Security News

Break into Ethical Hacking with 18 Advanced Online Courses for Just $42.99
2022-03-01 06:12

The All-In-One 2022 Super-Sized Ethical Hacking Bundle helps you gain both, with 18 courses covering all aspects of cybersecurity. The purpose of ethical hacking is to find weaknesses in the system that a malicious hacker may exploit.

9-Year-Old Unpatched Email Hacking Bug Uncovered in Horde Webmail Software
2022-02-28 20:24

Users of Horde Webmail are being urged to disable a feature to contain a nine-year-old unpatched security vulnerability in the software that could be abused to gain complete access to email accounts simply by previewing an attachment. "This gives the attacker access to all sensitive and perhaps secret information a victim has stored in their email account and could allow them to gain further access to the internal services of an organization," SonarSource vulnerability researcher, Simon Scannell, said in a report.

Chinese Experts Uncover Details of Equation Group's Bvp47 Covert Hacking Tool
2022-02-25 09:13

Researchers from China's Pangu Lab have disclosed details of a "Top-tier" backdoor put to use by the Equation Group, an advanced persistent threat with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency. Equation Group's malware toolset became public knowledge in 2016 when a group calling itself the Shadow Brokers leaked the entire tranche of exploits used by the elite hacking team, with Kaspersky uncovering code-level similarities between the stolen files and that of samples identified as used by the threat actor.

Experts Warn of Hacking Group Targeting Aviation and Defense Sectors
2022-02-15 05:41

Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans on compromised systems. The use of commodity malware such as AsyncRAT and NetWire, among others, has led enterprise security firm Proofpoint to a "Cybercriminal threat actor" codenamed TA2541 that employs "Broad targeting with high volume messages." The ultimate objective of the intrusions is unknown as yet.

Hacking group 'ModifiedElephant' evaded discovery for a decade
2022-02-10 20:02

Researchers at SentinelLabs in a report today detail the tactics of ModifiedElephant explaining how recently published evidence helped them attribute previously "Orphan" attacks. ModifiedElephant has relied on spear-phishing emails with malicious attachments for over a decade now, but their techniques have evolved throughout that time.

Russia arrests third hacking group, reportedly seizes carding forums
2022-02-07 21:39

Russia arrested six people today, allegedly part of a hacking group involved in the theft and selling of stolen credit cards. Russian media reports that the arrests come at the request of investigators from the Ministry of Internal Affairs of the Russian Federation.

Russia arrests third hacking group, seizes carding forums
2022-02-07 21:39

Russia arrested six people today, allegedly part of a hacking group that was involved in the theft and selling of stolen credit cards. Russian media reports that the arrests come at the request of investigators from the Ministry of Internal Affairs of the Russian Federation.

Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
2022-02-04 23:15

Microsoft on Friday shared more of the tactics, techniques, and procedures adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months. The attacks are said to have singled out government, military, non-government organizations, judiciary, law enforcement, and non-profit organizations with the main goal of exfiltrating sensitive information, maintaining access, and leveraging it to move laterally into related organizations.

Symantec finds evidence of continued Russian hacking campaigns in Ukraine
2022-02-03 16:48

Symantec finds evidence of continued Russian hacking campaigns in Ukraine. Security researchers at Symantec have presented what they said is further evidence that the Russian advanced persistent threat hacking team known as Shuckworm has been actively waging a cyber espionage campaign against organizations in Ukraine.

MuddyWater hacking group targets Turkey in new campaign
2022-02-01 07:30

The Iranian-backed MuddyWater hacking group is conducting a new malicious campaign targeting private Turkish organizations and governmental institutions. The hacking group has been attributed to attacks against entities in Central and Southwest Asia and numerous public and privately-held organizations from Europe, Asia, and North America in the telecommunications, government, oil, and airline industry sectors.