Cyber Security News

The popular content writing and sharing platform Medium had a serious security flaw. The vulnerability basically existed in the Medium Vulnerability In Medium Partner Program Could Allow Siphoning Writers’ Earnings on Latest Hacking News . from Latest Hacking News https://ift.tt/3kYjDXa

The French logistics and maritime transport giant has recently fallen prey to a cyber attack. The CMA CGM Group faced French Logistics Giant CMA CGM Group Went Offline Following Malware Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/36kgv3S

Another ransomware attack surfaces online. The victim belongs to the health sector, thus affecting the patients. Reportedly, several hospitals in UHS Hospital Network Suffered Ransomware Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/33lb6Yx

While VPNs are supposed to protect users, the same tools can pose a threat to user security if found vulnerable. Fortinet VPN Flaw Exposes 200K Businesses To MiTM Attacks on Latest Hacking News . from Latest Hacking News https://ift.tt/36xhm1l

Google Play Store is a platform where threat actors keep reappearing due to its popularity and widespread use. No matter Google Removed 17 Android Apps With Joker Malware From Play Store on Latest Hacking News . from Latest Hacking News https://ift.tt/3cI9zid

Another crypto exchange has suffered a loss of millions of dollars following a cyber attack. As reported, the latest victim KuCoin Cryptocurrency Exchange Hacked Losing $150M Worth Of Crypto on Latest Hacking News . from Latest Hacking News https://ift.tt/36izr2K

The popular content pasting platform (specifically used for pasting codes) Pastebin has recently announced two new security features. These are Pastebin Introduce New Security Features: “Burn After Read” And Password Protected Pastes on Latest Hacking News . from Latest Hacking News https://ift.tt/3igGM5w

Airbnb users faced a peculiar issue recently when they started seeing unrelated inboxes. It turns out that Airbnb inadvertently exposed Airbnb Exposed Private Inboxes To Unrelated Accounts Due To Technical Glitch on Latest Hacking News . from Latest Hacking News https://ift.tt/2Sj7G1L

Cisco has rolled-out its biannual update bundle for its networking operating systems IOS (Internetwork Operating System) and IOS XE. The Cisco Addressed Numerous Bugs In IOS and IOS XE With September Update Bundle on Latest Hacking News . from Latest Hacking News https://ift.tt/34djBUE

The Cybersecurity and Infrastructure Security Agency (CISA) have disclosed a cyber attack on a federal agency. According to CISA, a CISA Disclosed Malware Attack On A Federal Agency Network on Latest Hacking News . from Latest Hacking News https://ift.tt/30mjq8j

India copyright office grants a series of rights to the developer of a computer program that protects his original creation legally. Under the Copyright Act, computer programming codes can be registered as ‘literary works’. As the program is safeguarded by copyrights, each subsequent modification or addition to the code containing sufficient originality will also be protected under the law. Generally, a computer program is preserved not by just one copyright but by a set of copyrights beginning from the first source code written till the last addition by the creator. Although, source code and object code differ from each other, the copyright office views both of the code forms as equal for registration purposes – maintaining the notion that the source code and object code are just two distinct forms of the same copyrighted program. Copyright ownership refers to a collection of rights that gives the creator an exclusive right to use the original creation like a song, literary wo...

  Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media) has notified one of the largest cryptocurrency exchanges  Binance about entering it into the register of prohibited sites. So far, the site in Russia is not blocked and continues to work. "On September 24, 2020, we received a notification from Roskomnadzor of the Russian Federation about the introduction of the site binance.com to the domain name registry containing information prohibited for distribution in Russia. According to the letter, this is information about the possibility of purchasing an electronic cryptocurrency (Bitcoin),” reported the press service of the crypto exchange. As noted in Binance, the company has not previously received notifications from law enforcement and civil government services, as well as from the judicial authorities about the existence of any lawsuits or court decisions. "We also continue to provide services to Russian users...

Bharti Airtel Ltd recently dispatched a 'suite of cybersecurity solutions' for large, medium and small businesses as they move on to digital and cloud platforms, expanding the need to protect information from online attacks. Airtel Secure, the suite, will have a security intelligence centre, a best in class infrastructure with admittance to cutting edge innovation and artificial intelligence tools.  The telco has put about ₹100 crore in Airtel security intelligence centre situated in the National Capital region (NCR), the chief executive Gopal Vittal said in a press conference. “… Cybersecurity is a critical requirement. Airtel Secure has been built to serve this need. It combines Airtel’s robust network security with cutting-edge solutions delivered through global partnerships to deliver end-to-end managed security services," he added further.  The telco has also collaborated with global firms Cisco, Radware, VMWare, and Forcepoint who will together give digital...

