Security News

EU officially blames Russia for 'Ghostwriter' hacking activities
2021-09-24 16:11

The European Union has officially linked Russia to a hacking operation known as Ghostwriter that targets high-profile EU officials, journalists, and the general public. "These malicious cyber activities are targeting numerous members of Parliaments, government officials, politicians, and members of the press and civil society in the EU by accessing computer systems and personal accounts and stealing data," European Council officials said in a press release today.

Hacking group used ProxyLogon exploits to breach hotels worldwide
2021-09-23 19:50

A newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies. Slovakian internet security firm ESET spotted the hacking group and described it as an "Advanced persistent threat."

Is hacking back effective, or does it just scratch an evolutionary itch?
2021-09-21 21:20

Retribution by hacking back might make you feel better, but experts urge caution and explain why it's a bad idea. In the tech realm, some victims of cyberattacks want to enact revenge by hacking their hackers, a.k.a. the hack back.

Former U.S. intel operatives to pay $1.6M for hacking for foreign govt
2021-09-15 23:22

The U.S. government has entered a Deferred Prosecution Agreement with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. "These services included the provision of support, direction and supervision in the creation of sophisticated"Zero-click" computer hacking and intelligence gathering systems - i.e., one that could compromise a device without any action by the target" - the U.S. Department of Justice.

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company
2021-09-15 22:03

The U.S. Department of Justice on Tuesday disclosed it fined three intelligence community and military personnel $1.68 million in penalties for their role as cyber-mercenaries working on behalf of a U.A.E.-based cybersecurity company. "The defendants worked as senior managers at a United Arab Emirates-based company that supported and carried out computer network exploitation operations for the benefit of the U.A.E. government," the DoJ said in a statement.

Windows MSHTML zero-day exploits shared on hacking forums
2021-09-12 17:07

Threat actors are sharing Windows MSHTML zero-day tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim's computer remotely.

Conti ransomware now hacking Exchange servers with ProxyShell exploits
2021-09-03 13:21

The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. ProxyShell is the name of an exploit utilizing three chained Microsoft Exchange vulnerabilities that allow unauthenticated, remote code execution on unpatched vulnerable servers.

Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF
2021-08-18 23:50

Details have emerged about a new unpatched security vulnerability in Fortinet's web application firewall appliances that could be abused by a remote, authenticated attacker to execute malicious commands on the system. "An OS command injection vulnerability in FortiWeb's management interface can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page," cybersecurity firm Rapid7 said in an advisory published Tuesday.

Learn Ethical Hacking From Scratch — 18 Online Courses for Just $43
2021-08-14 03:35

If you're reading this post, there is a pretty good chance you're interested in hacking. The cybersecurity industry is booming right now, and ethical hacking is one of the most lucrative and challenging niches.

Learn Ethical Hacking From Scratch — 18 Online Courses for Just $43
2021-08-14 03:35

If you're reading this post, there is a pretty good chance you're interested in hacking. The cybersecurity industry is booming right now, and ethical hacking is one of the most lucrative and challenging niches.