Search Results for: hackers
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited
Today is Microsoft’s August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day. This Patch Tuesday fixed eight critical vulnerabilities, which were a mixture of elevation of privileges, remote code execution, and […]
Critical SAP flaw allows remote attackers to bypass authentication
SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system. The flaw, tracked as CVE-2024-41730 and rated 9.8 as per the CVSS v3.1 system, is a “missing authentication check” bug impacting SAP BusinessObjects Business Intelligence Platform versions 430 and […]
Chinese hacking groups target Russian government, IT firms
A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian government organizations and IT companies, are linked to Chinese hackers of the APT31 and APT 27 groups. Kaspersky, who discovered the activity, dubbed the campaign “EastWind,” reporting that it employs an updated version of the CloudSorcerer backdoor spotted […]
Good Security Tips For Protecting Your Laptop from Theft
Protecting your laptop from theft is important. Strong passwords, encrypted data, and never leaving your laptop unattended in public are key. Use physical security measures, software protection, and stay vigilant to reduce the risk of theft. Prevention is key, so take simple steps like using a laptop lock in public, installing tracking software, and backing […]
US dismantles laptop farm used by undercover North Korean IT workers
The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used to pose as U.S.-based individuals. Matthew Isaac Knoot, 38, helped North Koreans use a stolen identity to pose as Andrew M., a U.S. citizen, […]
US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks
The U.S. State Department is offering a reward of up to $10 million for information that could help capture a North Korean military hacker identified as Rim Jong Hyok. Part of the Andariel North Korean hacking group, Hyok and other Andariel operatives were linked to Maui ransomware attacks targeting critical infrastructure and healthcare organizations across the […]
Crypto exchange Gemini discloses third-party data breach
Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed. The American crypto exchange began sending notices to impacted individuals a month ago, on June 26, 2024 but submitted a sample of the letters yesterday to the Attorney General’s […]
Mekotio Trojan Targets Latin American Banking Credentials
A new analysis has shed light on the threat posed by the Mekotio banking trojan, a sophisticated piece of malware primarily targeting Latin American countries since at least 2015. Designed to steal sensitive information, particularly banking credentials, Mekotio has been especially active in Brazil, Chile, Mexico, Spain and Peru. This malware shares its origins with other […]
The biggest password leak ever: nearly 10 billion credentials exposed
Cybersecurity researchers are calling it the largest password compilation leak of all time. On July 4, a newly registered user on a popular hacking forum posted a file containing nearly 10 billion compromised passwords in plaintext. The post was first noticed by researchers at Cybernews. “Xmas came early this year,” user “ObamaCare” wrote on the […]
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
A newly patched zero-day vulnerability was exploited by Chinese state-backed hackers to compromise Cisco Nexus switches, researchers have revealed. Cisco released a patch for CVE-2024-20399 on 2 July, 2024. The flaw is found in the CLI of Cisco NX-OS software and could allow an authenticated local attacker to execute arbitrary commands as root on a […]