Month: September 2022

Swachh City Platform Suffers Data Breach Leaking 16 Million User Records

29 September 2022

A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security […]

Read More

Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks

29 September 2022

Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in the country following the death of Mahsa Amini in custody. “Key activities are data leaking and selling, including officials’ phone numbers and emails, and maps of sensitive locations,” Israeli cybersecurity firm […]

Read More

Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

28 September 2022

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. “Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through […]

Read More

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware

28 September 2022

A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). “This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past,” Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on […]

Read More

Improve your security posture with Wazuh, a free and open source XDR

28 September 2022

Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security […]

Read More

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware

28 September 2022

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique “is designed to be triggered when the user starts the presentation mode and moves the mouse,” cybersecurity firm Cluster25 said in a […]

Read More

Hackers Using PowerPoint Mouseover Trick to Infect System with Malware

28 September 2022

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique “is designed to be triggered when the user starts the presentation mode and moves the mouse,” cybersecurity firm Cluster25 said in a […]

Read More

Facebook Shuts Down Covert Political ‘Influence Operations’ from Russia and China

28 September 2022

Meta Platforms on Tuesday disclosed it took steps to dismantle two covert influence operations originating from China and Russia for engaging in coordinated inauthentic behavior (CIB) so as to manipulate public debate. While the Chinese operation sets its sights on the U.S. and the Czech Republic, the Russian network primarily targeted Germany, France, Italy, Ukraine […]

Read More

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

28 September 2022

WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video […]

Read More

Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures

27 September 2022

The Ukrainian government on Monday warned of “massive cyberattacks” by Russia targeting critical infrastructure facilities located in the country and that of its allies. The attacks are said to be targeting the energy sector, the Main Directorate of Intelligence of the Ministry of Defense of Ukraine (GUR) said. “By the cyberattacks, the enemy will try […]

Read More