Archive for the ‘cybercrime/malcode’ category

Sep 24, 2022

Microsoft SQL servers hacked in TargetCompany ransomware attacks

Posted by in category: cybercrime/malcode

Security analysts at ASEC have discovered a new wave of attacks targeting vulnerable Microsoft SQL servers, involving the deployment of a ransomware strain named FARGO.

Sep 23, 2022

Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts

Posted by in category: cybercrime/malcode

GitHub team has issued a warning about an ongoing phishing campaign impersonating CircleCI notifications to steal targeted users’ credentials and two.

Sep 18, 2022

Everything We Know About the Massive Uber Hack

Posted by in category: cybercrime/malcode

Somebody wormed their way into the tech giant’s systems, though it’s hard to say how bad the damage is yet.

Sep 17, 2022

Researchers Warn of Self-Spreading Malware Targeting Gamers via YouTube

Posted by in category: cybercrime/malcode

Gamers looking for cheats on YouTube are being targeted with links to rogue password-protected archive files designed to install crypto miners and information-stealing malware such as RedLine Stealer on compromised machines.

“The videos advertise cheats and cracks and provide instructions on hacking popular games and software,” Kaspersky security researcher Oleg Kupreev said in a new report published today.

Sep 17, 2022

SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor

Posted by in category: cybercrime/malcode

SparklingGoblin is the name given to a Chinese advanced persistent threat (APT) group with connections to the Winnti umbrella (aka APT41, Barium, Earth Baku, or Wicked Panda). It’s primarily known for its attacks targeting various entities in East and Southeast Asia at least since 2019, with a specific focus on the academic sector.

In August 2021, ESET unearthed a new piece of custom Windows malware codenamed SideWalk (aka ScrambleCross) that was exclusively leveraged by the actor to strike an unnamed computer retail company based in the U.S.

Subsequent findings from Symantec, part of Broadcom software, have linked the use of SideWalk to an espionage attack group it tracks under the moniker Grayfly, while pointing out the malware’s similarities to that of Crosswalk.

Sep 16, 2022

18-year-old allegedly hacks Uber and sends employees messages on Slack

Posted by in category: cybercrime/malcode

The matter is now under investigation and Slack is out of bounds.

San-Franciso-headquartered ride-hailing company Uber, with a presence in over 10,000 cities in 72 countries, is now investigating a breach after an 18-year-old hacked into its network and allegedly has access to its source code, The New York Times.

The incident came to light after the alleged hacker reached out to cybersecurity experts and the NYT and sent them images of the company’s email, cloud storage, and code repositories as proof of their accomplishment.

Sep 14, 2022

Hack your DNA with CRISPR — VPRO documentary

Posted by in categories: biotech/medical, cybercrime/malcode, education, genetics

You won’t be able to blame it on your genetics anymore: with CRISPR, it’s so easy to hacn into your DNA. CRISPR technology is our future, and experiments with DNA hacking are booming. CRISPR biotechnology is not science fiction anymore, it is our very near future. Would you hack and reprogram your own DNA with CRISPR? Breaking the code of life, hacking DNA at home.

Welcome to the world of a new nature. We can now literally cut and paste DNA with the new CRISPR technology. There is a revolutionary development going on that will have major consequences for humans, plants and animals. The new biotechnology is here.

Continue reading “Hack your DNA with CRISPR — VPRO documentary” »

Sep 11, 2022

A Recent Chinese Hack Is a Wake-up Call for the Security of the World’s Software Supply Chain

Posted by in categories: cybercrime/malcode, government

The almost unnoticed hack of MiMi points to a growing trend of software supply chain attacks, including by the Chinese government.

Sep 11, 2022

Firmware bugs in many HP computer models left unfixed for over a year

Posted by in category: cybercrime/malcode

A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched, although some of them were publicly disclosed since July 2021.

Firmware flaws are particularly dangerous because they can lead to malware infections that persist even between OS re-installations or allow long-term compromises that would not trigger standard security tools.

As Binarly highlights in the report, even though it’s been a month since they made some of the flaws public at Black Hat 2022, the vendor hasn’t released security updates for all impacted models, leaving many customers exposed to attacks.

Continue reading “Firmware bugs in many HP computer models left unfixed for over a year” »

Sep 11, 2022

Ransomware gangs switching to new intermittent encryption tactic

Posted by in categories: cybercrime/malcode, encryption

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped.

This tactic is called intermittent encryption, and it consists of encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor+key.

For example, by skipping every other 16 bytes of a file, the encryption process takes almost half of the time required for full encryption but still locks the contents for good.

Continue reading “Ransomware gangs switching to new intermittent encryption tactic” »

Page 1 of 15012345678Last