The Zero Day Initiative's Pwn2Own Austin 2021 hacking rivalry started on Tuesday, a precedent for the occasion's set of experience acquired awards for hacking printers.
Image source – freepik.com On 31 st May 2021, the Heimdal ™ Security SOC team started an investigation on attack and exfiltration methodologies. They analyzed that number of failed attempts by cybercriminals is more than the number of successful attempts. Heimdal™ claims that the results contain aggregated data from all available anti-ransomware and security tools. Heimdal ™ has aggregated data from all available detection grids (i.e., anti-ransomware encryption protection, antivirus, brute-...
Image source – freepik.com Newfoundland and Labrador’s Health Care System The health care system of Newfoundland, and Labrador, a province of Canada, were under cyber-attack where attackers changed their whole system. All the appointments in different hospitals were canceled, upsetting all the patients, and leaving all the doctors openmouthed. Appointment Calls Numerous doctors received a call from their hospital where were confirmed that they had an appointment on Monday. The same patients...
Image source – unsplash.com In September, several media warned about the advent of "Groove," a new ransomware group that urged rival extortion gangs to band together to attack US government interests online. Groove looks to have been a large-scale fake intended to fool security firms and media. What is Groove? Groove was first announced on RAMP , a new and relatively exclusive Russian-language darknet cybercrime forum , on August 22. In the first week of September, Groove published...
Image source—gulfbussiness.com The Lookout Report Lockout (IT Security Company ) released a report showing that mobile phishing exposure surged 161% within the energy industry between the second half of 2020 and the first half of 2021 . According to stats of recent attacks launched, the hackers are now targeting companies in the energy sector following the attack launched on Colonial Pipeline in the USA earlier this year and the current cyber-attacks war between Israel and Iran . The Research...
Image source - freepik.com Compromised Vulnerabilities of APIs APIs can be segregated as private, partner, or public. In the case of client-facing linked things and apps, APIs are often put as both private and public because outside users won't be acquiring them using a company's private intranet . However, this makes an embryonic vulnerability if companies suppose that a private API doesn't need to be protected . Restricting API access to validated users isn't ample. In this instance, the firm...
Image source - kaspersky.com Table of Contents New vulnerability found How does it work? Effects Cause of concerns New vulnerability found At the University of Cambridge, researchers recently found a bug that involves standard encoding Unicode. Unicode is a digital text standard that allows computers to exchange information regardless of the language used. Currently, Unicode is capable of handling more than 143,00 characters across 154 language scripts. The weakness involves the " Bidi"...
Image source - glassdoor.com Surprisingly the United States Senate Federal Credit Union has five people I.T. team. Rather than investing in more expensive physical security appliances that would be time-consuming to maintain by USSFCU's five-person I.T. team . The credit union chose a software-defined, intrinsic approach to infrastructure security , relying on VMware NSX Data Center for virtual firewalling and micro - segmentation . It also included VMware App Defense in its VMware vSphere...
Image source – freepik.com Avast has reminded how scams can happen anywhere, even on most beloved social media platforms. A young girl in her early 20s tells how she almost got scammed while she was only scrolling Instagram. I was scrolling through my Instagram and received a notification about a new direct message request (DM). I saw an older man pictured in a channel’s photo. The older man first gained her trust and then offered her his sugar baby for 1,500 euros per week. Keep reading to...
Image source – thetimes.co.uk Trump, The Beckhams, and Worlds Elite fall Victim to the Attack The multinational jewelry company of Britain , Graff, has fallen victim to a major ransomware attack , settling down its customers to have had their details stolen by a Russian cybercriminal gang Conti which hacked into the systems of Graff . It is to be noted that Graff operated at the top end of the diamond jewelry market, having more than 60 stores over the globe . With the uproar of Conti's...
Image source – freepik.com The month following its launch, the Squid Game, a South Korean drama TV series, turned Netflix into a huge series, with over 111 million viewers. Following the demand from viewers, cybercriminals should not be ashamed to benefit from fans' enthusiasm to watch this season, with well-known fraudulent tactics ignored. Kaspersky's experts share their details about the most common and complex squid Game threats found in the wild, as well as Trojan, adware, and Halloween...
Update 26.10.2021: After additional investigation of initial exposure of ISO.org Content Server, we finally concluded that exposed information is not for public access. For the time of investigation, we can search through very convenient internal search queries and observe: 490k+ different documents 120k+ emails 5k+ different media files By the way, look at the dates below. It seems that with COVID-19 and lockdowns, all internal and external events were postponed or canceled, so there are...
