Security News

Researchers at cybersecurity company Check Point said on Thursday that they have found the real identity of VandaTheGod, a Brazilian hacker involved in both hacktivist operations and financially-motivated cybercrimes. Check Point told SecurityWeek that it informed law enforcement about its findings in October 2019, but the hacker continued to be active up until May 2020.

In a report shared with The Hacker News, researchers from Check Point said they were able to map VandaTheGod's activity over the years, and eventually zero down the attacker's real identity to a Brazilian individual from the city of Uberlândia. "Many of the messages left on the defaced websites implied that the attacks were motivated by anti-government sentiment, and were carried out to combat social injustices that the hacker believed were a direct result of government corruption," the researchers said.

In a report shared with The Hacker News, researchers from Check Point said they were able to map VandaTheGod's activity over the years, and eventually zero down the attacker's real identity to a Brazilian individual from the city of Uberlândia. "Many of the messages left on the defaced websites implied that the attacks were motivated by anti-government sentiment, and were carried out to combat social injustices that the hacker believed were a direct result of government corruption," the researchers said.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. In addition to using images uploaded to Baidu Tieba to distribute configuration files and malware - a technique called steganography - the group has begun using Alibaba Cloud storage to host configuration files and Baidu's analytics platform Tongji to manage the activity of its infected hosts, the researchers said.

Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. In addition to using images uploaded to Baidu Tieba to distribute configuration files and malware - a technique called steganography - the group has begun using Alibaba Cloud storage to host configuration files and Baidu's analytics platform Tongji to manage the activity of its infected hosts, the researchers said.

Results from separate studies by Checkmarx and ExpressVPN reveal consumers won't easily share their personal information with tracing apps due to concern for misuse. The VPN provider ExpressVPN and software security company Checkmarx queried 1,200 and 1,500 consumers, respectively, to find out what Americans think about digital contact-tracing systems having access to their health information.

Adobe informed customers on Tuesday that it has patched memory corruption vulnerabilities, including one that allows arbitrary code execution, in several of its products. All of the security flaws were reported to Adobe by researcher Mat Powell of Trend Micro's Zero Day Initiative.

Security researchers working with Trend Micro's Zero Day Initiative have published information on five unpatched vulnerabilities in Microsoft Windows, including four considered high risk. Tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915, and featuring a CVSS score of 7.0, the first three of these zero-day vulnerabilities could allow an attacker to escalate privileges on the affected system.

Security researcher Vinoth Kumar says Facebook awarded him $20,000 after he discovered and reported a Document Object Model-based cross-site scripting vulnerability that could have been exploited to hijack accounts. The researcher says he discovered the vulnerability in the window.

A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks. Dubbed 'Ramsay,' the malware is still under development with two more variants spotted in the wild and doesn't yet appear to be a complex attacking framework based upon the details researcher shared.