Security News

European govt email servers hacked using Roundcube zero-day
2023-10-25 11:00

Their phishing messages impersonated the Outlook Team and tried to trick potential victims into opening malicious emails, automatically triggering a first-stage payload that exploited the Roundcube email server vulnerability. "The final JavaScript payload [.] is able to list folders and emails in the current Roundcube account, and to exfiltrate email messages to the C&C server."

Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto
2023-10-24 23:48

Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada. Pentest Limited was the first to demo a zero-day on Samsung's flagship Galaxy S23 device by exploiting improper input validation weakness to gain code execution, earning $50,000 and 5 Master of Pwn points.

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection
2023-10-24 06:33

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting...

US energy firm shares how Akira ransomware hacked its systems
2023-10-23 16:35

In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their networks and stole the data during the attack. In a data breach notification sent by BHI Energy to impacted people, the company provides detailed information on how the Akira ransomware gang breached its network on May 30, 2023.

Number of hacked Cisco IOS XE devices plummets from 50K to hundreds
2023-10-22 17:37

The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline. This week, Cisco warned that hackers exploited two zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, to hack over 50,000 Cisco IOS XE devices to create privileged user accounts and install a malicious LUA backdoor implant.

Over 10,000 Cisco devices hacked in IOS XE zero-day attacks
2023-10-17 13:15

Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect more than 10,000 Cisco IOS XE devices with malicious implants. According to threat intelligence company VulnCheck, the maximum severity vulnerability has been extensively exploited in attacks targeting Cisco IOS XE systems with the Web User Interface feature enabled, that also have the HTTP or HTTPS Server feature toggled on.

Thousands of Cisco IOS XE devices hacked in widespread attacks
2023-10-17 13:15

Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect thousands of Cisco IOS XE devices with malicious implants. According to threat intelligence company VulnCheck, the maximum severity vulnerability has been extensively exploited in attacks targeting Cisco IOS XE routers and switches with the Web User Interface feature enabled, that also have the HTTP or HTTPS Server feature toggled on.

Over 17,000 WordPress sites hacked in Balada Injector attacks last month
2023-10-09 19:23

Multiple Balada Injector campaigns have compromised and infected over 17,000 WordPress sites using known flaws in premium theme plugins. Balada Injector is a massive operation discovered in December 2022 by Dr. Web, which has been leveraging various exploits for known WordPress plugin and theme flaws to inject a Linux backdoor.

PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS
2023-10-09 16:07

An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of...

Has Sony been hacked again?
2023-09-26 10:04

Vc, a relatively new ransomware / cyber extortion group, claims to have hacked Sony and made off with valuable data. "We have successfully compromissed all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE," the group wrote on their leak site on Sunday.