  Universal Health Services (UHS) is shut down after a ransomware attack by hackers. Fortune 5oo organization, UHS runs a network of more than 500 hospitals in the nation. Ryuk ransomware is said to be responsible for this attack. The attack took place earlier this week when the employees on Reddit and other platforms reported the issue. According to these discussions on Reddit, it was clear from the comments that many UHS locations took a hit and needed a manual process to re-start. One user said they had a lot of paperwork as the computers were shut down. Another user said they had to send their patients away, but the lab operations were working fine. However, they didn't have any computer-based access to anything. Another user said that their UHS was shut down. The employees had to handwrite everything and were not allowed to use their computers.  UHS, in its official statement, said, "The I.T. Network across Universal Health Services (UHS) facilities is currently offl...

Criminal hackers infiltrated the Google Play Store and Apple App Store with malicious apps. However, this time, the apps running More Apps Running HiddenAds Campaign Found On App Store And Play Store on Latest Hacking News . from Latest Hacking News https://ift.tt/33glUHm

Continuing the trail of ransomware attack victims, now joins Tyler Technologies – a government software provider. While the service has Government Software Provider Tyler Technologies Suffered Ransomware Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/36dpmUV

  For most of our accounts be it Bank accounts or social media accounts, we rely on two-factor authentication and OTP (one time password); thinking it the most trustable and impenetrable security. But we ought to think again as a new android malware, "Alien" with its remote access threat tool can steal 2FA codes and OTP as well as sniff notifications. Discovered by ThreatFabric, the Trojan Alien has been offered as a Malware-as-a-Service (MaaS) making rounds on underground hacking forums. Though this is not the first malware to access OTPs, Ceberus (malware gang with a similar code) has already been there and done that but Google's security found a way to detect and clean devises of Cerebus. Inspired and evolved from the same code, Alien has yet to be caught by a security server. With the remote access feature, Alien can not only seize passwords and login credentials but also grant hackers access to the device to use the stolen passwords. Alien can also perform the...

Instagram has again made it to the news due to a serious security flaw. Reportedly, a critical RCE flaw existed Critical Instagram App RCE Flaw Could Threaten Android And iOS Devices on Latest Hacking News . from Latest Hacking News https://ift.tt/3kP3p2y

A teenage researcher was awarded $25,000 as bounty for discovering a flaw affecting Instagram. Specifically, he found a stored XSS Teenager Awarded $25K Bounty For Finding Stored XSS In Instagram Spark AR on Latest Hacking News . from Latest Hacking News https://ift.tt/33dqyWm

Spying malware "FinSpy" has come back again in Egypt. This time in new campaigns is attacking activists and protestor organizations. Cyber experts have found evidence that the malware is attacking Linus and macOS users. In earlier campaigns, the spyware used to attack Android, Windows, and iOS users. But now, according to researchers, these campaigns are using malware that attacks Linux and macOS systems. FinSpy is a spying malware used for monitoring and surveillance purposes. According to the findings by Amnesty International, the new malware variants can record target's calls, control audio and video, monitor chats, and steal personal data. Law enforcement agencies and government has been using this software since 2011. But in recent findings, the experts identified new variants of the spyware operating since October 2019. The sample "PDF" targets Linux, and the sample "Jabuka.app" targets macOS users; both the samples are FinSpy variants. Researche...

  In a rather coordinated attempt in order to steal strategic data and critical infrastructure by sending phishing mails a campaign was launched by a Pakistan-backed hacker, Transparent Tribe.  The campaign, dubbed as 'Operation Sidecopy' utilizes a remote access malware that can heighten its privilege in undermined systems, and thus, easily steal data by infiltrating a computer.  Cyber Security researchers at Seqrite, the cyber security solutions arm of Quick Heal, believe that the main tools utilized in Operation Sidecopy shows the association of Transparent Tribe which Seqrite believes is being backed by China to accumulate insight against India.  One of the main characteristics that Seqrite believes can be associated with Pakistan's Transparent Tribe is the remote server facilitating that the 'collective uses'.  As per researchers Kalpesh Mantri, Pawan Chaudhari and Goutam Tripathy at Seqrite, Operation Sidecopy utilizes Contabo GmbH to 'host' t...

