Security News > 2020

Linksys has prompted users to reset passwords after learning that hackers were leveraging stolen credentials to change router settings and direct customers to malware. The security firm said at the time that the attack, which was mainly targeting Linksys routers, was aimed at modifying DNS IP addresses to ultimately direct users to the Oski infostealer.

Google has kicked 49 malicious Chrome browser extensions out of its Web Store that were posing as cryptocurrency wallets in order to drain the contents of bona fide wallets. On Tuesday, Harry Denley, MyCrypto Director of Security, said that malicious browser extensions aren't new, but the targets in this campaign are: they include the cryptocurrency wallets Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey.

Among the vulnerabilities fixed are critical flaws affecting a variety of Cisco IP phones and Cisco UCS Director and Cisco UCS Director Express for Big Data, its unified infrastructure management solutions for data center operations. Jacob Baines, a research engineer with Tenable, unearthed two critical flaws affecting the Cisco Wireless IP Phone 8821.

Victims of ransomware attacks now face a double whammy of headaches. The ransomware tactic, call "Double extortion," first emerged in late 2019 by Maze operators - but has been rapidly adopted over the past few months by various cybercriminals behind the Clop, DoppelPaymer and Sodinokibi ransomware families.

The COVID-19 pandemic might be causing delays to software schedules, but it's not managed to stop Microsoft's April Patch Tuesday update arriving on time this week. In total, the Windows 10, Windows 8.1, Windows 7 and Windows Server haul includes 113 CVE-level flaws, 19 of which are labelled critical.

The ZeroFOX Alpha Team uncovered thousands of cracked Zoom accounts for sale on a single hacking forum and entire websites dedicated to sharing insecure Zoom call IDs. Although Zoom has recently released updates focused on security and privacy, attackers are still able to easily target organizations and their employees through a variety of attacks that abuse the platform.

As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on. In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700 malicious gems - packages written in Ruby programming language - that supply chain attackers were caught recently distributing through the RubyGems repository.

The transition from traditional onsite data colocation to the use of third-party cloud shared tenant services should be on everyone's minds. Larger organizations are likely to have highly skilled teams to secure their own infrastructure, but the cloud model is designed for ease of use, and reduced friction and complexity - a ripe combinations for folks with less technical skills to launch data into the cloud.

Finding security holes in information systems is as old as the first commercially available computer. From the first security bugs until the recent past, security was a game with a clear winner and loser.

Phishing kits are the new bestsellers of the underground market, with the number of phishing kit ads on underground forums and their sellers having doubled in 2019 compared to the previous year, Group-IB reveals. Phishing kits represent archive files with a set of scripts that ensure the work of a phishing website.