Despite recent efforts to takedown TrickBot malware, some of its new variants are actively targeting Linux users.
Read details: https://thehackernews.com/2020/10/trickbot-linux-variants-active-in-wild.html
Read details: https://thehackernews.com/2020/10/trickbot-linux-variants-active-in-wild.html
FBI, Homeland Security, and HHS warn of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers.
Read details: https://thehackernews.com/2020/10/ransomware-attack-hospital.html
Read details: https://thehackernews.com/2020/10/ransomware-attack-hospital.html
KashmirBlack botnet hijacks hundreds of thousands of websites running on popular CMS platforms, including WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, and Yeager.
Read details of the campaign here: https://thehackernews.com/2020/10/kashmirblack-botnet-hijacks-thousands.html
Read details of the campaign here: https://thehackernews.com/2020/10/kashmirblack-botnet-hijacks-thousands.html
Attackers exploit Chrome and IE browsers flaws to install two new backdoor malware on targeted computers by tricking Korean victims into visiting some sites.
Read details: https://thehackernews.com/2020/10/browser-exploit-backdoor.html
Read details: https://thehackernews.com/2020/10/browser-exploit-backdoor.html
WATCH OUT! Google disclosed details of a new zero-day flaw (CVE-2020-17087) in the Windows operating system that's being actively exploited in the wild.
Details: https://thehackernews.com/2020/11/warning-google-discloses-windows-zero.html
Details: https://thehackernews.com/2020/11/warning-google-discloses-windows-zero.html
🔥 NAT Slipstreaming — A new technique allows attackers to bypass NAT/firewall protection and remotely access any TCP/UDP service on targeted systems just by tricking victims into visiting a website.
Read Details: https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html
Read Details: https://thehackernews.com/2020/11/new-natfirewall-bypass-attack-lets.html
Another Chrome Browser 0-Day Found Being Exploited in the Wild.
https://thehackernews.com/2020/11/new-chrome-zero-day-under-active.html
Update Your #Google Chrome to Version 86.0.4240.183 for Windows, Mac, and Linux Systems.
https://thehackernews.com/2020/11/new-chrome-zero-day-under-active.html
Update Your #Google Chrome to Version 86.0.4240.183 for Windows, Mac, and Linux Systems.
Researchers uncover 'KGH_SPY,' a new spyware module North Korean hacking group added to its Kimsuky malware to make it more powerful against espionage targets.
Read details: https://thehackernews.com/2020/11/new-kimsuky-module-makes-north-korean.html
Read details: https://thehackernews.com/2020/11/new-kimsuky-module-makes-north-korean.html
NEW: Gaza & Egypt-based hackers hijacked VoIP servers of over 1200 companies (across 60 countries) to profit from premium rate phone numbers.
Read details: https://thehackernews.com/2020/11/premium-rate-phone-fraudsters-hack-voip.html
Read details: https://thehackernews.com/2020/11/premium-rate-phone-fraudsters-hack-voip.html
Uncovered — North Korean hackers implanted a previously undiscovered #spyware, dubbed 'Torisma,' on the victims' systems compromised during JOB OFFERS-based attacks.
Read details: https://thehackernews.com/2020/11/north-korean-hackers-used-torisma.html
Read details: https://thehackernews.com/2020/11/north-korean-hackers-used-torisma.html
WARNING: Update your iOS devices now!
Apple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.
Read details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html
✅ CVE-2020-27930
✅ CVE-2020-27932
✅ CVE-2020-27950
Apple releases emergency iOS update to patch 3 actively exploited 0-day vulnerabilities.
Read details: https://thehackernews.com/2020/11/update-your-ios-devices-now-3-actively.html
✅ CVE-2020-27930
✅ CVE-2020-27932
✅ CVE-2020-27950
Popular software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung successfully PWNED at Tianfu Cup 2020 cybersecurity contest—with previously unseen exploits.
