Daily Latest Cyber Security Blogs and News

Latest Cyber Security News

Actively Exploited Windows Kernel EoP Bug Allows Takeover

Description

Recently, Microsoft has addressed 56 security vulnerabilities for February Patch which includes 11 critical and 6 publicly acknowledged. According to security updates, nine critical-severity cybersecurity bugs in February’s Patch have been tackled by Microsoft. Six of the security holes including one particular of the critical bugs have been now publicly disclosed.

How Social Media leads to Cyber Attacks

Description

In recent times, Social media has become an integral part of our lives. It plays a crucial role in connecting people and developing relationships, not only with key influencers and journalists, but also provides a great opportunity to establish customer service by gathering input, answering questions and listening to their feedback.

Microsoft warns about increasing OAuth Office 365 phishing attacks

Description

Microsoft has raised its voice of concern over the issue of increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers in the past few months. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ contacts and mail.

Germany Government seize a digital wallet carrying $60 million bitcoins

Description

Trickbot Trojan has added network scanning module

Description

Recently, the Trickbot Trojan has added a new network scanning module to scan local network systems with open ports for quick lateral movement. The module uses the Masscan open-source tool to look for open ports with lightning-fast results.

Retail Sector as the favorite target for cybercriminals

Description

Day by day, the retail sectors are becoming the favorite target of cybercriminals. Amid the COVID-19 pandemic, when there is a rapid increase in online purchasing and the major retail firms are using digital platforms to carry out their business, Cybercriminals are more likely to attack these sectors.

Critical Vulnerabilities detected in Realtek Wi-Fi module

Description

Recently, security experts have detected critical vulnerabilities in the Realtek RTL8195A Wi-Fi module that could be exploited by attackers to take complete control of a device’s wireless communications.

Zero-Day Vulnerability in SonicWall security products exploited

Description

The cybersecurity firm, NCC Group has identified a Zero-day vulnerability in SonicWall enterprise security products. SonicWall, is a private company headquartered in Silicon Valley that sells a range of Internet appliances primarily directed at content control and network security. These include devices providing services for network firewalls, unified threat management (UTM), virtual private networks (VPNs) and anti-spam for email.

DARPA Bug Bounty strengthens military research agency’s security defenses

Description

The Defense Advanced Research Projects Agency (DARPA) has finalized the results of a recent bug bounty event that tested the effectiveness of new hardware- and firmware-based security technologies. Initially, the bug bounty was set up to evaluate the hardware architectures developed under DARPA’s System Security Integration Through Hardware and Firmware (SSITH) program.

Pan-Asian Retail Giant Dairy Farm suffers REvil ransomware attack

Description

Recently, the retail giant, pan-Asian Dairy Farm Group has suffered a ransomware attack REvil ransomware operation group. The attackers have compromised Dairy Farm Group’s network and encrypted devices claim to have demanded a $30 million ransom.

VIP games suffers a Data breach exposing 23 million user data

Description

Online gaming platform VIP games suffered a data breach and more than 23 million records were left exposed on a misconfigured server. VIP Games owned by software development company Casualino JSC is a free to play online card and board game platform, with an internet website and a mobile app.

New Android Malware is spreading through WhatsApp

Description

Recently, security experts have detected a new Android malware that spreads through WhatsApp. The malware takes advantage of WhatsApp’s quick reply feature that permits users to respond to incoming messages directly from notifications and send out replies immediately.

Microsoft Edge and Google Chrome will notify users about compromised passwords

Description

The two well-known browsers of Microsoft Edge and Google Chrome are implementing new features that will make it easier for browser users to discover compromised passwords and will notify the users if their password has been compromised as part of a breach or database exposure.

Telegram-Based Classiscam Operation targets European Market users

Description

Recently, security experts have detected a Telegram based scam named Classiscam mainly initiated by Russian-speaking scammers. The Classiscam scheme has been taking advantage of Telegram bots that provide scammers with ready-to-use phishing pages under the name of popular marketplaces and delivery services to steal money and payment data.

Signal faces Technical Difficulties just days after it was downloaded by millions of new users.

Description

Recently, Whatsapp has updated its privacy policy that will be effective from 8th Feb 2021 and it is mandatory for all the users to agree to the terms and conditions of this new privacy policy in order to use the app in future.

