In our previous stories, you might have already read about various campaigns warning how threat actors are capitalizing on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money. Unfortunately, to some extent, it’s working, and that’s because the attack surface is changing and expanding rapidly as many
Source de l’article sur The Hacker News
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic made it overnight a favorite tool for millions of people. Though Zoom is an efficient online video meeting solution, it’s still not the best choice in terms of privacy and security. According to the latest finding by cybersecurity expert @_g0dmode, which
Source de l’article sur The Hacker News
Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named « Vollgar » after the Vollar cryptocurrency it mines and its offensive « vulgar » modus operandi, researchers at Guardicore
Source de l’article sur The Hacker News
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the
Source de l’article sur The Hacker News
Europol, along with the Spanish and the Romanian national police, has arrested 26 individuals in connection with the theft of over €3.5 million ($3.9 million) by hijacking people’s phone numbers via SIM swapping attacks. The law enforcement agencies arrested 12 and 14 people in Spain and Romania, respectively, as part of a joint operation against two different groups of SIM swappers, Europol
Source de l’article sur The Hacker News
On the same day yesterday, when the US-based telecom giant T-Mobile admitted a data breach, the UK-based telecommunication provider Virgin Media announced that it has also suffered a data leak incident exposing the personal information of roughly 900,000 customers. What happened? Unlike the T-Mobile data breach that involved a sophisticated cyber attack, Virgin Media said the incident was
Source de l’article sur The Hacker News
The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. The affected pppd software is an implementation of Point-to-Point Protocol (PPP) that enables communication
Source de l’article sur The Hacker News
If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that’s possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) ‘file read and inclusion bug’
Source de l’article sur The Hacker News
A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed « Fox Kitten, » the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and security sectors
Source de l’article sur The Hacker News
The US Department of Justice (DoJ) and the Federal Bureau of Investigation (FBI) charged Huawei with racketeering and conspiring to steal trade secrets from six US firms, in a significant escalation of a lawsuit against the Chinese telecom giant that began last year. Accusing Huawei and its affiliates of « using fraud and deception to misappropriate sophisticated technology from US
Source de l’article sur The Hacker News
