – a type of ransomware that infects individual computers, rather than fleets of devices – can still cause significant damage to individuals and organizations. In this

Members Public
WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware

WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware

SentinelOne researchers uncovered a new threat cluster, tracked as WIP19, which has been targeting telecommunications and IT service providers in the Middle East and Asia. The experts believe activity of the group  is espionage-related and that WIP19 is a Chinese-speaking threat actor. The threat cluster has some overlap with Operation

Members Public
PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin

PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin

Details and a proof-of-concept (PoC) exploit have been published for the recent Fortinet vulnerability tracked as CVE-2022-40684, just as cybersecurity firms are seeing what appears to be the start of mass exploitation attempts. Fortinet privately informed some customers last week about the availability of patches and workarounds for a critical

Members Public
Timing Attacks Can Be Used to Check for Existence of Private NPM Packages

Timing Attacks Can Be Used to Check for Existence of Private NPM Packages

Container and cloud-native application security provider Aqua Security warns that the existence of private NPM packages can be disclosed by performing timing attacks. Specifically, the security firm has discovered that an attacker armed with a list of package names may launch timing attacks to determine whether an organization has created

Members Public
POLONIUM targets Israel with Creepy malware

POLONIUM targets Israel with Creepy malware

ESET researchers reveal their findings about POLONIUM, an advanced persistent threat (APT) group about which little information is publicly available and its initial compromise vector is unknown. POLONIUM is a cyberespionage group first documented by Microsoft Threat Intelligence Center (MSTIC) in June 2022. MSTIC’s assessment is that POLONIUM is

Members Public
New “Prestige” ransomware impacts organizations in Ukraine and Poland

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. They observed this new ransomware, which labels itself in its ransom note as “Prestige ranusomeware”, being deployed

Members Public
Operation 8th-Commandment - Pro-Ukrainian Hackers Attack Russian Telecoms

Operation 8th-Commandment - Pro-Ukrainian Hackers Attack Russian Telecoms

Pro-Ukrainina hacker group, Team OneFist completed a major attack against russian telecom and voice infrastructure in Operation 8th-Commandment. Hackers claim they annihilated 214 routers in 36 hours, incuding 28 which belong to russian governmental facilities. Rostelecom concerned too. OneFist hit mid-to-large sized targets brought down several small data-centers during the

Members Public