Security experts warned gaming companies to improve their security measures

Description

Researchers have discovered 500,000 breached stolen credentials of employees from gaming companies and a million compromised internal accounts related to employee and customer-facing resources on the dark web. The compromised accounts were linked to internal resources like admin panels, VPNs, Jira instances, FTPs, SSOs, developer-related environments and more were found in virtually all of the top 25 gaming companies studied.

Antwerp laboratory hit by ransomware attack

Description

Recently, the General Medical Laboratory (AML) in the Antwerp district of Hoboken which was working for the management of Covid-19 pandemic has been the victim of ransomware attack. The attackers installed ransomware on the lab’s website and the website stopped working. The hackers demanded a large amount of ransom in order to make the site function normally.

Attackers misuse Facebook ads for Phishing Scams and steal users’ Login Credentials

Description

Security experts from ThreatNix have detected that attackers have misused Facebook attacks in order to run a phishing campaign. These Facebook ads redirected the users to GitHub where the actual phishing pages resided. More than 6 lakhs of people belonging to different countries like Egypt, Philippines, Pakistan and Nepal fell into the trap of this phishing campaign.

Whirlpool suffers Nefilim ransomware attack

Description

Recently, Whirlpool has suffered a ransomware attack by Nefilim ransomware gang and the attackers stole the data before encrypting devices. The Whirlpool Corporation is an American multinational manufacturer and marketer of home appliances that has generated approximately $20 billion revenue in the year 2019.

Hackers can steal our private information with the help of Google Docs Bug

Description

Recently Google has fixed a bug in its feedback tool incorporated across its services as the tool could be exploited by an attacker to steal screenshots of sensitive Google Docs documents simply by exposing them in a malicious website

Shopping ads promoted on Google may lead to phishing site

Description

Online shopping has become very popular in modern times and amid this festive season millions of users are searching for the best deals on online shopping platforms. However, it should be noted that all the shopping ads promoted on Google are not created by legitimate advisers. Some of these ads are created by cybercriminals and may lead to malicious phishing websites. These phishing websites are usually responsible for stealing the login credentials of users and the users fall into the trap of financial scams.

The video game company, Koei Tecmo suffers a data breach

Description

Koei Tecmo Holdings Co. Ltd, is a Japanese video game and anime holding company created in 2009 by the merger of Koei and Tecmo. Koei Tecmo Holdings owns several companies, the biggest one of those being its flagship game developer and publisher Koei Tecmo Games. The company is famous for releasing popular games such as Nioh 2, Hyrule Warriors, Dead or Alive, Atelier Ryza, etc.

More than 15 Billion Login data and Passwords were released on the Dark Web

Description

Recently, more than 15 billion login credentials have been discovered by researchers and cyber security experts that were released on the Dark we for sale. The released database included usernames, passwords, login data from online bank accounts, and from online music & video streaming services.

Chrome extensions can be too dangerous when used for malicious activities

Description

Recently, researchers and experts at Kapersky have detected that popular Google Chrome Extensions have been used to play videos in user’s browsers and increase the view counts. More than twenty Browser extensions have been used by the culprits to use chrome on user’s devices with malicious intentions.

Ransomware attacks are increasing in Indian pharma sectors

Description

Recently, researchers have highlighted the issue of rapid increment in ransomware attacks on healthcare and pharma companies. Amid this pandemic situation, these healthcare sectors have tried their best to fight COVID-19 and look after the well being of the people. But new reports suggest that there has been a rapid increment in ransomware attacks on the Indian pharma firms towards the end of 2020 as these companies finalise the vaccine of Covid-19.

Tech giants join legal battle against hacking company NSO

Description

Microsoft, Google, Cisco, Dell and other well known tech companies have recently joined Facebook’s legal battle against the hacking company NSO. A legal complaint was filed against NSO as the company had exploited a bug in Whatsapp, an American freeware, cross-platform messaging and Voice over IP service owned by Facebook.

Russia Denies Large Scale US Hack

Description

Russia has completely denied the recent cyber-attack that impacted at least six federal agencies in the United States. In the last week, America’s Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive after cyber-criminals trojanized updates to SolarWinds’ Orion IT monitoring and management software to launch a large-scale cyber-attack.

Roanoke College delays spring semester after cyberattack

Description

Roanoke College has postponed their spring semester by almost a month as a cyberattack has impacted files and data access. It is a private liberal arts college located in Salem, Virginia, with approximately 2,000 students. The semester was delayed in order to ensure that all network outages that the college is currently experiencing are resolved.

