Security News

The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, military intelligence officers breached Russia's federal taxation service central servers and 2,300 regional servers across Russia and occupied Ukrainian territories.

The Japan Aerospace Exploration Agency was hacked in a cyberattack over the summer, which may have put sensitive space-related technology and data at risk. The security breach was discovered this autumn when law enforcement authorities alerted Japan's space agency that its systems were compromised, as first reported by The Yomiuri Shimbun.

Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for overseeing the civil aviation industry in Russia, keeping records of flight or emergency incidents.

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but thousands of systems continue to be compromised, internet scans show.

Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking competition in Toronto, Canada. The contestants also demoed zero-day bugs in printers, routers, smart speakers, surveillance systems, and NAS devices from Canon, Synology, Sonos, TP-Link, QNAP, Wyze, Lexmark, and HP. Interrupt Labs security researchers were the first to demo a Samsung Galaxy S23 zero-day in an improper input validation attack, while the ToChim team exploited a permissive list of allowed inputs to hack Samsun's flagship.

Their phishing messages impersonated the Outlook Team and tried to trick potential victims into opening malicious emails, automatically triggering a first-stage payload that exploited the Roundcube email server vulnerability. "The final JavaScript payload [.] is able to list folders and emails in the current Roundcube account, and to exfiltrate email messages to the C&C server."

Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada. Pentest Limited was the first to demo a zero-day on Samsung's flagship Galaxy S23 device by exploiting improper input validation weakness to gain code execution, earning $50,000 and 5 Master of Pwn points.

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting...

In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their networks and stole the data during the attack. In a data breach notification sent by BHI Energy to impacted people, the company provides detailed information on how the Akira ransomware gang breached its network on May 30, 2023.

The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline. This week, Cisco warned that hackers exploited two zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, to hack over 50,000 Cisco IOS XE devices to create privileged user accounts and install a malicious LUA backdoor implant.