Tag: hacking
-
Researchers: Iranian Custom Malware Targets Fuel Systems
by
in SecurityNewse=4>An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated CyberAv3ngers swept up fuel management systems made by U.S.-based firm Gilbarco Veeder-Root. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/researchers-iranian-custom-malware-targets-fuel-systems-a-27058
-
Chinese APT Groups Targets European IT Companies
by
in SecurityNewsEvidence Mounts for Chinese Hacking ‘Quartermaster’. A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign Operation Digital Eye. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt-groups-targets-european-companies-a-27030
-
US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure
by
in SecurityNews
Tags: china, cybersecurity, exploit, firewall, hacking, infrastructure, sophos, vulnerability, zero-dayThe U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos…
-
US sanctions Chinese firm for hacking firewalls in ransomware attacks
by
in SecurityNewsThe U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-chinese-firm-for-hacking-firewalls-in-ragnarok-ransomware-attacks/
-
ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket
by
in SecurityNewsSummary Cybersecurity researchers have identified a large-scale hacking operation linked to notorious ShinyHunters and Nemesis hacking groups. In… First seen on hackread.com Jump to article: hackread.com/shinyhunters-nemesis-hacks-aws-s3-bucket-leak/
-
Bug bounty programs: Why companies need them now more than ever
by
in SecurityNews
Tags: attack, best-practice, bug-bounty, business, crypto, cyber, cybercrime, cybersecurity, defense, exploit, finance, guide, hacker, hacking, jobs, malicious, ransom, strategy, threat, tool, update, vulnerability, zero-dayIn the fast-evolving landscape of cybersecurity, the need for proactive measures has become more pressing than ever.When I first entered the cybersecurity field, the primary threats were largely opportunistic hackers exploiting known vulnerabilities and multi-million-dollar ransoms were unheard of. Today, the stakes are significantly higher. According to Cybersecurity Ventures, cybercrime is expected to cost the…
-
Previewing Black Hat Europe 2024 in London: 20 Hot Sessions
by
in SecurityNewsFrom Automotive Exploits and Bootloader Bugs to Cybercrime and ‘LLMbotomy’ Trojans Black Hat Europe returns to London with more than 45 keynotes and briefings tackling everything from bootloader bugs and flaws in artificial intelligence and large language model tools, to disrupting fake online brokerages and remotely hacking Volkswagen entertainment systems to track vehicles. First seen…
-
Ukraine says Russian hackers are targeting country’s defense contractors
by
in SecurityNewsUkraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks. The CERT identified the hacking group as UAC-0185, also known as UNC4221, without saying who was behind the group. Earlier this year, however, […] First…
-
QNAP Patches Vulnerabilities Exploited at Pwn2Own
by
in SecurityNewsQNAP has released patches for multiple high-severity QTS and QuTS Hero vulnerabilities disclosed at the Pwn2Own Ireland 2024 hacking contest. The post QNAP Patches Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/qnap-patches-vulnerabilities-exploited-at-pwn2own/
-
US Officials Recommend Encryption Apps Amid Chinese Telecom Hacking
by
in SecurityNewsPlus: Russian spies keep hijacking other hackers’ infrastructure, Hydra dark web market admin gets life sentence in Russia, and more of the week’s top security news. First seen on wired.com Jump to article: www.wired.com/story/encryption-apps-chinese-telecom-hacking-hydra-russia-exxon/
-
Government agencies urged to use encrypted messaging after Chinese Salt Typhoon hack
by
in SecurityNewsChinese hacking of US telecom networks raises questions about the exploitation by hostile hacking groups of government backdoors to provide lawful access to telecoms services First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366616972/Government-agencies-urged-to-use-encrypted-messaging-after-Chinese-Salt-Typhoon-hack
-
Russian APT Hackers Co-Opt Pakistani Infrastructure
by
in SecurityNewsFSB Hackers Have Hijacked Others’ Command and Control Before. A Russian state hacking group hijacked the command and control infrastructure of a Pakistan-based espionage network as part of an ongoing intelligence-gathering operation targeting victims in Asia, finds a report from Microsoft and Black Lotus Labs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-apt-hackers-co-opt-pakistani-infrastructure-a-26982
-
Salt Typhoon Campaign: A Wake-Up Call for U.S. Telecoms and National Security
by
in SecurityNewsA disturbing new cybersecurity incident has raised alarms across U.S. telecoms, with revelations this week about a large-scale Chinese hacking campaign known as Salt Typhoon. The sophisticated breach targeted at least eight major U.S. telecom providers, including Verizon, AT&T, and T-Mobile, with attackers successfully infiltrating the networks and siphoning off sensitive metadata”, potentially compromising millions…
-
US may plan legislation to contain Chinese cyber espionage
by
in SecurityNewsUS senators were briefed behind closed doors this week on the scale of “Salt Typhoon,” an alleged Chinese cyber-espionage campaign targeting the nation’s telecommunications networks.The FBI, CISA, and other key agencies, who were part of the briefing, revealed that the sophisticated operation compromised at least eight US telecom firms, stealing metadata and call intercepts, including…