Facebook Bug Exposed Personal Information of Instagram Users

Description

According to the researcher, the private information of Instagram users was just a DM away as a Facebook bug exposed the private data of Instagram users, including their email addresses and birthdays. Ironically, the service promises users that such information won’t be disclosed to the public at the time of registration.

Telangana Government Site Flaw Exposed Sensitive Data of All Its Employees and Pensioners

Description

In August, a server misconfiguration was found on the Telangana government site that risked exposing over 130,000 official files. Those files included thousands of government employee payslips, income tax details, and pension documents that had information including full names, addresses, bank account numbers along with IFSC codes, phone numbers, and salaries drawn, among other data

France based hardware wallet provider Ledger suffered a data breach in July 2020

Description

France based hardware wallet provider Ledger suffered a data breach back in July this year. Ledger develops security and infrastructure solutions for cryptocurrencies as well as blockchain applications for individuals and companies, by leveraging a distinctive, proprietary technology. The incident took place on July 25th, 2020 in which attackers stole the personal data of customers and subscribers.

Malicious gems steal user's cryptocurrency

Description

Open-source security firm Sonatype reported that new malicious RubyGems packages have been discovered that are being used in a supply chain attack to steal cryptocurrency from unsuspecting users.

India approves a secured framework against cyber threats

Description

Recently, India introduced its first and biggest framework to protect itself from cyber attacks, data theft and other virtual vulnerabilities threatening its national security. The Union cabinet has approved the ‘National Security Directive on Telecom Sector’ in view of the alarming magnitude of cyber threats to India, official sources said.

Google Chrome and Edge users at risk from new extensions

Description

Cybersecurity Research and Provider company Avast, has recently discovered about 28 new browser extensions, both in Google Web Store and in Microsoft Edge add-ons portal. These extensions are considered highly dangerous by Avast. Once these extensions have been downloaded in the browser, the malware starts to work on stealing sensitive private data from your browser as well as it can take you to various phishing websites

45 million medical scans from hospitals all over the world left exposed

Description

Nearly two thousand servers containing 45 million images of X-rays and other medical scans were left exposed on online platforms within the past twelve months. These scans and medical reports could be freely accessed by anyone, without any security protections. As reported by CybelAngel (a Digital Risk Protection Platform), these sensitive personal information were not only exposed to the public but also accessed by malicious folk.

Researchers at Kaspersky detected 360,000 malicious files per day in 2020

Description

Over the past 12 months, researchers at Kaspersky (the multinational cybersecurity and anti-virus provider) discovered an average of 360,000 new malicious files every day. There has been an increment of 5.2% than the previous year i.e 18,000 more malicious files per day have been discovered.

Adrozek Malware Delivers Fake Ads to 30K Devices

Description

Adrozek is a new ad-injecting browser modifier malware that is capable of extracting device data and stealing credentials. Hence it has become a dangerous threat in recent times. According to researchers, the malware was at its peak in August 2020 when it targeted more than 30,000 devices per day affecting multiple browsers.

Google Gives New Perspective to Web Security Threats via XS-Leaks

Description

In a recent article, Google revealed that attackers are taking advantage of a specific class of vulnerabilities derived from side-channels built into the web platform, to extract sensitive information from various web applications. Dubbed cross-site leaks (XS-Leaks), this new class of vulnerability highlights new challenges for the security of web infrastructure.

Google server crashed on 14th Dec affecting more than 40,000 people worldwide

Description

Services provided by Google abruptly went down on Monday evening affecting more than 40,000 people worldwide. Many of the services which went down include Google Search, YouTube, Gmail, etc. The affected apps also included Google maps, Google Calendar, Google Docs, Google Slides. The latest outage started at approximately 5pm (IST) today.

IBM says “Companies involved with Covid vaccine 'cold chain' supply process will be the next target of hackers”

Description

In a recent report published by IBM the company informed about “a global phishing campaign” focused on organizations associated with the COVID-19 vaccine “cold chain” process. “Cold chain” is the process of keeping the vaccine doses at extremely cold temperatures (minus 70 degrees Celsius or below) while transporting them from manufacturers to people’s arms in order to prevent spoiling.

Cybercriminals target Media Agencies

Description

Media agencies have become one of the major targets for cybercriminals. In recent times ransomware attacks on media agencies have been very common. LockBit ransomware gang attacked the Press Trust of India and due to the attack the agency was prevented from delivering news to its subscribers. The largest independent news agency in Denmark, named Ritzau suffered a ransomware attack that led to the compromise and encryption of more than one-quarter of its 100 network servers.

