Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
Iran-linked APT group DEV-0270 (aka Nemesis Kitten) is abusing the BitLocker Windows feature to encrypt victims’ devices. Microsoft Security Threat...
hacking
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
CISA added 12 more security flaws to its Known Exploited Vulnerabilities Catalog including four D-Link vulnerabilities. The U.S. Cybersecurity and Infrastructure...
Classified NATO documents sold on darkweb after they were stolen from Portugal
Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA). After...
North Korea-linked Lazarus APT targets energy providers around the world
North Korea-linked Lazarus APT group is targeting energy providers around the world, including organizations in the US, Canada, and Japan. Talos researchers...
ForceAdmin – Create Infinite UAC Prompts Forcing A User To Run As Admin
ForceAdmin is a c# payload builder, creating infinate UAC pop-ups until the user allows the program to be ran. The...
Cisco will not fix the authentication bypass flaw in EoL routers
Cisco fixed new security flaws affecting its products, including a recently disclosed high-severity issue in NVIDIA Data Plane Development Kit. The most...
Ex-members of the Conti ransomware gang target Ukraine
Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022....
Albania interrupted diplomatic ties with Iran over the mid-July attack
Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the mid-July attack. Albanian Prime Minister Edi...
Experts spotted a new stealthy Linux malware dubbed Shikitega
A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs...
Coercer – A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. FeaturesAutomatically detects...
Challenges of User Authentication: What You Need to Know
In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In...
Zyxel addressed a critical RCE flaw in its NAS devices
Networking equipment vendor Zyxel addressed a critical vulnerability impacting its network-attached storage (NAS) devices. Zyxel addressed a critical vulnerability, tracked...
Moobot botnet is back and targets vulnerable D-Link routers
The Moobot botnet is behind a new wave of attacks that started in early August and that target vulnerable D-Link...
The Los Angeles Unified School District hit by a ransomware attack
One of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack during the weekend....
A new Android malware used to spy on the Uyghur Community
Experts spotted new Android spyware that was used by China-linked threat actors to spy on the Uyghur community in China. Researchers from...
Experts discovered TeslaGun Panel used by TA505 to manage its ServHelper Backdoor
Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from...
noPac – Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 +...
China accuses the US of cyberattacks
China accuses the United States of conducting tens of thousands of cyberattacks on its country, including cyberespionage campaigns. The Government...
Interpol dismantled sextortion ring in Asia
Interpol arrested 12 individuals which are suspected to be core members of a transnational sextortion ring. Interpol announced the arrest...
QNAP warns new Deadbolt ransomware attacks exploiting zero-day
QNAP warns customers of ongoing DeadBolt ransomware attacks that are exploiting a zero-day vulnerability in Photo Station. QNAP warns customers...
TikTok denies data breach following leak of user data
Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking...
Windows Defender identified Chromium, Electron apps as Hive Ransomware
Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware...
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web
Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack...
A new SharkBot variant bypassed Google Play checks again
Experts spotted an upgraded version of the SharkBot malware that was uploaded to the official Google Play Store. Fox IT...
