Blog

Telegram Bot Hackers Data Stealer WooCommerce Website Protection Credit Card Skimmer CMS

Telegram bot used by hackers to steal data from WooCommerce sites

Hackers deploying Telegram bot to steal troves of data from WooCommerce websites have been found. These malicious adversaries used credit card skimmers, leading to several cases of credit card theft reported on an eCommerce site. The first scenario is that a website owner received numerous complaints from customers who reported faulty transactions on their cards after...
Continue Reading

Adobe Acrobat queries antivirus programs that can inspect PDF files

Adobe Acrobat users might be at risk after security researchers found that the software may block antivirus programs from checking into PDF files, which also denies these AV tools from monitoring if a PDF file is infected with malicious trojans. Most security tools require visibility into a computer system’s software and processes. To be able to...
Continue Reading
Fake Voicemails Vishing MS Office365 Credentials Harvesting

Fake voicemails used for MS Office 365 credentials harvesting

A newly discovered phishing campaign has been compromising US entities such as the military, manufacturing, healthcare, pharmaceutical and security software sectors to harvest Microsoft Office 365 credentials. The cybercriminal operation is currently active, and its operators use fake voicemail notifications to bait targets into accessing a malicious HTML attachment. Based on reports, the recently discovered phishing...
Continue Reading
Windows Domain Take Over Hijacking DFSCoerce NTLM Vulnerability Hacking

Windows domain can be taken over by using the new DFSCoerce NTLM

Researchers have uncovered a newly identified DFSCoerce Windows NTLM relay threat campaign that uses the MS-DFSNM, Microsoft’s Distributed File System, that aids hackers in controlling a Windows domain. Almost all organisations use the Microsoft Active Directory Certificate services since it is a public key infrastructure service utilised for authenticating users, devices, and services on a Windows...
Continue Reading
DOJ Shuts Down RSOCKS Botnet Russia Hackers Malicious Campaigns

DOJ shuts down RSOCKS botnet used by hackers in malicious campaigns

Cybersecurity authorities have taken down an infrastructure used by a Russian botnet, RSOCKS, that compromised millions of internet-connected devices and computers worldwide. The threat actors have utilised the botnet to execute credential-stuffing attacks against hacked devices, an attack tactic that automatically enters a user’s login credentials on login pages of websites. The DOJ’s published press release...
Continue Reading
Browsers Scroll to Text Fragment Feature Abused Cyberattacks

Browsers’ Scroll to Text Fragment feature could get abused in attacks

Research says threat actors could exploit the Scroll to Text Fragment or STTF feature in web browsers to steal users’ sensitive data. This feature allows users to create links from the URL onto a specific webpage portion using the ‘#:~:text’ identifier. From the studies about the STTF flaw, its operators use CSS selectors to collect specific...
Continue Reading
Kazakhstan Hermit Android Spyware Privacy

Kazakhstan used the Hermit Android spyware to snoop on its citizens

An alleged Italian-made Hermit Android spyware has been observed by researchers in Kazakhstan, where the government utilised it to monitor its citizens’ activities. Experts assumed that the spyware was developed by a couple of Italian firms named Tykelab Srl and RCS Lab S.p.A. Moreover, a researcher said that an entity owned by the national government of...
Continue Reading
Users Online Fingerprints Tracked Chrome Extensions Extension Fingerprint

Users’ online fingerprints could be tracked from Chrome extensions

Studies claim that anyone could find ways to track a person’s online activities and behaviour after a security researcher had created a site that could generate a user’s device fingerprints through their installed Google Chrome extensions. The researcher has dubbed the new fingerprinting site “Extension Fingerprints,” allowing its user to generate a tracking hash based on...
Continue Reading
CPS Chicago Public Schools Third-Party Risk Vendor Supplier Data Breach Cyberattack Incident Battle for Kids US

The CPS blame a third-party supplier for a data breach incident

Chicago Public Schools (CPS) have published an advisory regarding a data breach of nearly half a million students from the educational institution, blaming the misactions of a third-party supplier which resulted in a ransomware attack. The ransomware campaign has impacted the Ohio-based non-profit organisation called Battle for Kids. This single school system experienced a data exposure...
Continue Reading

The Blue Mockingbird group exploits the previously known Telerik flaw

A malicious threat group called Blue Mockingbird has targeted the Telerik UI flaws to infect its servers, mine Monero by hacking system resources, and install Cobalt Strike beacons. The CVE-2019-18935 is the deserialisation critical flaw leveraged by the threat actors, which leads to an RCE in the Telerik UI library. To exploit the critical vulnerability, the...
Continue Reading
GhostTouch Compromise Touchscreen Smartphone Devices