IT Firms are at a Greater Risk of Cyberattacks

Description

Amid this ongoing pandemic situation IT companies are at high risk of cyberattacks. Within the last few weeks several IT firms witnessed direct cyberattacks which affected both their reputation and business.

Transportation Technology Firm Rand McNally hit by cyberattack

Description

Recently the firm, Rand McNally has suffered cyberattack and is currently working on restoring its network functionality. Rand McNally is a Chicago-based transportation technology firm founded in 1856. It provides leading route mileage optimization and fleet management software to carriers, shipping companies, and third-party logistics providers. The firm also owns a cloud-based telematics platform and distributes connected vehicle technology, consumer travel, and education products it produces.

Back-to-Work Phishing Campaign Targets Corporate Email Accounts

Description

Towards the end of November, ‘Abnormal Security’ detected one of the phishing campaign’s attack emails. The phishing campaign used back-to-work notifications in order to compromise recipients’ corporate email accounts.

That message involved an internal notification from the recipient’s company. It did so by using spoofing techniques to disguise the sender address. The email didn’t originate from inside the company. However in its research Abnormal Security explained that email instructed the recipient to open an HTML attachment containing the recipient’s name in its title.

Cyberattack on Brazilian Plane Maker Embraer

Description

Recently, The Brazillian airplane maker company Embraer disclosed a ransomware attack. According to Embraer website it is the third largest commercial jets maker with more than 8000 airplanes manufactured till date. Embraer manufactures commercial, executive, military, and agricultural aircraft.

Online Learning Company K12 suffered Ransomware Attack

Description

Recently, online learning solutions provider K12 Inc faced a ransomware attack and had to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware.

Initially, the company detected unauthorized activity on its network. The attackers deployed a piece of ransomware and accessed information stored on some corporate back-office systems. This includes student and employee information, but K12 has yet to determine exactly what type of information has been compromised.

llinois Valley Community College warns students about data breach

Description

Recently, Illinois Valley Community College has informed all its current and former students, faculty and applicants about a data breach that took place in April. More than 160,000 letters have been sent by the college to all the people who may get affected by the data breach.

Cybercriminals Attack Vulnerable WordPress Sites

Description

WordPress is a free and open-source content management system (CMSes) with plugins architecture and a template system. It has schemes that allow professionals and novices alike to create amazing websites with ease. Because of great popularity and easily available development features WordPress is often a target of cybercriminals seeking ways to launch their malicious activities.

Specialty networking solutions provider Belden suffers data breach

Description

Recently, specialty networking solutions provider Belden disclosed a data breach resulting in the theft of employee and business information. The company reported that the hackers responsible for the incident got access to some current and former employee data, as well as limited and sensitive information of the company regarding some business partners.

Leakage of admin password through Symfony profiler fixed by Last.fm

Description

Over the last week, British music-streaming app Last.fm suffered the leakage of several admin password credentials. The bug has been fixed but it posed an immense threat to all the users of Last.fm of having their personal data exposed.

The cause for this leakage, as discovered by security researchers Sebastien Kaul and Bob Diachenko, was a web app running in debug mode in the background.

Researcher earns nearly $4,000 from TikTok after discovering a couple of vulnerabilities

Description

TikTok is a China-made global phenomenon mobile phone app used to create short lip-synced comedy or talent video clips of between 3 and 15 seconds or looped up to 60 seconds. It is highly popular among the youth who use it for self-publicity or showing off.

WhiteHat Jr admits a bug made their data vulnerable

Description

WhiteHat Jr is an Indian startup and online education platform that offers Online coding classes and technical education. It is a highly popular online education platform with numerous users. However, security experts have detected vulnerability in this platform on 19th November. WhiteHat Jr had a bug in its system that made its data of over 2.8 lakh students vulnerable.

Russian Hacker group, REvil threatens Kenneth Copeland to release 1.2 terabytes of sensitive data

Description

The Russian ransomware group known by the name of REvil has attacked Kenneth Copeland Ministry. Kenneth Copeland Ministry is an organization with a net worth of at least $300 million owned by the American televangelist Kenneth Copeland who has been recognized preaching the prosperity gospel. As part of his evangelism, he calls for donations to his church, with the suggestion that parishioners will get a “hundredfold” return on their investment.

