14 Nov, 2024

Iranian hackers now exploit Windows flaw to elevate privileges

The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. In these attacks, spotted by Trend Micro researchers, OilRig deployed a novel backdoor, targeting Microsoft Exchange servers to steal credentials, and also exploited the Windows […]

3 mins read

OpenAI confirms threat actors use ChatGPT to write malware

OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks. The report, which focuses on operations since the beginning of the year, constitutes the first official confirmation that generative mainstream AI tools are used to enhance offensive cyber operations. […]

6 mins read

European govt air-gapped systems breached using custom malware

An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. According to an ESET report, this happened at least two times, one against the embassy of a South Asian country in Belarus in September 2019 […]

3 mins read

Recent Dr.Web cyberattack claimed by pro-Ukrainian hacktivists

A group of pro-Ukrainian hacktivists has claimed responsibility for the September breach of Russian security company Doctor Web (Dr.Web). Dr.Web confirmed last month that its network was breached on September 14, which forced it to disconnect all internal servers and stop pushing virus database updates to customers while investigating the incident. In a Tuesday Telegram post, DumpForums […]

3 mins read

Internet Archive hacked, data breach impacts 31 million users

Internet Archive’s “The Wayback Machine” has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records. News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached. […]

3 mins read

AT&T, Verizon reportedly hacked to target US govt wiretapping platform

Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports. The purpose of the attack appears to be for intelligence collection as the hackers might have had access to systems used by the U.S. federal government for court-authorized […]

4 mins read

Dutch Police: ‘State actor’ likely behind recent data breach

The national Dutch police (Politie) says that a state actor was likely behind the data breach it detected last week. The attack compromised police office contact details, names, email addresses, phone numbers, and in some cases, private details. According to the original report, the attacker had hacked a police account and stole work-related contact details of […]

2 mins read

Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks

Adobe Commerce and Magento online stores are being targeted in “CosmicSting” attacks at an alarming rate, with threat actors hacking approximately 5% of all stores. The CosmicSting vulnerability (CVE-2024-34102) is a critical severity information disclosure flaw; when chained with CVE-2024-2961, a security issue in glibc’s iconv function, an attacker can achieve remote code execution on the […]

4 mins read

Media giant AFP hit by cyberattack impacting news delivery services

Global news agency AFP (Agence France-Presse) is warning that it suffered a cyberattack on Friday, which impacted IT systems and content delivery services for its partners. The news organization says the attack does not impact news coverage worldwide but has impacted some client services. AFP’s IT staff is working with France’s cybersecurity agency (ANSSI) to […]

3 mins read

New RomCom malware variant ‘SnipBot’ spotted in data theft attacks

A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems. Palo Alto Network’s Unit 42 researchers discovered the new version of the malware after analyzing a DLL module used in SnipBot attacks. The latest SnipBot campaigns appear to target a variety of […]

4 mins read