Image source – pixbay.com Jonathan Scott @jonathandata1 has been working on this exploit for the past few years and revealed this exploit yesterday on his official Twitter account . Image source – twitter.com Android ADB Zero-Day explained A detailed setup and Discussion have been done at his GitHub Repository, where he established the official Setup for this PoC . He eventually reduced this technique to only two AT Commands . These AT Commands can be combined into a single string. This...
Image source – pixabay.com How do Users get scammed by Ultima SMS? Avast , a global leading digital security and privacy organization, announced today the identification of more than 150 premium SMS scam applications as part of that campaign. The layout and operation of these apps are substantially identical; they are essentially duplicates of the same fraudulent app that was used to distribute the premium SMS scam campaign. Because one of the first programs I discovered was called Ultima...
Image source – nytech.com Microsoft claims that it founded the current form of macOS malware modified to use a new eluding and perseverance strategy for growing worldliness. It is also pursued as WizardUpdate or Vigram. As WizardUpdate is the updated form of malware discovered earlier this month by Microsoft security experts. It is probably being distributed through drive-by downloads. It mocks with the legitimate software exactly as it was when the threat intelligence firm Confiant founded its...
Image source - freepik.com The newly identified rootkit was obtained with a valid digital signature issued by Microsoft. It has been used by the Chinese. Internet players for more than a year to create proxy traffic on Internet addresses that are of interest to attackers. A security technology company headquartered in Bucharest has called malware FiveSys, pointing to possible theft and hijackings of games within the game. The Windows maker subsequently revoked the signature after due disclosure...
Image source – freepik.com Google Chrome announced its recent update as ‘Chrome 95’ on Oct 19, 2021 . This update is likely to roll out in the coming days. This update, Chrome 95.0.4638.54, contains several fixes and improvements, including Secure Payment Confirmation, Eyedropper support, web app improvements, and more. This update will be available immediately for Windows, macOS, and Linux . Chrome has launched this update just after a few weeks of the chrome 94 update, as some external...
Image source – freepik.com LightBasin, also known as UNC1945, is an Advanced Persistent Threat (APT) that has been targeting the telecommunication networks at a global level since 2016. This threat utilizes custom tools and in-depth knowledge of telecommunications network architectures. This cluster's extensive knowledge of telecommunications protocols can let it easily get access to information such as subscriber information and call metadata. Read on for more insight Table of Contents:...
Image source – clickssl.net With the Internet Advancing at a speed that not many can catch up with, the risks are crawling their way alongside. Our data is being purchased and handed out via the Terms and Conditions we agree to, all of this in a web of advertisement and money-making. It is now essential for every user to learn the agreement they sign and each application or system they use to know their rights and the basics of online protection . From Strong passwords to purchasing anti-virus...
Image source – pixbay.com Table of Contents What happened? The message published by Leaker What does an anonymous user's thread contain? Root Cause Updates from TWITCH VGC and its part in this Incident Vapor – A service under Development Your Steps towards Security during Major Breach! Conclusion What happened in actual? The message published by Leaker What does an anonymous user's thread contain? On the 4chan discussion forum, an unidentified 4chan member posted a torrent link to a 128GB file...
Image Source - cyberiqs.com The LockBit ransomware gang claimed to have asked for a $50 million ransom and have stolen 6Tb of data. On the other hand, the company remained not publicly acknowledged the said data breach outside of SEC filings . For the fourth quarter and full fiscal year , the news about the ransomware attack was included in the company’s financial report on August 31, 2021. In the past, we have experienced, and in the future, we may again experience, data security incidents...
Image source - bleepingcomputer.com Table of Contents What is DEV-0343 When was it discovered? Who was affected Password Spraying Technique used Nearly 20 accounts breached Microsoft Observed Behaviors Recommended Defense Techniques Conclusion What is DEV-0343 DEV-0343 is an Iran-backed hacking crew recently blamed Microsoft (An American multinational company in technology) for cyber espionage on Persian Gulf countries, the US, and Israel . Microsoft put an allegation, which claims that they...
Image Source - hackercombat.com The tricky and clever mindset behind the malicious malware named Trickbot has reappeared in the cyber-attack world with advanced tricks for trapping the users and reinforcing them by diversifying the malware distribution channel, eventually directing Conti's deployment of ransomware . According to the IBM X-Force report, the dangerous malware gang IT23 and Wizard Spider had become partners with cybercrime gangs named Hive0105 , Hive0106 (Shathak or TA551), and...
Image source - freepik.com Fraudsters not only need money; they threaten to disclose sensitive or essential information when companies do not pay or when they contact legal authorities. For example, if you run a healthcare organization. The impact could be devastating - as evidenced by the new report of a drug attack that found hospital invasions leading to delays in tests and procedures, lengthy hospitalizations, and even death. Concerning ransomware distribution, attackers do not seem to need...