GhostTouch can compromise the touchscreen of smartphone devices

New research revealed that hackers could use GhostTouch to execute several cybercriminal actions, such as downloading malware and initiating calls. Any entity could utilise electromagnetic interference to activate arbitrary behaviour on mobile touchscreens. Modern tablets and smartphones take advantage of capacitive touchscreens that give multi-touch capabilities and can measure minimal electric fields. However, the charger noise...
Continue Reading
Malibot Malware Android Devices Steal Crypto Assets

Malibot malware hits Android devices to steal crypto assets

Italy and Spain were targeted by a new cyberattack campaign that utilises a new Android banking malware dubbed MaliBot. The new malware variant has been observed imitating cryptocurrency mining apps and the Chrome internet browser to target its victims. The studies conducted on the MaliBot banking malware show how the new variant could steal the financial...
Continue Reading
Iranian Hackers Spearphishing Cyberattacks Israel Impersonation Social Engineering

Iranian hackers used spearphishing attacks to target Israel

An alleged group of Iranian hackers has been operating a spearphishing campaign that includes masquerading known government officials. Based on reports, the Iran-sponsored threat group posed as a former United States ambassador to target think tank officials. The malicious threat actors could obtain initial access to one of its two targeted email boxes through phishing messages...
Continue Reading
Golang P2P Panchan Botnet Linux Servers Cryptojacking Miner

A new Golang-based P2P Panchan botnet targets Linux servers

A new Go language-based peer-to-peer botnet dubbed Panchan has been observed by researchers targeting the Linux servers in the academic sector since it started appearing last March. The researchers stated that the malware utilises a built-in concurrency functionality to maximise its propagation and run malware modules. Additionally, they noticed that the Panchan botnet could harvest the...
Continue Reading
Phishing Toolkit NakedPages Traded Dark Web Hacking Forums Cybercrime

A new phishing toolkit dubbed NakedPages is traded on the dark web

Phishing actors were seen selling a new sophisticated toolkit called NakedPages on underground marketplaces, allegedly effective against large-scale companies. Aside from being found on the dark web forums, the NakedPages toolkit is also promoted by its operators on some malicious Telegram channels. Originally designed for the Linux OS, the new phishing toolkit requests reading, writing, and...
Continue Reading
Dark Web Billions Compromised Data User Credentials Fraud Prevention Marketplace

The dark web is seen loaded with billions of breached user credentials

New studies show that the dark web is still filled with compromised victims’ data, reaching over 24 billion worth of usernames and passwords. These findings demonstrate a 65% uptick within two years, mostly due to users creating account passwords that hackers could easily crack. For instance, one in every 200 compromised passwords comprises the number ‘123456’...
Continue Reading
ALPHV Ransomware Hacking Group Search Website Stolen Data Breach

ALPHV ransomware group developed a search website for stolen data

The ALPHV ransomware group (also known as BlackCat) has devised a new method of threatening its targets. The group cleverly designed websites that let its victims’ employees and customers review if hackers stole their data during an attack. Most of the time, some threat groups will use the stolen data for double-extortion tactics, in which the...
Continue Reading
Vice Society Hacker Group Palermo Sicily Italy Data Breach Compromised Data

Vice Society hacker group claimed the attack against the city of Palermo

The Vice Society ransomware group has allegedly attacked Italy’s Palermo city, which caused a massive service outage across the entire district. The cyberespionage attack happened last week, and all internet-dependent services were unavailable, affecting approximately 1.3 million individuals, including tourists that visited the city. The law enforcement and concerned authorities assessed the situation’s criticality after confirming...
Continue Reading
Syslogk Linux Rootkit Curated Packets Backdoor Trojan

The Syslogk Linux rootkit utilises curated packets to activate a backdoor

Syslogk, a new Linux rootkit, is used by hackers in their latest attacks to obfuscate malicious processes via specially designed packets to trigger a dormant backdoor in the device. The malware is believed to be in its development phase, and its developers seem to base its project on an old open-source rootkit called Adore-Ng. Additionally, the...
Continue Reading
Intel AMD Processors Digital Risk Hertzbleed Cyberattack Side Channel

Intel and AMD processors are at risk against the new Hertzbleed attack

Remote threat operators can now execute a new side-channel attack tracked as Hertzbleed. They use the new attack vector to exfiltrate full cryptographic keys in affected CPUs through observing their frequency variations enabled by DVFS or dynamic voltage and frequency scaling. According to the security analysts, the new side-channel attack is highly effective on modern Intel...
Continue Reading
1 2 3 50