Data is perhaps the most significant resource a business can possess today, and data analytics is one of the most How Businesses Can Maximize The Value Of Data Analytics on Latest Hacking News . from Latest Hacking News https://ift.tt/2FYnhBG

Keeping your data safe online is more important than ever. New threats arise every day, and no matter where you Data Security Trends for 2020 on Latest Hacking News . from Latest Hacking News https://ift.tt/2Gis1l4

Summary: LinkedIn is an effective social media site for generating sales and growing your business. The website platform offers many How To Get More Sales Leads on LinkedIn for Your Business on Latest Hacking News . from Latest Hacking News https://ift.tt/3380z2E

Snapchat is one of the most popular social media platforms in the world right now. The app started as a How Can Parents Monitor Snapchat Conversations? on Latest Hacking News . from Latest Hacking News https://ift.tt/2FXXklH

Introduction The Internet is awash with articles detailing the pros and cons of facial recognition technology. These arguments are taken form ethical, political, Why Accuracy and Facial Recognition go Hand in Hand? on Latest Hacking News . from Latest Hacking News https://ift.tt/2EGA0rZ

Being cybersecurity ready offers many advantages, but your organization can always target hackers unless you do not know critical details. According to a Junior Research report in 2019, the expense of cybersecurity breaches in 2024 will reach to $5 Trillion every year from $3 Trillion currently. The data is helpful, especially for large organizations that depend on third-party cybersecurity services for their day to day operations. Data by Opus and Ponemon Institute shows that 60% of organization attacks happen due to the third-party actors. Data breaches can destroy the brand image of any organization and also result in a financial crisis. To limit data breaches, the organization should have a reliable third-party vendor that it can trust. Here's why any organization should research while preferring a new provider and why third-party threats are pressing.  Fewer vendors mean fewer threats. Currently, companies depend on many vendors to perform their day to day operations. ...

In the previous year, Cerberus malware emerged as a powerful Android trojan. It even revamped its functionalities to become more Cerberus Out, Alien Malware In! New Android Banking Trojan Has Arrived on Latest Hacking News . from Latest Hacking News https://ift.tt/3ihqSYE

Twitter has recently confessed another security glitch in its systems. Specifically, Twitter now warns of a potential API key leak Twitter Warns Developers Of A Potential API Key Leak Due To Glitch on Latest Hacking News . from Latest Hacking News https://ift.tt/3mVQr4R

The popular Chinese social media app TikTok has once again made it to the news. But this time, it’s not TikTok Glitch Allows Multi-Factor Authentication Bypass – No Patch Available Yet on Latest Hacking News . from Latest Hacking News https://ift.tt/3jdxCI0

The official website of the Ministry of Internal Affairs of Belarus, which has not worked for 19 days, is again available for Internet users, reported the press service of the Ministry of Internal Affairs. Interruptions on the department's website began on September 3. At the same time, screenshots of the website of the Ministry of Internal Affairs appeared in various Telegram channels,  which show that the data of the President of Belarus Alexander Lukashenko and the Minister of Internal Affairs Yuri Karaev were posted in the wanted notice. The press secretary of the Ministry of Internal Affairs of Belarus Olga Chemodanova announced the next day that the site was not working for technical reasons, and did not exclude a hacker attack. It was noted that an attempt was made to introduce malicious programs that block or modify the operation of the information resources of the Ministry of Internal Affairs. "The official website of the Department, which was suspended for tech...

Social networking giant Facebook says it terminated three fake account networks that could have been working for Russian intelligence. The intelligence, according to FB, might be leaking suspicious documents before the U.S presidential elections. According to FB, the suspended accounts contained fake users and identities and were suspended for 'coordinated inauthentic behavior.' The company associated all these accounts to Russian intelligence and hackers linked to St. Petersburg organization based in Russia. The U.S officials accuse the group of meddling with the 2016 U.S presidential elections and votes. As per now, the Russian authorities haven't responded to these allegations. Neither did the Russian foreign aid ministry when asked for the comment regarding the issue. Since the beginning of its rivalry with the U.S, it is common knowledge that Russia has always denied allegations of interference in the U.S. According to Russia, the country doesn't meddle with th...