Manchester United football club suffered a data breach

Description

Of late, the extremely popular football club Manchester United has been hit by a cyber attack. The attack involved a breach of personal data of its fans. However, initially the club was not aware of any breach of personal data associated with its fans but later the club confirmed the security breach. As a result of the security breach the club had to shut down its systems to prevent the malware from spreading within.

Hacker leaks the user data of Peatix app

Description

Peatix is one of the well-known online event management apps currently ranked among the Alexa Top 3,500 most popular sites on the internet with millions of users. But, a hacker has leaked personal data of more than 4.2 million users registered on Peatix. The site’s user data was made available through ads posted via Instagram stories, on Telegram channels, and on several different hacking forums.

U.S tax payers targeted by Mount Locker ransomware

Description

Ransomware attacks have become very common in 2020. The ransomware group named Mount Locker first came into action in July and it is now preparing to take advantage of the tax season in the U.S. Mount Locker operators have been observed specifically targeting Turbo Tax returns. Turbo tax is a software used for the preparation of American income tax returns

Spotify users targeted by attackers

Description

Spotify is one of the famous music streaming services with millions of users. However, users of the music streaming service were targeted by attackers using credential-stuffing approaches and due to this credential-stuffing operation, subscribers of Spotify streaming music service may have experienced some disruption

Pray.com exposed personal data of 10 million users

Description

Pray.com is a popular Christian faith app used for daily prayers and biblical audio content. It has been downloaded by several million users from the Play Store. Recently, Pray.com has exposed personal data of 10 million users dating back to 2016.

Researchers at vpnMentor discovered four misconfigured AWS S3 buckets belonging to the company. Although it had made private around 80,000 files, it failed to replicate these security measures on its Cloudfront CDN, which also had access to the files. This means a hacker could have released personal information of 10 million people, most of whom were not even Pray.com users.

More than 80% of the companies restructured their cybersecurity infrastructure

Description

Amid the pandemic situation of 2020, when everyone is getting accustomed to work from home, there has been a rapid increase in the rate of cyber attacks. The ongoing pandemic has increased the usage of the internet to a large extent in India. But at the same time the rate of Cyber crimes has also increased. Due to the increased rate of cyber attacks, over 80% of the companies have changed their approach to cyber security.

Over 40 percent of organizations sped up their cloud migration because of COVID-19. Some already used several cloud services, such as services to track employee productivity, cloud invoicing and accounting solutions, and videoconferencing programs.

American Bank Systems faces Ransomware attack

Description

American Bank Systems (ABS) is a company that provides services to U.S. financial institutions and banks. Recently, the company has been hit by a ransomware attack. On analysis, researchers discovered that a ransomware group named Avaddon was responsible for the attack. They had acquired over 50 GB of the company’s proprietary data but had leaked only 4 GB of it initially. But after ABS refused to cooperate with Avaddon’s ransom demands, the threat actors have published the entire 52.57 GB worth of stolen data.

Cybercrime will cost the world $6 trillion annually by 2021

Description

In recent times cybercrime has become one of the biggest problems with mankind and it is one the greatest threats in today’s world. According to Cybersecurity Ventures, cybercrimes had cost $3 trillion in 2015. But they predicted that Global Cybercrime Damages will reach $6 trillion annually by 2020. This prediction has been acknowledged by several major media outlets, senior government officials, tech-industry experts, world’s largest cybersecurity companies, and cyber fighters globally.

TroubleGrabber malware targets Discord users

Description

TroubleGrabber is a recently discovered malware that spreads via Discord attachments and uses Discord webhooks for data exfiltration. The security researchers at Netskope, the American cyber security firm have spotted this new credential stealer TroubleGrabber that uses Discord webhooks to transfer stolen data to its operators. Several threat actors use the new info stealer to target gamers on Discord servers and to steal their passwords and other sensitive information. The functionalities of this malware is very similar to the AnarchyGrabber, another info stealer.

Pluto TV suffers a data breach affecting 3.2 million accounts

Description

Pluto TV is an American internet television service owned by Viacom CBS. It is one of the leading free online TV service providers that offers several ad-supported channels corresponding to real-life networks (NBC, Nick, etc.) and various topics (old movies, gaming, etc.). Recently, Pluto TV has suffered a security breach and the hackers shared records of 3.2 millions of account details from 2018 for free. The well-known hacking group, ShinyHunters which has previously released customer data from over 17 companies and broke into microsoft’s private repository earlier this year, was responsible for the breach.