Read details: https://thehackernews.com/2020/11/windows-10-ios-chrome-firefox-and.html
Read details: https://thehackernews.com/2020/11/windows-10-ios-chrome-firefox-and.html
👍1
November 2020 Patch Tuesday — Microsoft releases security updates for 112 newly discovered vulnerabilities, including an actively exploited zero-day flaw (CVE-2020-17087) disclosed by Google's security team last week.
https://thehackernews.com/2020/11/microsoft-releases-windows-security.html
https://thehackernews.com/2020/11/microsoft-releases-windows-security.html
In the latest wave of cyberattack against online shopping websites, Magecart 'Cardbleed' credit card hackers compromised over 2800 websites running outdated Magento e-commerce software.
Details: https://thehackernews.com/2020/11/over-2800-e-shops-running-outdated.html
Details: https://thehackernews.com/2020/11/over-2800-e-shops-running-outdated.html
🔥 Watch Out! A new PoS (point-of-sale) malware — dubbed "ModPipe — has been found stealing data from ORACLE MICROS systems at restaurants, hotels, and other hospitality establishments.
Read details: https://thehackernews.com/2020/11/new-modpipe-point-of-sale-pos-malware.html
Read details: https://thehackernews.com/2020/11/new-modpipe-point-of-sale-pos-malware.html
⚡ SAD DNS Attack !!!
A series of new vulnerabilities (CVE-2020-25705) in Linux, Windows, macOS, and FreeBSD systems re-enable classic DNS cache poisoning attack, leaving millions of users vulnerable.
Details: https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html
A series of new vulnerabilities (CVE-2020-25705) in Linux, Windows, macOS, and FreeBSD systems re-enable classic DNS cache poisoning attack, leaving millions of users vulnerable.
Details: https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html
North Korean hackers abuse legitimate security software and stolen digital certificates to target Internet users in South Korea with RAT malware.
Details: https://thehackernews.com/2020/11/trojanized-security-software-hits-south.html
Details: https://thehackernews.com/2020/11/trojanized-security-software-hits-south.html
Researcher publicly revealed PoCs for as many as 12 Pre-Auth RCE vulnerabilities affecting #Cisco Security Manager (CSM)—a week after company quietly released an updated version without disclosing any of them.
Details: https://thehackernews.com/2020/11/researcher-discloses-critical-rce-flaws.html
Details: https://thehackernews.com/2020/11/researcher-discloses-critical-rce-flaws.html
Cybersecurity researchers today unveiled a complex and targeted espionage attack on potential government sector victims in South East Asia that they believe was carried out by a sophisticated Chinese APT group at least since 2018.
Read details: https://thehackernews.com/2020/11/chinese-apt-hackers-target-southeast.html
Read details: https://thehackernews.com/2020/11/chinese-apt-hackers-target-southeast.html
The Hacker News
Chinese APT Hackers Target Southeast Asian Government Institutions
Chinese APT Hacking Group Found Targeting Southeast Asian Government Institutions
A new feature in macOS Big Sur allows Apple's own apps to bypass firewalls and VPNs—potentially letting malware also exploit the same shortcoming to access sensitive data stored on users' systems and transmit them to remote servers.
Read: https://thehackernews.com/2020/11/apple-lets-some-of-its-big-sur-macos.html
Read: https://thehackernews.com/2020/11/apple-lets-some-of-its-big-sur-macos.html
Wanna learn how to hack Bluetooth devices?
Try BLE HackMe, a free tool for Windows 10 that simulates various BLE devices without the need for any dedicated hardware and offers various hands-on hacking challenges for practice.
http://smartlockpicking.com/ble_hackme/
Try BLE HackMe, a free tool for Windows 10 that simulates various BLE devices without the need for any dedicated hardware and offers various hands-on hacking challenges for practice.
http://smartlockpicking.com/ble_hackme/
Smartlockpicking
Bluetooth Low Energy HackMe: the best way to learn BLE security basics while having fun!
Bluetooth Low Energy HackMe is is a free, open source tool: hands-on practical introduction to BLE security - without the need of any special hardware. Application simulates various BLE devices using your laptop's built-in Bluetooth adapter. You can actively…