The source code for Windows XP SP1 was leaked online today as a torrent. The person behind the leak claims he spent two months collecting the 43GB source code and leaked it today on the 4chan forum as a torrent. The leaked file contains not only Windows XPs code but also Windows Server 2003 and other older versions.    Files in the torrent include:  MS-DOS 3.30  MS-DOS 6.0  Windows 2000  Windows CE 3  Windows CE 4  Windows CE 5  Windows Embedded 7  Windows Embedded CE  Windows NT 3.5  Windows NT 4 The torrent file also contains some videos regarding conspiracy theories about Bill Gates. There's also a smaller zip version of the file containing just the source code is being distributed over the Internet.  Microsoft has yet to say anything on the matter publicly but Bleepingcomputer.com asked the tech giant and they said they "are investigating the matter". Apparently, this is not the first time a s...

LokiBot, a trojan-type malware first identified in 2015 is popular amid cybercriminals as a means of creating a backdoor into compromised Windows systems to allow the attacker to install additional payloads. It is an information stealer that uses a stealthy trick to evade detection from security software and steal personal data of victims including their usernames, passwords, bank details, and contents of cryptocurrency wallets – using a keyblogger that would monitor browser and desktop activities. Recently, the U.S. government's cybersecurity and Infrastructure Security Agency (CISA) observed a significant increase in malicious infections via LokiBot malware starting from July 2020. During this period, CISA's EINSTEIN Detection System, responsible for protecting federal, civilian executive branch networks, noticed continuous malicious activity by LokiBot. Credited for being simple yet effective, the malware is often sent out as an infected attachment via email, malicio...

Reportedly, an Indian COVID-19 surveillance app exposed data of millions of people online. Indian COVID-19 Surveillance App Data Exposed Researchers Indian COVID-19 Surveillance App Left Data Of Millions Of People Exposed Online on Latest Hacking News . from Latest Hacking News https://ift.tt/369WVHt

 The Ministry of Digital Development of Russia wants to ban the use of experimental encryption protocols DNS over TLS, DNS over HTTPS and ESNI in Russia, which can be used to bypass access blocks to prohibited sites. Experts warn that to implement such a ban, it will be necessary to block the servers of Google, Cloudflare and Cisco. On September 21, the Ministry submitted for public discussion a bill that prohibits the use of encryption protocols in the Russian Federation, which allow to hide the name of an Internet page or site. In particular, the Ministry believes that this will help to increase the effectiveness of blocking sites that are prohibited in the territory of the Russian Federation. According to the head of the Ministry of Digital Development Mister Shadaev, all the advantages of the new DNS request encryption protocols for users are obvious, "but we must understand that their wide distribution will also allow us to bypass all existing filtering and blocking syste...

Google Chrome has just announced a serious change that may not be good news for many developers. In a surprise Google Sunsets Chrome Web Store Payments System Affecting Paid Chrome Extensions on Latest Hacking News . from Latest Hacking News https://ift.tt/33Z08a0

In the wake of ever-increasing cybersecurity threats to the financial sector, an Australian bank has announced a much-needed step. Specifically, National Australia Bank (NAB) Launches Bug Bounty Program on Latest Hacking News . from Latest Hacking News https://ift.tt/2FTe6SZ

While Q2 of this year saw an overall 8% decrease in malware attacks, 70% of them were zero-day attack (attacks occurring after the discovery of a vulnerability and before the release of a patch) - a 12% increase from the previous quarter. After the zero-day attacks, HTTP based attacks marked up to be 34%, and consequently organizations that do not inspect incoming traffic will be blind to one-third of attacks.   But, there is some good news- encryption attacks reduced to 64% from Q1. Though it comes with a catch, while encryption threats decreased HTTP attacks made a massive jump even after many organizations equip HTTP inspection in their security intel.  “Businesses aren’t the only ones that have adjusted operations due to the global COVID-19 pandemic – cybercriminals have too,” said Corey Nachreiner, CTO of WatchGuard, on the report.  “The rise in sophisticated attacks, despite the fact that overall malware detection declined in Q2 2020, likely due to the s...

