Security News

Texas' transportation agency has become the second part of the state government to be hit by a ransomware attack in recent days. On Thursday, someone hacked into the Texas Department of Transportation's network in a "Ransomware event," according to a statement the department posted on social media Friday.

Britain's Ministry of Defence contractor Interserve has been hacked, reportedly leaking the details of up to 100,000 of past and current employees, including payment information and details of their next of kin. The Daily Telegraph reports that up to 100,000 employee details were stolen, dating back across a number of years.

A new version of COMpfun remote access trojan has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe. In addition to functioning as a fully-featured RAT capable of capturing keystrokes, screenshots, and exfiltrating sensitive data, this new variant of COMpfun monitors for any removable USB devices plugged to the infected systems to spread further and receives commands from an attacker-controlled server in the form of HTTP status codes.

A new version of COMpfun remote access trojan has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe. In addition to functioning as a fully-featured RAT capable of capturing keystrokes, screenshots, and exfiltrating sensitive data, this new variant of COMpfun monitors for any removable USB devices plugged to the infected systems to spread further and receives commands from an attacker-controlled server in the form of HTTP status codes.

Hackers have broken into Microsoft's GitHub account and stolen 500 GB of data from the tech giant's own private repositories on the developer platform, according to published reports. In its latest hack, the group provided a screenshot to reporters at news site Hack Read that showed a list of private files from Microsoft's open-source developer repository to prove their infiltration of the company's private account.

A couple of Salt vulnerabilities addressed last week were abused over the weekend to hack Algolia's infrastructure, the search-as-a-service startup revealed. An open-source configuration tool designed for monitoring and updating the state of servers deployed in datacenters and in the cloud, Salt was recently found to be impacted by two issues that could allow attackers to execute arbitrary commands.

Dubbed 'PerSwaysion,' the newly spotted cyberattack campaign leveraged Microsoft file-sharing services-including Sway, SharePoint, and OneNote-to launch highly targeted phishing attacks. According to a report Group-IB Threat Intelligence team published today and shared with The Hacker News, PerSwaysion operations attacked executives of more than 150 companies around the world, primarily with businesses in finance, law, and real estate sectors.

Dubbed 'PerSwaysion,' the newly spotted cyberattack campaign leveraged Microsoft file-sharing services-including Sway, SharePoint, and OneNote-to launch highly targeted phishing attacks. According to a report Group-IB Threat Intelligence team published today and shared with The Hacker News, PerSwaysion operations attacked executives of more than 150 companies around the world, primarily with businesses in finance, law, and real estate sectors.

Sophos XG Firewall hacked in the wild - hotfix available. Sophos has rushed out a hotfix for its XG Firewall products to close an SQL injection vulnerability - after hackers were spotted exploiting the hole in the wild.

Hackers working on behalf of the Vietnamese government attempted to break into Chinese organisations heading up the country's coronavirus response, according to infosec outfit FireEye. APT32, a hacking group previously linked to the Vietnamese government, tried to access the personal and professional email addresses of staff at China's Ministry of Emergency Management and the government of Wuhan, where it is believed the pandemic started, according to a report released by FireEye yesterday.