-
White House Says at Least 8 US Telecom Firms, Dozens of Nations Impacted by China Hacking Campaign
by
in SecurityNewsA top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. The post White House Says at Least 8 US Telecom Firms, Dozens of Nations Impacted by China Hacking Campaign appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/white-house-says-at-least-8-us-telecom-firms-dozens-of-nations-impacted-by-china-hacking-campaign/
-
HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks
by
in SecurityNewsHackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to solve Capture The Flag (CTF) challenges without human intervention. It utilizes a two-module architecture: a planner to create commands and a summarizer to understand the hacking process’s current state by employing contextual information from past commands to make future decisions and…
-
Authorities shut down Crimenetwork, the Germany’s largest crime marketplace
by
in SecurityNewsGermany’s largest crime marketplace, Crimenetwork, has been shut down, and an administrator has been arrested. German authorities announced the takedown of Crimenetwork, the largest German-speaking underground marketplace. Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. The platform served as a hub for cybercriminals…
-
Bug Bounties: Bringing Hackers and Manufacturers Together
by
in SecurityNewsResearcher Lennert Wouters on Benefits of Device Hacking Contests, Collaboration. Lennert Wouters, a researcher at KU Leuven University in Belgium, has spent the past eight years studying embedded security, analyzing the vulnerabilities of everyday devices and commercial products. He shares his greatest hacks and insights on hardware security industry trends. First seen on govinfosecurity.com Jump…
-
Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities
The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022.The activity, first observed in December 2022, is the latest instance of the nation-state adversary “embedding First…
-
Senators Warn the Pentagon: Get a Handle on China’s Telecom Hacking
by
in SecurityNewsIn a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign. First seen on wired.com Jump to article: www.wired.com/story/senators-warn-pentagon-salt-typhoon-china-hacking/
-
Russian hackers hijack Pakistani hackers’ servers for their own attacks
The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156’s infrastructure to launch their own covert attacks on already compromised networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-turla-hackers-hijack-pakistani-apt-servers-for-cyber-espionage-attacks/
-
Government Guidance on Chinese Telco Hacking Highlights Threat to Cisco Devices
by
in SecurityNewsGovernment agencies issue guidance on Chinese telecoms hacking as US officials say threat actors may have yet to be expelled. The post Government Guidance on Chinese Telco Hacking Highlights Threat to Cisco Devices appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/government-guidance-on-chinese-telco-hack-highlights-threat-to-cisco-devices/
-
Law Enforcement Read Criminals’ Messages After Hacking Matrix Service
by
in SecurityNewsLaw enforcement has taken down yet another encrypted messaging service used by criminals, but not before spying on its users. The post Law Enforcement Read Criminals’ Messages After Hacking Matrix Service appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/law-enforcement-read-criminals-messages-after-hacking-matrix-service/
-
Talent overlooked: embracing neurodiversity in cybersecurity
by
in SecurityNewsIn cybersecurity, diverse perspectives help in addressing complex, emerging threats. Increasingly, there’s a push to recognize that neurodiversity brings significant value to cybersecurity. However, neurodiverse people frequently face systemic barriers that hinder their success in the field.Neurodiversity refers to the way some people’s brains work differently to the neurotypical brain. This includes autism, ADHD (attention…
-
FBI Tells Telecom Firms to Boost Security Following Wide-Ranging Chinese Hacking Campaign
by
in SecurityNewsGuidance issued by the FBI and CISA is intended to help root out the hackers and prevent similar cyberespionage. The post FBI Tells Telecom Firms to Boost Security Following Wide-Ranging Chinese Hacking Campaign appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/fbi-tells-telecom-firms-to-boost-security-following-wide-ranging-chinese-hacking-campaign/
-
Hacker Conversations: Dan McInerney and Puzzle-Driven Hacking
by
in SecurityNewsMcInerney’s path to becoming a hacker is subtly different to many other hackers. He started as a 22-year old psychology graduate rather than a computer-obsessed 9-year old kid. The post Hacker Conversations: Dan McInerney and Puzzle-Driven Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hacker-conversations-dan-mcinerney-and-puzzle-driven-hacking/
-
Russia Indicts Ransomware Hacker Wanted by the FBI
by
in SecurityNewsSuspected LockBit, Babuk Operator Mikhail Matveev Arrested in Russia. A prolific ransomware affiliate hacker and developer is facing criminal charges in Russia, Kremlin media reported Friday. Mikhail Pavlovich Matveev has been wanted by U.S. authorities since 2023 for his role in hacking activities as part of ransomware groups including LockBit, Hive and Babuk. First seen…