The e-commerce giant Shopify has now fallen prey to an insider issue. Specifically, Shopify has disclosed a security breach caused Shopify Disclose Security Breach By Two Of Its Employees on Latest Hacking News . from Latest Hacking News https://ift.tt/2EAvEm8

While data leak incidents via exposed servers aren’t uncommon, this time, the ignorant firm is a tech giant. Reportedly, Microsoft Microsoft Leaked Bing Data Online Through An Unsecured Server on Latest Hacking News . from Latest Hacking News https://ift.tt/330JNCt

According to cybersecurity firm Akamai's recent report titled "State of the Internet/Security," the gaming sector has suffered a big hit in the previous two years. Experts have reported around 10 Billion cyberattacks on the gaming industry between June 2018 and June 2020. Akamai recorded 100 Billion credential stuffing attacks during this period, out of which 10 Billion amount to attacks on the gaming sector. Besides credential stuffing, Akamai also recorded web application attacks. Hackers targeted around 150 Million web application attacks on the gaming sector. "This report was planned and mostly written during the COVID-19 lockdown, and if there is one thing that's kept our team san; it is constant social interaction and the knowledge that we're not alone in our anxieties and concerns," says the report. Web application attacks mostly deployed SQL injections and LFI ( Local File Inclusion ) attacks as per the latest published report. It is beca...

Global police agencies have confiscated over $6.5m both in cash and virtual currencies, 64 firearms, and 1,100 pounds of drugs - arresting 179 vendors across 6 countries including the U.S and Europe in one of the biggest raid on dark web marketplaces. The international sting operation saw considerable co-operation from Law enforcement agencies all over the world including the US, UK, Germany, Europe, Canada, Europe, Sweden, Austria, and the Netherlands. The 500kg of drugs recovered by investigators during the operation included fentanyl, methamphetamine, oxycodone, ecstasy, cocaine, hydrocodone, MDMA, and several other medicines containing addictive substances, as per the findings. The authorities dubbed the global sting operation as 'DisrupTor' and while announcing it, they claimed in a press release that the "golden age of the dark web marketplace is over." The roots of the operation go back to May 3, 2019; the day German authorities seized the dark web drug...

Mozilla Firefox browser’s latest version is out. With Firefox 81, Mozilla has released numerous bug fixes including patches for code-execution Firefox 81 Rolls Out With High-Severity Bug Fixes on Latest Hacking News . from Latest Hacking News https://ift.tt/32ZWsWe

Group-IB recorded a successful attack by the criminal group OldGremlin on a Russian medical company. The attackers completely encrypted its corporate network and demanded a ransom of $50,000. Russian-speaking hackers from the OldGremlin group attacked several Russian companies, despite the ban: among cybercriminals, there is an unspoken rule "do not work on RU". According to experts, since the spring of 2020, hackers from OldGremlin have conducted at least nine attacks on Russian companies. It is noted that they send malicious emails allegedly on behalf of the Russian media holding RBC, the Russian metallurgical holding, the Minsk Tractor Plant, the Union of microfinance organizations and other individuals and enterprises. Under various pretexts, attackers are asked to click on the link and download the file. After trying to open it on the victim's computer, the backdoor malware TinyPosh runs. This time a large Russian medical company became the victim of the criminal...

Ukrainian IT company SoftServe has issued an official statement about the recent hacker attack, in which it gave details of the incident and said that its investigation is still ongoing. As a reminder, in early September SoftServe underwent a hacker attack during which client data, including the source code of a number of developments, were stolen. Later, another confidential data appeared on the network, including scanned copies of internal and foreign passports of company employees. "As we reported earlier, SoftServe experienced a cybersecurity incident on Tuesday, September 1. It was a complex, multi-step and targeted attack against our company. As a result of the attack, the company's mail server was damaged, a number of corporate services were disabled, and the internal file server was compromised,” noted SoftServe. The attackers managed to download fragments of various information, and in order to put pressure on the company, they made them publicly available.  SoftS...

