03 Jul 2019

US Military Warns Outlook Users To Update Immediately Over Hack Linked To Iran

US Cyber Command has issued an unprecedented alert about the “active malicious use” of a critical vulnerability in Microsoft Outlook by Iranian hackers. The warning follows recent reports that Iran and the US are targeting each other in offensive cyber campaigns in the midst of mounting tensions between the two

Read More
01 Jul 2019

MageCart Launches Customizable Campaign

A new report by Fortinet shows that Magecart hackers are licensing Inter, which is highly customizable malware that can be used in order to inject payment card skimming malware into legitimate websites. Magecart is an umbrella term for various criminal groups that attack e-commerce websites with the aim of injecting

Read More
01 Jul 2019

Bulgarian IT expert arrested after demoing vulnerability in kindergarten software

A recent incident in Bulgaria underscores the major risks security researchers may face as the result of vulnerability disclosure issues. Last week, a researcher named Petko Petrov published a demo of a critical vulnerability in a web portal of a Bulgarian municipality that allows parents to sign their children up

Read More
28 Jun 2019

China’s ‘Cloud Hopper’ Hacked Eight Tech Service Companies

An exclusive report by Reuters details a vast China-sponsored cyber espionage campaign that targeted eight major tech companies: Hewlett Packard Enterprise, IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology. Clients of these firms were also impacted, including Ericsson, Sabre, and major US Navy

Read More
27 Jun 2019

Iran-linked APT33 Shakes Up Cyberespionage Tactics

After Symantec released a detailed report on the modus operandi of Iranian cyber espionage group APT33 in March, the threat group made significant changes to its infrastructure, new research by Recorded Future shows. The changes included the adoption of njRAT, a remote access trojan (RAT) that had not been used

Read More
27 Jun 2019

Hacker steals $4.5 million from Bitrue cryptocurrency exchange

Once again, a major cryptocurrency platform has been at the receiving end of a cyberattack resulting in the theft of millions of dollars worth of cryptocurrency. This time the victim was Singaporean crypto exchange Bitrue and the hacker(s) managed to steal 9.3 million Ripple (XRP) coins and 2.5 million Cardano

Read More
26 Jun 2019

Companies on Watch After US, Iran Claim Cyberattacks

Against a background of mounting tensions between Washington and Tehran, both the US and Iran have started targeting each other in cyberspace. As result, experts are warning critical infrastructure companies and organizations doing business in the Middle East to step up their cybersecurity efforts in order to protect themselves against

Read More
25 Jun 2019

China Blamed for APT Attacks on Global Telcos

Cybereason has published a new report on a massive cyber espionage campaign that has targeted telcos around the globe since 2017. The researchers believe “Operation Soft Cell,” is the work of APT10, a notorious hacking group with ties to China’s Ministry of State Security (MSS). The campaign was carried out

Read More
25 Jun 2019

Social Engineering Forum Hacked, Data Shared on Leak Sites

Earlier this month, a threat actor breached SocialEngineered.net, an online community for discussing social engineering. The hackers exploited a vulnerability in the MyBB software the forum was running in order to obtain data from tens of thousands of forum members. All the compromised data was leaked on the day of

Read More
24 Jun 2019

Free proxy service found running on top of 2,600+ hacked WordPress sites

Netlab researchers are warning that the Free-Socks.in proxy service is a front for a criminal operation, as the service runs on top of a massive botnet consisting of 2,692 WordPress sites, nearly half of which are hosted in the US. The compromised websites have been infected with the Linux.Ngioweb backdoor

Read More