Image source - canva.com Apple has released a new security update, 15.0.2, against a vulnerability CVE-2021-30883 in their recent models of IOS and iPad. The update includes a fix for a memory corruption bug that allowed an application to execute arbitrary code with kernel privileges, as reported by the Apple support page on Oct 11, 2021 . Apple also stated that they are aware of a report that this issue may have been actively exploited, so the users are advised to install the update at their...
Image source – pinterest.com Table of Contents Joint Cybersecurity Advisory (CSA) Overview of potential Threat Spread Phishing Ransomware Internet-connected Application Exploitation Control system devices with vulnerable firmware versions are being exploited Mitigations Mitigation to the Network Mitigations to the Safety System Operational Mitigations Cybersecurity Upskilling - Exercises in the Water Sector Cybersecurity Virtual Workshop Threats to WWS from Cyberspace Be Cyber Smart Why Cyber-...
Image Source - pixabay.com On Monday, October 11, 2021, Lindy Cameron marked her first-year tenure at the National Cyber Security Centre as the CEO . At the Chatham House speech, Cameron warned the nation of the cybercriminals and other malicious actors as a great threat . We expect ransomware will continue to be an attractive route for criminals as long as organizations remain vulnerable and continue to pay. It was also said at the conference by the chairperson that companies that pay and stay...
Image source − freepik.com The latest cumulative update to Microsoft's Exchange Server software platform, released in the last week of September 2021 , has a new threat mitigation feature. MS's new Emergency Mitigation (EM) software component automatically mitigates vulnerabilities for Microsoft's customers' Exchange Servers by creating and executing vulnerability mitigations . By using Microsoft's Office Configuration Service, the EM service checks for mitigations hourly. Table of Contents...
Image source − shutterstock.com Amid a ransomware attack , the Spring Medical Center was held responsible by an Alabama mother, Teiranni Kidd, for her daughter's death. Reputedly, then a failure in the electronic devices due to the Cyberattack , the doctors could not adequately monitor the child's health during delivery. Nicko Silar was killed due to these unfortunate events, though the hospital still stays in denial. At the same time, the suit clearly stated that the computer systems had been...
Image source – pixbay.com The Information sheet contains top hardening recommendations that include using tested and validated VPN products on the National Information Assurance Partnership ( NIAP ) Product Compliant List. Cybersecurity and Infrastructure Security Agency ( CISA ) recommended employing robust authentication methods like multi - factor authentication , promptly applying patches and updates, and reducing the VPN’s attack surface by disabling non-VPN-related features. Readout to...
Image Source – binance.com From supply chains to healthcare sectors, almost all the industries connected to the internet are under the effect of the biggest threat to online security; Ransomware . Considering this, Binance to ensure the security and sustainable growth of the crypto world committed to protect ing and fighting against ransomware and frauds inflicted with it. Working with the Ukraine Cyber Police , Binance released their first case study of the Bullet Proof Exchanger Project ;...
Image source – vonahi.com The MS Word RCE exploit attack uses fraudulently created Microsoft Office files that use the MSHTML browser rendering engine to open an ActiveX control. The ActiveX control shares the user's private information with the attack's mastermind, putting users' sensitive data at risk. Microsoft office RCE bug lets users at risk of data exploitation, creating unrest among users and dropping their trust level on public domains. In our daily routine in 21 st Century, the most...
Image source—freepik.com It is allegedly stated that FinSpy software was sold to the Egyptian government Hosni Mubarak to spy on dissidents and by the Bahraini government to spy on Bahraini activists in Britain – the latter resulting in the software having been found in breach of human rights. FinSpy was thought to be lost and taken care of by the researchers at Kaspersky. Still, after following an eight -month investigation led by Kaspersky, it has been seen that it did not disappear but was...
Image source - idagent.com Raid Forum , the famous dark web forum marketplace with 445,000 users allowing them to sell and purchase exclusive data leaks and sharing sources, was seen as unresponsive to users. The issue was reported earlier, on Oct 1, 2021 . The forum 'Omnipotent' owner addressed the issue, stating that the Website is down due to the domain's suspension and that the problem is in process. Image source – cybernews.com Meanwhile, some other trusted websites also reported the issue...
Image source — freepik.com One of Google's Threat Analysis group Research officers Neel Mehta, specializing in research in hacking and electronic frauds claims in a report that a new technique of changing digital signatures of files is now being used to evade detection from the windows security systems. According to Neel, this technique was developed by a known family of unwanted software named as OpenSUdater . The developers behind OpenSUdater tried to hide their identity by creating malformed...
