Security News

The U.S. Cyber Command on Wednesday officially confirmed MuddyWater's ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. "MuddyWater has been seen using a variety of techniques to maintain access to victim networks," USCYBERCOM's Cyber National Mission Force said in a statement.

US Cyber Command has officially linked the Iranian-backed MuddyWatter hacking group to Iran's Ministry of Intelligence and Security. MOIS is the Iran government's leading intelligence agency, tasked with coordinating the country's intelligence and counterintelligence, as well as covert actions supporting the Islamic regime's goals beyond Iran's borders.

Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems. First discovered in 2018, Purple Fox comes with rootkit capabilities that allow the malware to be planted beyond the reach of security solutions and evade detection.

Even if you have no tech experience, you can develop valuable skills with the online training offered by The Super-Sized Ethical Hacking Bundle. Even if you have no tech experience whatsoever, you can learn highly marketable skills in this field with The Super-Sized Ethical Hacking Bundle, currently available for only $43. Beginners looking for a fast start should be aware that Google and Facebook each paid several million dollars to independent hackers who contributed to their bug bounty programs.

"Based on process lineage data, attackers seemed to use scripts extensively. These may be automated scripts used for collecting information and downloading additional tools," explains Symantec's report. Hidec: Command line tool for running a hidden window.

A previously undocumented, financially motivated threat group has been connected to a string of data theft and extortion attacks on over 40 entities between September and November 2021. The hacker collective, which goes by the self-proclaimed name Karakurt and was first identified in June 2021, is capable of modifying its tactics and techniques to adapt to the targeted environment, Accenture's Cyber Investigations, Forensics and Response team said in a report published on December 10.

The hacking group calls itself 'Karakurt' and is a financially motivated threat actor that has ramped up its cyber-attacks in Q3 2021. The actors focus almost exclusively on data exfiltration and extortion and are not using ransomware to lock their victims' files.

At least 300,000 IP addresses associated with MikroTik devices have been found vulnerable to multiple remotely exploitable security vulnerabilities that have since been patched by the popular supplier of routers and wireless ISP devices. "This has made MikroTik devices a favorite among threat actors who have commandeered the devices for everything from DDoS attacks, command-and-control, traffic tunneling, and more."

A relatively unknown group of Vietnamese hackers calling themselves 'XE Group' has been linked to eight years of for-profit hacking and credit card skimming. The threat actors are thought to be responsible for the theft of thousands of credit cards per day, mainly from restaurants, non-profit, art, and travel platforms.

The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. While Nobelium is an advanced hacking group using custom malware and tools, they still leave traces of activity that researchers can use to analyze their attacks.