Security News > 2023 > November > Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
2023-11-19 16:14
NDSC says that the Russian hackers used a Ngrok free static domain to access the command and control server hosted on their Ngrok instance.
A report from Google in October notes that the security issue was exploited by Russian and Chinese state hackers to steal credentials and other sensitive data, as well as to establish persistence on target systems.
FSB arrests Russian hackers working for Ukrainian cyber forces.
North Korean hackers exploit critical TeamCity flaw to breach networks.
Google links WinRAR exploitation to Russian, Chinese state hackers.
Russian Sandworm hackers breached 11 Ukrainian telcos since May. Fake WinRAR proof-of-concept exploit drops VenomRAT malware.
News URL
Related news
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)