Image source — freepik.com In recent depth analysis of Microsoft Threat Intelligence Centre (MSTIC) declared a newly detected NOBELIUM malware: a post-exploitation backdoor referred to as FoggyWeb . Microsoft has notified all customers observed being targeted or compromised by this activity. Said Nafasi in a disclosure blog Microsoft profiled NOBELIUM’s GoldMax, Goldfinger, and Sibot malware, used for layered persistence and early toolset comprising EnvyScout, BoomBox, NativeZone , and...
Image source – freepik.com Instagram, Facebook, and WhatsApp didn’t work in the USA, Europe, Russia, and some Asian countries for more than six hours yesterday October 4 th , 2021. Some users also complain about interruptions in Twitter, TikTok, YouTube, Google, and Amazon; the crypto exchange CoinBase does not work either. Just in the peak of Facebook’s operation disruption, CoolTechZone leaks hunters stumbled upon thread on a DarkNet forum pretended being e a cause of problems and given away...
Image source – freepik.com Hackers use Twitter bots to get access to Twitter users' personal information and make payments to their accounts using PayPal and Venmo payments . The fraudsters are using fake profiles using profile pictures of the source and are tricking users into transferring their funds to their accounts. The Twitter chatbot scam has particularly risen during the covid-19 lockdown as the world moved to online markets, an ideal scenario for the scammers to loot their targets. The...
Image source - kaspersky.com Kaspersky, the cybersecurity solutions provider, has recently discovered a new type of Trojan that affects online gamers and steals the gamer's data. Different attacks have been recorded in Europe, Asia-Pacific regions, and Latin America. An advanced Trojan can steal user's data from online gaming platforms. Kaspersky's research highlights that gaming goods and products are nowadays in demand on the darknet. The logins and password combinations required at different...
Image source - Shutterstock Alert! The world is in danger again! Microsoft warns of critical vulnerability “PrintNightmare” (CVE-2021-34527) in Windows Print Spooler service. Last week the world shook with horror! On July 1, Microsoft alerted system administrators to the critical zero-day vulnerability CVE-2021-34527 in the Print Manager service of all currently supported versions of Windows. Information security specialists dubbed the discovered vulnerability "PrintNightmare" because the...
The group of researchers from Forescout has completed another portion of vulnerabilities investigation. The new report will be published after 4th August 2021. It will reveal all-new 14 flows in a very popular network stack used by various devices, starting with common IT and ending up on IIoT from giant vendors. Table of Contents New portion of critical and high-scored vulnerabilities. Recent discoveries of Project Memoria. How to proceed and protect yourself? New portion of critical and high-...
I know that many users don't like applying and installing updates. I should say it is a really bad practice, especially in a business environment. But even there, a lot of iOS users postpone accepting new versions of an operating system together with the newest patches for vulnerabilities . Now we have a great example of why it is critical. Table of Contents What is RCE for CVE-2021-30800, and where it comes from? Original vulnerability is much harmless. How to proceed and protect yourself?...
As of 2021, Google Play Store has the 1 st spot with an estimated 4 million apps available for download to android users. In contrast, Apple App Store stands in the 2 nd spot with around 2.4 million apps available to IOS users. Both companies' inability to security audit every app being uploaded or available over the Stores leads to a severe threat. The threat is it provides bad actors with an opportunity to upload bogus/fake Apps. These bogus Apps are only intended to steal the data as soon as...
To look at your data from a black-hats view and know what they find on you in the global network, i.e., the Internet, you have to get in the shoes of a black-hat hacker and develop a hacker mindset . You will not find an article of this aptitude on any other site. I have shared my experience as an Ethical Hacker and cybersecurity expert . But a layman can't become a black-hat in a day or think, act, and behave like one over the global network. If it were that easy, everyone would have been a...
It appears quite usual (I mean not one a decade anymore) to witness the release of a new operating system from Windows. The new Windows 11 still lacks many expected features, which were implemented by other vendors, like better homeworking through free choice of mics or cameras, faster Windows update, and others. But I care mainly about another question – security . Table of Contents Microsoft claimed Windows 11 more secure than previous versions? Windows 11 exploit's the black market situation...
Ever since the inception of computing systems and devices, there have also existed many vulnerabilities in these systems as well. These vulnerabilities in the right hands lead to the improvement of a system, but in the wrong hands can cause many damages . In our article below, we will look at a particular type of vulnerability known as a Zero-Day vulnerability or simply a zero-day vulnerability. We would also be looking at the different markets where one could sell a zero-day along with the...
We were lucky to be born at a time when superheroes left the screens of cinemas and settled among us. Their job is to protect our privacy at all costs. They do not wear raincoats and bright costumes, but this does not diminish their merits in the least. These heroes are cybersecurity specialists who sometimes risk everything to save humanity from the hands of dangerous hackers who seek to disrupt our daily life. If you want to connect your life with information security , you have come to the...