Data breach incident involving covid-19 results

Description

On September 16, 2020, the Department of Health and Social Services (DHSS) discovered that a Division of Public Health temporary staff member mistakenly sent two unencrypted emails, one on August 13, 2020, and one on August 20, 2020, to an unauthorized user.

These unencrypted emails involved COVID-19 test results for approximately 10,000 individuals. The email of August 13, 2020 included test results for individuals tested between July 16, 2020, and August 10, 2020 while the August 20, 2020 email included test results for individuals tested on August 15, 2020.

$2 million stolen from cryptocurrency service Akropolis

Description

Akropolis is a Defi (decentralized finance) lending and savings protocol which allows users to take loans and earn interest on crypto deposits. But recently, this cryptocurrency service faced a “flash loan” attack and the hacker stole around $2 million worth of cryptocurrency. Of late, flash loan attacks have become very common against cryptocurrency services running Defi platforms.

ISPA is warning SA’s 11 million gamers

Description

11 million gamers of South Africa were warned of targeted attacks by the local Internet industry representative body, the Internet Service Providers’ Association (ISPA). The global gaming industry has seen major growth in this lockdown and it was rated the third most popular entertainment genre in the world after books and gambling. But at the same time the gaming industry has become one of the major targets.

Malware attack disclosed by Milteni Biotec

Description

With the spread of the Covid-19 pandemic, there has also been an increase in the number of ransomware attacks across the world. Many groups have come up who are constantly attacking and harassing various companies and infrastructure. Most of these attacks have been targeted towards the health sectors across the world. The main reason for this is that because of the Covid the healthcare industry is slowly moving all of its functionalities to the online mode of service. This mode of service makes the data infrastructure more vulnerable to such cyber attacks

Ransomware attack is a major threat to manufacturing industry

Description

Ransomware attacks have become a major problem for the manufacturing industry as cyber criminals are highly interested in targeting the industrial control systems (ICS) that manage various operations. On analysing the records researchers have discovered that the number of publicly recorded ransomware attacks against the manufacturing industry has tripled in the last year.

New attack method can steal data from Intel CPUs

Description

Researchers disclosed that a new attack method named Platypus targets the RAPL interface of Intel processors. Platypus is actually the acronym for “Power Leakage Attacks: Targeting Your Protected User Secrets” while RAPL stands for Running Average Power Limit. RAPL is a component that allows software or firmware applications to monitor power consumption in the CPU and DRAM. RAPL, which effectively allows firmware and software apps to read how much electrical power a CPU is pulling in to perform its tasks, is a system that has been used for years to track and debug application and hardware performance.

New Tricks and Tactics of Joker malware

Description

With technology growing at an exponential rate, the threats to such technology by cyber attacks have also increased. But with the increase in the number of cyber attacks, there are people who have come up with new and innovative ways to prevent such attacks from happening and to maintain the security of a system. For this reason, cyber criminals try to come up with even more innovative ways to bypass all these security measures.

Medical Billing Company suffers Data Breach

Description

Timberline is based on Des Moines, the capital city of Iowa and it provides services to around 190 schools of Iowa. In recent times, Timber Billing Services LLC faced a cyberattack. After gaining access to the company’s network, the attacker encrypted files and removed information.

Successful exploits against Windows 10, iOS, Chrome at Tiangfu Cup

Description

Many of the superior software programs of recent times were hacked using new and advanced techniques at the 2020 edition of Tiangfu Cup, the most prestigious and largest hacking competition of China. The third edition of Tiangfu competition was held in the city of Chengdu, in central China and ended on 9th November, 2020.

Hackers used mysterious bugs to hack iphones and android phones

Description

Google’s elite team responsible for bug and malware detection found and disclosed seven mysterious and critical bugs that have been exploited by hackers. These bugs may have a high impact on Windows, Chrome, Android and iOS. Google also said that all these bugs were related to each other in some way or other indicating that these vulnerabilities were being used by the same hacker or same gang in order to hack people.

Healthcare Workers Private Data Leaked from Covid-19 Tracker App

Description

Since the November of last year, the entire world has been suffering from a life-threatening pandemic situation. We have been forced to be isolated into our homes and continue our work using online resources. But shifting huge amounts of data to the internet also increased the chances of cybersecurity attacks. In the past few months, there have been an increasing amount of attacks on various networks and public sectors, especially the healthcare sectors.

Discovery of Linux Version of RansomEXX by Kaspersky.

