North Korea-linked Lazarus group made the headlines again, it has been leveraging PowerShell to target both Windows and macOS machines. The North Korea-linked Lazarus APT group made has been leveraging PowerShell to target both Windows and macOS machines in a new wave of attacks. The discovery was made by experts at Kaspersky Lab, the campaign has […]
Hacking
Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms
An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday. Widely known as APT33, which Symantec calls Elfin, the cyber-espionage group has been active since as early […]
Operation SaboTor – Police arrested 61 vendors and buyers in the dark web
Operation SaboTor – A coordinated operation conducted by law enforcement agencies from Europe, Canada, and the United States targeted vendors and buyers of illegal goods on dark web marketplaces. The international operations, dubbed operation SaboTor, involved 17 countries, notably Germany, the Netherlands, Austria, and Portugal. “During the course of this operation, international […]
Warning: ASUS Software Update Server Hacked to Distribute Malware
Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS. A […]
التلفزة الوطنية تعلن تعرض صفحتها في الفايسبوك للقرصنة وتنفي إعتزام الشاهد إلقاء كلمة
أعلنت التلفزة التونسية في تدوينة نشرتها، منذ قليل، تعرض صفحتها في الفايسبوك الى عملية لقرصنة ونفت إعتزام رئيس الحكومة يوسف الشاهد إلقاء كلمة بين شوطي مقابلة جمعية جربة والترجي الرياضي التونسي .ويشار إلى انه تم نشر تدوينة في صفحة التلفزة الوطنية أعلنت من خلالها أن رئيس الحكومة سيلقي كلمة بين […]
Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series
Cisco released security updates to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco released security patches to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco IP Phone 8800 […]
Aluminum producer switches to manual operations after ransomware infection
Norsk Hydro, one of the world’s largest aluminium producers, revealed today that it « became victim of an extensive cyber-attack » that crippled some of its infrastructure and forced it to switch to manual operations in some smelting locations. The cyber-attack was later identified as an infection with the LockerGoga ransomware strain, […]
A new rash of highly covert card-skimming malware infects ecommerce sites
The rash of e-commerce sites infected with card-skimming malware is showing no signs of abating. Researchers on Thursday revealed that seven sites—with more than 500,000 collective visitors per month—have been compromised with a previously unseen strain of sniffing malware designed to surreptitiously swoop in and steal payment card data as […]
Unprotected Elasticsearch DB exposed 33 Million job profiles in China
Security expert discovered an unprotected Elasticsearch database exposed online that was containing approximately 33 million job profiles in China. Security expert Sanyam Jain at GDI Foundation has discovered an unprotected database exposed online that was containing approximately 33 million profiles for people in China who provided their resume to job recruitment sites. […]
Experts published details of the actively exploited CVE-2019-0808 Windows Flaw
Experts from Qihoo 360 disclosed technical details of the actively exploited Windows zero-day flaw CVE-2019-0808 recently patched by Microsoft. Researchers at the security firm Qihoo 360 disclosed technical details of the zero-day vulnerability CVE-2019-0808 that was recently patched by Microsoft. The vulnerability was reported to Microsoft by researchers from Google’s Threat Analysis […]