News
Over 400 malicious Android and iOS apps
Meta identified more than 400 malicious Android and iOS apps this year that target people across the internet to steal their Facebook login information. "These apps were listed on the Google Play Store and Apple’s App Store and disguised as photo editors, games, VPN services, business apps and
DDoS Attack Against Estonia By Russian Hackers
Anonymous Russia anounnced DDoS attack against Estonian websites on 8 October. The targets were mainly banks and taxi companies. DDoS attacks are part of the announced campaign on October 2 by Anonymous Russia.
LofyGang - Software Supply Chain Attack, ~200 Malicious NPM Packages
"Checkmarx discovered ~200 malicious NPM packages with thousands of installations linked to an attack group called “LofyGang”. This attack group has been operating for over a year with multiple hacking objectives: * Credit card information * Discord “Nitro” (premium) upgrades * Streaming services accounts (e.g. Disney+), Minecraft accounts, and more Their
US govt shares top flaws exploited by Chinese hackers since 2020
NSA, CISA, and the FBI revealed today the top security vulnerabilities most exploited by hackers backed by the People's Republic of China (PRC) to target government and critical infrastructure networks. The three federal agencies said in a joint advisory that Chinese-sponsored hackers are targeting U.S. and allied
Russian-speaking hackers knock US state government websites offline
Russian-speaking hackers on Wednesday claimed responsibility for knocking offline state government websites in Colorado, Kentucky and Mississippi, among other states – the latest example of apparent politically motivated hacking following Russia’s invasion of Ukraine. Russian-speaking hackers knock US state government websites offline | CNN PoliticsRussian-speaking hackers on Wednesday claimed responsibility for
DDoS Attack Against Slovakia By Russian Hackers
Anonymous Russia anounnced DDoS attack against Slovak websites on 6 October. The targets included the site of the Bratislava airport BTS.aero, Sliač airport AirportSliac.sk, SIAF International Aviation Days, the websites of less important financial institutions Wüstenrot, Prvá stavebná sporiteľňa and Privatbanka, Webglobe, WeDos and HostCreators hosting, the Slovakia
Operation Pleiades - Team OneFist And The Gonets Satellite Network
Pro-ukranian hacker group, Team OneFist reported on their second russian satellite company attack as part of Operation Pleiades. (The first was Moscow Satis.) CRM (Customer Relationship Management) database of Gonets was penetrated by founder of OneFist, Thraxman. The database is storing the information of the 97 Russian government organizations and
Russians dodging mobilization behind flourishing scam market
Ever since Russian president Vladimir Putin ordered partial mobilization after facing setbacks on the Ukrainian front, men in Russia and the state's conscript officers are playing a 'cat and mouse' game involving technology and cybercrime services. More specifically, many Russian men eligible for enlistment have resorted
Iran and Cybersecurity: What Technologists Need to Know
"Over the past three months, authorities have issued warnings about connections between various Iranian threat groups and several significant cybersecurity incidents, including multiple ransomware attacks and a sophisticated social-engineering scheme targeting various groups and individuals. While not at the same level as Russia and China, Iran’s cyber capabilities
ProxyNotShell - Zero-Days In Microsoft Exhange
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally. "These attacks installed the Chopper web shell to facilitate