Cybersecurity firm Qualys got compromised, the company admitted.
Read: https://thehackernews.com/2021/03/extortion-gang-breaches-cybersecurity.html
A prolific extortion gang exploited Accellion File Transfer Appliance server vulnerability to steal sensitive data and posted some files on the darkweb as evidence.
Read: https://thehackernews.com/2021/03/extortion-gang-breaches-cybersecurity.html
A prolific extortion gang exploited Accellion File Transfer Appliance server vulnerability to steal sensitive data and posted some files on the darkweb as evidence.
β‘ Google will use 'FLoC' and 'FLEDGE' for Ad-targeting once 3rd-party cookies are dead, stopping trackers from serve ads based on your browsing history.
Learn how it works and also, some concerns about control, privacy, trust: https://thehackernews.com/2021/03/google-will-use-floc-for-ad-targeting.html
Learn how it works and also, some concerns about control, privacy, trust: https://thehackernews.com/2021/03/google-will-use-floc-for-ad-targeting.html
Everything You Need to Know About Evolving Threat of Ransomware
https://thehackernews.com/2021/02/everything-you-need-to-know-about.html
Cybersecurity world is constantly evolving to new forms of threats & vulnerabilities; but ransomware proves to be a different animalβmost destructive & is showing no signs of slowing down.
https://thehackernews.com/2021/02/everything-you-need-to-know-about.html
Cybersecurity world is constantly evolving to new forms of threats & vulnerabilities; but ransomware proves to be a different animalβmost destructive & is showing no signs of slowing down.
π₯ FireEye and Microsoft researchers discover 3 new malware strains used by SolarWinds hackers, including a "sophisticated second-stage backdoor."
β GoldMax (aka SUNSHUTTLE)
β GoldFinder
β Sibot
Details β https://thehackernews.com/2021/03/researchers-find-3-new-malware-strains.html
β GoldMax (aka SUNSHUTTLE)
β GoldFinder
β Sibot
Details β https://thehackernews.com/2021/03/researchers-find-3-new-malware-strains.html
Mazafaka Got Hacked!
In what's a case of hackers getting hacked, a prominent underground cybercrime forum has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year.
Read more: https://thehackernews.com/2021/03/mazafaka-elite-hacking-and-cybercrime.html
In what's a case of hackers getting hacked, a prominent underground cybercrime forum has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year.
Read more: https://thehackernews.com/2021/03/mazafaka-elite-hacking-and-cybercrime.html
(New) Researchers detail design flaws in Apple's crowdsourced Bluetooth location tracking system that could have led to location correlation attacks and unauthorized access to the location histories.
Read details: https://thehackernews.com/2021/03/bug-in-apples-find-my-feature-couldve.html
Read details: https://thehackernews.com/2021/03/bug-in-apples-find-my-feature-couldve.html
Multiple threat actors actively exploiting the recently disclosed Microsoft Exchange vulnerability and are believed to have infected over 30,000 businesses & government entities.
Learn everything we know so far about this massive cyberattack β https://thehackernews.com/2021/03/microsoft-exchange-cyber-attack-what-do.html
Learn everything we know so far about this massive cyberattack β https://thehackernews.com/2021/03/microsoft-exchange-cyber-attack-what-do.html
The Hacker News
Microsoft Exchange Cyber Attack β What Do We Know So Far?
Recent flaw in Microsoft Exchange servers believed to have infected tens of thousands of businesses, government entities.
Researchers demonstrate the first microarchitectural side-channel attacks that leverage contention on the CPU ring interconnect against Intel CPUs, allowing malware to pilfer sensitive data from modern processors.
Read details: https://thehackernews.com/2021/03/malware-can-exploit-new-flaw-in-intel.html
Read details: https://thehackernews.com/2021/03/malware-can-exploit-new-flaw-in-intel.html
Iranian hackers are leveraging another legitimate remote access software to actively spy on its targets from academia, government and tourism entities in the Middle East and neighboring regions.
Read more: https://thehackernews.com/2021/03/iranian-hackers-using-remote-utilities.html
Read more: https://thehackernews.com/2021/03/iranian-hackers-using-remote-utilities.html
π₯ PATCH! Apple has released out-of-band security updates for billions of devices running iOS, macOS, watchOS, and Safari browser to address a high-severity vulnerability (CVE-2021-1844) that could allow remote attackers to run arbitrary code on affected devices via malicious web content only.
