Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 20

Dec 27, 2023

Hackers expose thousands of parking app users to data breach risk

Posted by in category: cybercrime/malcode

Europe’s largest parking app operator, EasyPark Group, faces a major data breach, urging heightened cybersecurity awareness.

Dec 27, 2023

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Posted by in categories: cryptocurrencies, cybercrime/malcode

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks.

“Threat actors can also choose to install only scanners and sell the breached IP and account credentials on the dark web,” the AhnLab Security Emergency Response Center (ASEC) said in a report on Tuesday.

In these attacks, adversaries try to guess a server’s SSH credentials by running through a list of commonly used combinations of usernames and passwords, a technique called dictionary attack.

Dec 27, 2023

Crypto drainer steals $59 million from 63k people in Twitter ad push

Posted by in categories: blockchains, cryptocurrencies, cybercrime/malcode

Google and Twitter ads are promoting sites containing a cryptocurrency drainer named ‘MS Drainer’ that has already stolen $59 million from 63,210 victims over the past nine months.

According to blockchain threat analysts at ScamSniffer, they discovered over ten thousand phishing websites using the drainer from March 2023 to today, with spikes in the activity observed in May, June, and November.

A drainer is a malicious smart contract or, in this case, a complete phishing suite designed to drain funds from a user’s cryptocurrency wallet without their consent.

Dec 25, 2023

Ubisoft Stops Hackers From Stealing 900GB of Data

Posted by in category: cybercrime/malcode

Ubisoft reportedly stopped hackers from stealing 900GB of data from the company, including user data from the game Rainbow Six Siege.

The company reportedly discovered the breach 48 hours after the hack, at which point it revoked the hackers’ access before they could remove any data, BleepingComputer reports.

Still, the hackers reportedly were able to access Microsoft Teams conversations, the Ubisoft SharePoint server, and the Confluence and Mongo DB Atlas.

Dec 20, 2023

Xfinity hack affects nearly 36 million customers. Here’s what to know

Posted by in category: cybercrime/malcode

A major data breach at Comcast-owned Xfinity exposed people’s account names, passwords and other personal data.

Dec 19, 2023

Over 86,000 Routers at Risk — Is Yours One of Them? Shocking Vulnerabilities in Widely Used OT/IoT Routers

Posted by in category: cybercrime/malcode

– Is Yours One of Them? Shocking Vulnerabilities in Widely Used OT/IoT Routers — Vulnerabilities — Information Security Newspaper | Hacking News.

Dec 19, 2023

How hrserver.dll stealthy webshell can mimic Google’s Web Traffic to hide and compromise networks

Posted by in category: cybercrime/malcode

Malware — information security newspaper | hacking news.

Dec 19, 2023

Your Google Cloud Security Might Be at Risk. Hacking GCP via Google Workspace flaw

Posted by in category: cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Dec 19, 2023

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

Posted by in category: cybercrime/malcode

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.

The security shortcoming is CVE-2020–14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.

“This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020–14882 (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials,” Imperva said in a report published last week.

Dec 19, 2023

Silent Email Attack CVE-2023–35628 : How to Hack Without an Email Click in Outlook

Posted by in category: cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Page 20 of 213First1718192021222324Last