Description

RansomEXX is a new ransomware that became famous since June 2020. Cybercriminals have used this ransomware for attacking large organizations like Tyler Technologies, the US government contractor , Montreal’s public transportation system, the Texas Department of Transportation (TxDOT), Konica Minolta, and Brazil’s court system (STJ). Security Researchers call RansomEXX the “Big Game Hunter’ as it targets big organizations and demands for large ransom.

Zoom Misled Users About Secured Meetings

Description

Federal Trade Commission (FTC) filed a complaint accusing Zoom of deceiving users over security since 2016. It was said that the company held on to cryptographic keys that allowed it to access content from its customers’ meetings, and secured meetings with a lower level of privacy encryption than it promised customers.

Vulnerabilities detected in Schneider Electric PLCs

Description

Researchers at Claroty have found out new details on authentication and encryption vulnerabilities in Schneider Electric programmable logic controllers (PLCs). If exploited, these vulnerabilities could allow an attacker to exfiltrate data, modify code, and execute commands on operational technology (OT) and critical infrastructure systems.

Social Media Scammers use Cadbury brand name for data extraction

Description

A fake Facebook Group has been offering a free hamper of Cadbury chocolate to trick social media users into revealing their personal and financial details. As discovered by Think Tank Parliament, the campaign is basically based on “Cadbury Rewards”. These scammers have been using the Cadbury logo on the social media sites to extract users’ personal information.

Ryuk ransomware operators had used pentester toolkit for criminal activities

Description

Nowadays, there has been a rapid increase in the rate of ransomware attacks. The Advanced Intel group had detected that Ryuk ransomware operators had used pentester toolkit for targeted cybercrime operations, and they have succeeded in their criminal activities.

WordPress plugin makes it easier for cybercriminals to attack

Description

Welcart e-Commerce is a free WordPress plugin that has more than 20,000 installations. According to WordPress, Welcart e-Commerce enjoys top market share in Japan. It allows site owners to add online shopping to their sites in a turn-key fashion, with options to sell physical merch, digital goods and subscriptions, with 16 different payment options.

Israeli companies targeted by Pay2Key Ransomware

Description

In recent times several well-known organizations and large corporations of Israel have been breached and had their systems encrypted by a previously unknown ransomware called Pay2Key. The attacks were first carried out towards the end of October. In a report published by the Israeli cyber security firm, Check Point it is stated that most of the attacks have been carried out at midnight when fewer employees are working at the IT companies.

Linux servers and Linux IoT devices targeted by Gitpaste-12 worm

Description

Researchers have discovered a new worm named as Gitpaste-12 that has targeted Linux Servers and Linux IoT devices that are based on ARM and MIPS CPUs. The malware is called GitPaste -12 as it uses Github and Pastebin for accommodating the component code it has 12 different attack modules.

Customer data leaked by Hotel reservation platform

Description

Hotel reservation platforms released personal data of customers from famous online booking sites. Prestige Software which is a Spain-based software company of Barcelona was caught for releasing sensitive and private information of millions of customers around the entire world.

Over 47.5 millions of Truecaller Customer’s data released on dark web

Description

Truecaller is a smartphone application that has features of caller-identification, call-blocking, flash-messaging, call-recording, Chat & Voice by using the internet. The app was developed by a private company called True Software Scandinavia AB in Stockholm, Sweden. Of late, 47.5 millions of Indian customers’ personal information was released by an anonymous individual on the dark web for $1000.

Researchers uncover a new type of APT group

Description

In the past decade, the word has witnessed an exponential growth in technology. But such development comes with its own pros and cons. With the growth of technology, there has also been an increase in cybercrime and cyber attacks. Black hat hackers are either producing sophisticated technologies for attacking vulnerable systems or using sophisticated technologies created by others to hack into vulnerable systems.

Virtual machines at a threat from Regretlocker Ransomware

Description

With the rise in the Covid-19 pandemic, there has also been an increasing rise in cybercrimes around the world. There have been various reports of attacks by black-hat hackers, especially reports of ransomware attacks from various public and private sectors of the world.

Several JavaScript Vulnerabilities in Adobe Acrobat Reader

Description

Adobe Acrobat Reader is one of the well-known PDF reader in the market. It has got a huge user base and is used as a by-default PDF reader in systems. However, in recent times several JavaScript vulnerabilities have been detected in Adobe Acrobat Reader. These vulnerabilities were discovered by Aleksander Nikolic of Cisco Talos and can be easily triggered by sending email attachments or visiting unknown websites.