Read: https://thehackernews.com/2021/03/apple-issues-patch-for-remote-hacking.html
Read: https://thehackernews.com/2021/03/apple-issues-patch-for-remote-hacking.html
European Banking Authority (EBA) disclosed it had also been targeted by hackers exploiting Microsoft Exchange server vulnerabilities.
Read details: https://thehackernews.com/2021/03/microsoft-exchange-hackers-also.html
The widespread cyberattack forced it to temporarily take its email systems offline as a precautionary measure.
Read details: https://thehackernews.com/2021/03/microsoft-exchange-hackers-also.html
The widespread cyberattack forced it to temporarily take its email systems offline as a precautionary measure.
WARNING: A new malware dropper distributes AlienBot Banker and MRAT #malware via Android apps on Google Play store, designed to let attackers gain intrusive access to victims' financial accounts as well as full control of their devices.
Read: https://thehackernews.com/2021/03/9-android-apps-on-google-play-caught.html
Read: https://thehackernews.com/2021/03/9-android-apps-on-google-play-caught.html
SolarWinds Hack β New Evidence Suggests Potential Links to Chinese Hackers
https://thehackernews.com/2021/03/solarwinds-hack-new-evidence-suggests.html
#infosec #cyberattack
https://thehackernews.com/2021/03/solarwinds-hack-new-evidence-suggests.html
#infosec #cyberattack
The Hacker News
SolarWinds Hack β New Evidence Suggests Potential Links to Chinese Hackers
A web shell deployed on Windows PC by leveraging zero-day in SolarWinds network monitoring software may have been the work of a Chinese hacking group.
After taking another year-and-a-half break, financially motivated FIN8 hackers have returned with a more powerful and stealthy version of BADHATCH backdoor, designed to steal payment card data from point-of-sale (POS) systems.
Read: https://thehackernews.com/2021/03/fin8-hackers-return-with-more-powerful.html
Read: https://thehackernews.com/2021/03/fin8-hackers-return-with-more-powerful.html
Researchers unveil a new sophisticated backdoor, dubbed "RedXOR," targeting Linux endpoints and servers, believed to be the work of Chinese nation-state actors.
Read details: https://thehackernews.com/2021/03/researchers-unveil-new-linux-malware.html
Read details: https://thehackernews.com/2021/03/researchers-unveil-new-linux-malware.html
A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5's Big-IP and BIG-IQ software β Patch ASAP!
Read details: https://thehackernews.com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html
Besides this, a few other newly reported flaws also result in a denial of service (DoS) attack.
Read details: https://thehackernews.com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html
Besides this, a few other newly reported flaws also result in a denial of service (DoS) attack.
WARNING β A public PoC exploit has been released for Microsoft Exchange ProxyLogon flaw, likely to fuel mass exploitation and more disruptive cyberattacks against thousands of unpatched servers.
Details: https://thehackernews.com/2021/03/proxylogon-exchange-poc-exploit.html
Situation is escalating. Patch your servers ASAP!
Details: https://thehackernews.com/2021/03/proxylogon-exchange-poc-exploit.html
Situation is escalating. Patch your servers ASAP!
Researchers demonstrate a new Browser-based Side-Channel attack that can then be leveraged to track users online even when the #JavaScript is completely disabled.
The latest attack is also architecturally agnostic, resulting in microarchitectural website fingerprinting attacks that work across hardware platforms, including Intel Core, AMD Ryzen, Samsung Exynos 2100, and Apple M1 CPUs β making it the first known side-channel attack on the iPhone maker's new ARM-based chipsets.
Read details: https://thehackernews.com/2021/03/new-browser-attack-allows-tracking.html
The latest attack is also architecturally agnostic, resulting in microarchitectural website fingerprinting attacks that work across hardware platforms, including Intel Core, AMD Ryzen, Samsung Exynos 2100, and Apple M1 CPUs β making it the first known side-channel attack on the iPhone maker's new ARM-based chipsets.
Read details: https://thehackernews.com/2021/03/new-browser-attack-allows-tracking.html
Watch Out! Cybercriminals are now leveraging the heavily exploited #ProxyLogon flaws to target unpatched Microsoft Exchange servers with a new strain of ransomware called #DearCry.
https://thehackernews.com/2021/03/icrosoft-exchange-ransomware.html
https://thehackernews.com/2021/03/icrosoft-exchange-ransomware.html
Researchers have spotted a new malware, dubbed 'NimzaLoader,' written in Nim, a rare programming language, likely to avoid detection.
Read details: https://thehackernews.com/2021/03/researchers-spotted-malware-written-in.html
Read details: https://thehackernews.com/2021/03/researchers-spotted-malware-written-in.html