Security News

At least 15 websites belonging to various Ukrainian public institutions were compromised, defaced, and subsequently taken offline. As a result of a massive cyber attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down.

Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal are warned they risk having their system compromised. It isn't unusual for novice and skilled developers alike to copy commonly used commands from a webpage and paste them into their applications, a Windows command prompt or a Linux terminal.

A number of security flaws have been uncovered in a networking component in Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, tamper with metal detector configurations, and even execute arbitrary code on the devices. "An attacker could manipulate this module to remotely monitor statistics on the metal detector, such as whether the alarm has been triggered or how many visitors have walked through," Cisco Talos noted in a disclosure publicized last week.

From social media-influenced sales and app-based mobile purchases to cloud migration, the retail industry is shaped by the purchasing behavior of its customers. All of this data is stored on the cloud, and 77 percent of retailers acknowledge cloud security is a major challenge, making it the number one strategic challenge in the retail industry this year - up from number 14 in 2020.

Threat actors are gearing up for the holidays with credit card skimming attacks remaining undetected for months as payment information is stolen from customers. The code can steal payment details such as credit card number, holder name, addresses, and CVV, and send them to the actor.

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the country are said to have singled out using iPhones registered to their overseas phone numbers, although the identity of the threat actors behind the intrusions, or the nature of the information sought, remains unknown as yet.

Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.

The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. Since researchers disclosed the vulnerabilities, threat actors have begun to exploit them to breach servers and install web shells, coin miners, and ransomware.

The UK's National Cyber Security Centre says it warned the owners of more than 4,000 online stores that their sites were compromised in Magecart attacks to steal customers' payment info. In Magecart attacks, threat actors inject scripts known as credit card skimmers into compromised online stores to harvest and steal the payment and/or personal info submitted by customers at the checkout page.

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company's internal users using the victim's compromised Microsoft exchange servers.