Security News

The notorious FIN7 cybercrime gang, a financially motivated group, is spreading a backdoor called Lizar under the guise of being a Windows pen-testing tool for ethical hackers. According to the BI.ZONE Cyber Threats Research Team, FIN7 is pretending to be a legitimate organization that hawks a security-analysis tool.

One of the most popular Russian-speaking hacker forums, XSS, has banned all topics promoting ransomware to prevent unwanted attention. XSS is a Russian-speaking hacking forum created to share knowledge about exploits, vulnerabilities, malware, and network penetration.

A session on how to hack into a Kubernetes cluster was among the highlights of a Kubecon where the main events were generally bland and corporate affairs, perhaps indicative of the technology now being a de facto infrastructure standard among enterprises. Kubernetes is huge, and if there was an underlying theme at the event it was that Kubernetes is becoming the standard runtime platform.

Exim is a popular mail transfer agent used on Unix-like operating systems, with over 60% of the publicly reachable mail servers on the Internet running the software. A Shodan search reveals nearly four million Exim servers that are exposed online.

Popular hacking forum OGUsers has been hacked for its fourth time in two years, with hackers now selling the site's database containing user records and private messages. OGUsers is a hacking forum known for the sale of stolen social media accounts hacked through SIM-swapping attacks, credential stuffing attacks, and other means.

The FBI and DHS have issued a Joint Cybersecurity Advisory on the threat posed by the Russian Foreign Intelligence Service via the cyber actor known as APT 29. The new advisory, provides "Information on the SVR's cyber tools, targets, techniques, and capabilities to aid organizations in conducting their own investigations and securing their networks." Noticeably, the advisory uses the term SVR and APT 29 indistinguishably throughout, indicating that it sees no difference between the cyber actor and the Russian intelligence agency.

To date, hacking has exclusively been a human activity. Separately, AIs can engage in something called reward hacking.

Software developed by data extraction company Cellebrite contains vulnerabilities that allow arbitrary code execution on the device, claims Moxie Marlinspike, the creator of the encrypted messaging app Signal. The researcher found that Cellebrite's software had outdated open-source code that had not been updated in almost a decade, despite security updates being available.

Social media giant Facebook today announced that it took action against two groups of hackers originating from Palestine that abused its infrastructure for malware distribution and account compromise across the Internet. As part of the shutdown operation, Facebook took down accounts, blocked domains, sent alerts to people who were targeted, and released malware hashes to the public.

A Ukrainian national arrested for his role in a hacking group that compromised millions of financial accounts was sentenced to a decade in prison, US prosecutors said Friday. Fedir Hladyr, 35, had a high-level role as a manager and systems administrator for a hacking group known at FIN7, authorities said.