19 Nov 2019

Ransomware hits Louisiana state government systems

Louisiana Governor John Bel Edwards revealed a ransomware attack yesterday took down websites and the Louisiana state government network. Edwards stated that the Office of Technology Services recognized the threat and took the servers down, affecting employee e-mails, websites, and other applications controlled by the government. The extent of the

Read More
18 Nov 2019

US Govt Recommends Vendor System Configs To Block Malware Attacks

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) reminded users last week to property configure systems to defend against malware. CISA published the document through the US National Cyber Awareness System, which is designed to keep users updated on current security threats. The agency recommended installing and

Read More
18 Nov 2019

Thousands of hacked Disney+ accounts are already for sale on hacking forums

Disney+ was released on November 12, and has already gained more than 10 million customers despite the service only being available in the US, Canada, and the Netherlands. Just hours after the launch, hackers began offering accounts on hacking forums with prices varying from $3 to $11. Users reported that

Read More
18 Nov 2019

Attackers using WhatsApp MP4 video files vulnerability can remotely execute code

Last week a severe vulnerability in the WhatsApp messaging software was uncovered, allowing hackers to perform remote code execution attacks. Facebook reported that the bug is a stick-based buffer overflow problem that can be prompted by attackers sending .MP4 video files. The vulnerability can be exploited to conduct denial-of-service (DoS)

Read More
13 Nov 2019

Exclusive: U.S. manufacturing group hacked by China as trade talks intensified

The National Association of Manufacturers (NAM) was hacked over the summer following intensified trade talks between the U.S. and Beijing. A cybersecurity firm hired by NAM confirmed that the attack came from China through analyzing techniques that have previously been identified as associated with Chinese hackers. It remains unclear if

Read More
08 Nov 2019

Amazon Ring doorbells exposed home Wi-Fi passwords to hackers

A new report by Bitdefender underscores the security risks involved with Internet-of-things (IoT) devices. Earlier this year, researchers with the firm discovered that Amazon Ring smart doorbells leak the Wi-Fi password of the home network they are connected to, allowing threat actors to capture the credentials and use then to

Read More
06 Nov 2019

Kaspersky identifies mysterious APT mentioned in 2017 Shadow Brokers leak

Kaspersky has identified one of the advanced persistent threat (APT) groups mentioned in a leaked US National Security Agency (NSA) scanning tool. The python script was made public as part of the ‘Lost in Translation’ leak by the mysterious Shadow Brokers group in 2017. That leak also exposed other NSA

Read More
01 Nov 2019

Chinese Cyberspies Use New Malware to Intercept SMS Traffic at Mobile Operators

A Thursday report by FireEye details how Chinese state-sponsored hacking group APT41 has been intercepting SMS traffic using a new malware strain called MESSAGETAP. APT41 has been linked to cyber espionage campaigns as well as financially-motivated attacks from 2012 onward. MESSAGETAP is designed to target Linux servers used by telecommunications

Read More
01 Nov 2019

Calypso APT Emerges from the Shadows to Target Governments

Security researchers with Positive Technologies have been tracking the activities of a previously unknown advanced persistent threat (APT) group called Calypso since March of this year. Calypso, which is believed to have been operating since at least 2016, uses a custom remote access Trojan (RAT) in order to target government

Read More
31 Oct 2019

Indian nuclear power plant’s network was hacked, officials confirm

Threat actors have managed to infect the network of an Indian nuclear power plant with malware, the Nuclear Power Corporation of India Limited (NPCIL) has admitted, adding that India’s national computer emergency response team (CERT-In) discovered the issue last month. NPCIL stated that an investigation by India’s Department of Atomic

Read More