Leakage of Stolen data may not be prevented by paying Ransom

Description

In one of its recently published reports, Coveware which is a ransomware IR provider stated that of late there has been an increment of 31% in paying ransom to the cybercriminals. In the 3rd quarter (Q3) of 2020, overall ransom amounting to $233,817 was paid to the cybercriminals by the targeted organizations. The report also said that cases where the attackers have exfiltrated data and demanded additional payment for deleting all the leaked data have doubled in this quarter.

419 new cyber threats per minute in 2nd Quarter of 2020

Description

In a recent report released by McAfee, mainly based cybercrime activities, it is stated that 419 cyber threats are taking place per minute in the second Quarter (Q2) of 2020. Amid the pandemic situation, when people are getting accustomed to work from home situation, there has been a rapid growth in the rate of cyber attacks. Raj Samani, the chief scientist at McAfee said that it has been quite easy for the cybercriminals to attack the famous enterprises through their employees who have been working online either from their home or other remote places.

New Partnership of Microsoft with NCSC for Cyber Accelerator Program.

Description

Microsoft is one of the biggest tech companies in the world that is best known for software products. The Cyber accelerator program of Microsoft aims to support the extension of newly emerged cyber oriented companies and growth of entrepreneurs and their start-ups in the field of cyber security. The main objective of Microsoft is to make UK a safe place to carry all the works online by helping these start-ups to bring advanced, cheaper and faster products in this particular field.

Inverted images to evade detection

Description

Phishing is not a new term in the world of cybersecurity and cybercrime. During the Covid-19 pandemic, there have been several reports of phishing scams around the world. But recently, there have been reports of a phishing campaign to steal login credentials from Office 365 users. Office 365 is a product of Microsoft, which collaborates all the Microsoft Office tools online.

Mysterious APT sends Curious ‘KilllSomeOne’ message

Description

Recently, a new advanced mysterious APT has threatened the non-governmental sectors in Myanmar (formerly known as Burma) in Southeast Asia. The threatening messages sent by the attackers include messages like “kill someone”. Researchers are working hard to gather information about these attackers responsible for sending such script-kiddie messages.

5.22 GB of Mashable database was leaked by ShinyHunters

Description

Mashable is an American entertainment company and a multi subject digital media platform that contains blogs on all the topics including technology, culture, science, social good etc. But recently 5.22 GB worth of database that belongs to mashable.com has been leaked by a hacker from the online handle of Shiny Hunters. This leaked database is available on various hacker forums.

Capcom, the Japanese video game company faced a Cyber attack

Description

Of late, the Japanese video game publisher and developer, Capcom faced a cyber attack which affected their business. Capcom is a reputed video game company that has developed several games including Mega Man, Street Fighter, Darkstalkers, Resident Evil, Onimusha, Dead Rising, Dino Crisis, Sengoku Basara, Monster Hunter, Ace Attorney and Breath of Fire. The firm is also famous for developing Disney animated games.

Increased rate of Ransomware attack in health sectors amid the pandemic

Description

Amid this pandemic situation, there has been a growth in the rate of Ransomware attacks in health sectors. Within a few months of this year, more than eighty ransomware attacks have been reported. These attacks have impacted both small and large health facilities.

Recently, a 434 bed hospital named as Presbyterian Medical Center Recently, a 434 bed hospital named as Presbyterian Medical Center of Hollywood faced a ransomware attack. Giles, the chief information officer of the hospital informed that due to the attack his staff had to pay $17,000 converted to cryptocurrency to the hackers.

Leading Cyber Security Company Sued 23 Suits After Ransomware Attack

Description

Blackbaud is a leading cybersecurity company operating in various countries around the world, notably, Canada, USA, Australia, United Kingdom, etc. With the spread of the Covid-19 pandemic, reports of ransomware attacks on various sectors of the world have also been on the increase. There have been reports of ransomware attacks in the public health sectors, etc. Even the cybersecurity services providing companies are not spared from such attackers.

Microsoft Store Games could be Modified for Extra Privileges on Windows

Description

In the recent past, Microsoft had announced that it has begun allowing mods on certain games available on its store. Mods simply means that a user can modify certain files or parts of the game to customize the look and the feel of the game. A researcher at IOActive, a Cybersecurity service provider, felt that this might lead to the exploitation of vulnerabilities, if any, on the Microsoft store which could affect millions of Windows users.