Security News

Researchers Uncover New Iranian Hacking Campaign Targeting Turkish Users
2022-02-01 00:47

Details have emerged about a previously undocumented malware campaign undertaken by the Iranian MuddyWater advanced persistent threat group targeting Turkish private organizations and governmental institutions. "This campaign utilizes malicious PDFs, XLS files and Windows executables to deploy malicious PowerShell-based downloaders acting as initial footholds into the target's enterprise," Cisco Talos researchers Asheer Malhotra and Vitor Ventura said in a newly published report.

DoNot Hacking Team Targeting Government and Military Entities in South Asia
2022-01-19 23:54

A threat actor with potential links to an Indian cybersecurity company has been nothing if remarkably persistent in its attacks against military organizations based in South Asia, including Bangladesh, Nepal, and Sri Lanka, since at least September 2020 by deploying different variants of its bespoke malware framework. Slovak cybersecurity firm ESET attributed the highly targeted attack to a hacking group known as Donot Team.

VirusTotal Hacking: Finding stolen credentials hosted on VirusTotal
2022-01-18 17:32

VirusTotal, the popular online service for analyzing suspicious files, URLs and IP addresses, can be used to collect credentials stolen by malware, researchers at SafeBreach have found. With a €600 VirusTotal license, they have managed to collect more than 1,000,000 credentials just by executing simple searches with a few tools.

New White Rabbit ransomware linked to FIN8 hacking group
2022-01-18 16:56

A new ransomware family called 'White Rabbit' appeared in the wild recently, and according to recent research findings, could be a side-operation of the FIN8 hacking group. The first public mention of the White Rabbit ransomware was in a tweet by ransomware expert Michael Gillespie, seeking a sample of the malware.

US Cyber Command Links 'MuddyWater' Hacking Group to Iranian Intelligence
2022-01-13 00:16

The U.S. Cyber Command on Wednesday officially confirmed MuddyWater's ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. "MuddyWater has been seen using a variety of techniques to maintain access to victim networks," USCYBERCOM's Cyber National Mission Force said in a statement.

US links MuddyWater hacking group to Iranian intelligence agency
2022-01-12 20:27

US Cyber Command has officially linked the Iranian-backed MuddyWatter hacking group to Iran's Ministry of Intelligence and Security. MOIS is the Iran government's leading intelligence agency, tasked with coordinating the country's intelligence and counterintelligence, as well as covert actions supporting the Islamic regime's goals beyond Iran's borders.

Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware
2022-01-05 20:19

Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems. First discovered in 2018, Purple Fox comes with rootkit capabilities that allow the malware to be planted beyond the reach of security solutions and evade detection.

Learn highly marketable ethical hacking skills for less than $45
2021-12-30 11:00

Even if you have no tech experience, you can develop valuable skills with the online training offered by The Super-Sized Ethical Hacking Bundle. Even if you have no tech experience whatsoever, you can learn highly marketable skills in this field with The Super-Sized Ethical Hacking Bundle, currently available for only $43. Beginners looking for a fast start should be aware that Google and Facebook each paid several million dollars to independent hackers who contributed to their bug bounty programs.

Telecom operators targeted in recent espionage hacking campaign
2021-12-14 23:32

"Based on process lineage data, attackers seemed to use scripts extensively. These may be automated scripts used for collecting information and downloading additional tools," explains Symantec's report. Hidec: Command line tool for running a hidden window.

Karakurt: A New Emerging Data Theft and Cyber Extortion Hacking Group
2021-12-13 06:57

A previously undocumented, financially motivated threat group has been connected to a string of data theft and extortion attacks on over 40 entities between September and November 2021. The hacker collective, which goes by the self-proclaimed name Karakurt and was first identified in June 2021, is capable of modifying its tactics and techniques to adapt to the targeted environment, Accenture's Cyber Investigations, Forensics and Response team said in a report published on December 10.