Another day, another breach. This time, it’s the gamers’ community that may suffer. According to reports, Activision has faced a Activision Data Breach Leaves 500,000 Call Of Duty Players’ Accounts At Risk on Latest Hacking News . from Latest Hacking News https://ift.tt/3mLOEPJ

A new phishing campaign has emerged. As observed, this phishing campaign makes use of hexadecimal IP addresses instead of the New Phishing Campaign Evades Security Checks With Hexadecimal IP Addresses on Latest Hacking News . from Latest Hacking News https://ift.tt/3cnxDGV

There are several ways to create a data flow needed for MMORPG but usually, it requires a server and a How MMORPGs Work on Latest Hacking News . from Latest Hacking News https://ift.tt/2RT88nq

  With hopes to upgrade the U.S. government's approach to deal with its maritime cybersecurity strategy in the coming months, the Trump administration is presently attempting to improve and further secure down the United States' ability to 'project power at sea' and guard against adversarial cyberattacks.  Their plan incorporates re-evaluating the national approach to deal with data sharing and better emphasizing the utilization of operational technologies in ports, as per one senior administration official.  When two officials were approached to comment they declined on revealing any particular data about the administration's plans, saying more info would be very soon be made public.  Yet, hackers have already begun their work, they have been for long focusing on shipping firms and the maritime supply chain to steal any data associated with the U.S. government or intrude on cargo operations and activities.  Utilizing a strain of ransomware known as Ryu...

It hasn’t been long since we heard of multiple security bugs in the Discount Rules for WooCommerce Plugin. Yet, recently, More Bugs Discovered In Discount Rules for WooCommerce Plugin on Latest Hacking News . from Latest Hacking News https://ift.tt/2Er8RZP

So you are planning to create a loan app? But not sure where to get started? If your answer is 11 Essential Tips for Loan App Development in 2021 on Latest Hacking News . from Latest Hacking News https://ift.tt/366HdNn

Currently, almost all of our life depends on smartphones. They control purchases, paying bills, communication, searching for something, have the 10 ways to make your smartphone an impregnable gadget on Latest Hacking News . from Latest Hacking News https://ift.tt/32Sny1r

Because of the clear benefits of crowdfunding, there are a ton of options in the market to choose from.  There Most Popular Crowdfunding Platforms on Latest Hacking News . from Latest Hacking News https://ift.tt/3kFz0U5

A serious bug exists in Firefox for Android browsers that allows hijacking other phones’ browsers connected on the WiFi. Upgrade Firefox for Android Bug Allows Hijacking Other Phones’ Browsers Over WiFi on Latest Hacking News . from Latest Hacking News https://ift.tt/2Hprui2

TikTok and WeChat users in the United States might suffer in the coming days due to the authorities’ latest decision. US Department of Commerce Bans TikTok and WeChat Transactions on Latest Hacking News . from Latest Hacking News https://ift.tt/2FYCEcX

Earlier this year, Mozilla’s file-sharing product Firefox Send made it to the news due to its exploitation for malware distribution. Mozilla Sunsets Firefox Send; Firefox Notes To Follow on Latest Hacking News . from Latest Hacking News https://ift.tt/2G39Ob4

  Microsoft endured a rather rare cyber-security lapse just this month when the company's IT staff incidentally left one of Bing's backend servers exposed on the web.  Discovered by Ata Hakcil, a security researcher at WizCase, only imparted his discoveries to ZDNet the previous week. As per Hakcil's investigation, the server is said to have exposed more than 6.5 TB of log documents containing 13 billion records coming from the Bing search engine. Hakcil said the server was exposed from September 10 to September 16, when he initially had informed the Microsoft Security Response Center (MSRC), and the server was made secure one more time with a password.  The Wizcase researcher had the option to check and re-check his discoveries by finding search queries he performed in the Bing Android app in the server's logs.   Microsoft admitted to committing this mistake and commented last week,  "We've fixed a misconfiguration that caused a small amount of sea...

In the first half of 2020, phishing emails gained popularity among cyber fraudsters. Such conclusions were made by analysts of the Group-IB company. According to the study, attackers in the context of the coronavirus pandemic began to use malicious mailings twice as often in order to get user data to access various popular Internet services. One in three malicious emails sent by fraudsters contained spyware that steals paid data or other important information in order to sell it on the Darknet or blackmail the owner. One of the most popular ways to get personal data of victims through mailing lists is Troyan-Downloader, which, after getting onto a computer through a letter, download other malicious software.  According to experts, the list of malicious software in demand among fraudsters is headed by the banking Trojan RTM, which intercepts data on account details and takes screenshots. The second place is taken by the spyware Loki PWS, which steals usernames and passwords, an...

LockBit, a relatively new Ransomware that was first identified performing targeted attacks by Northwave Security in September 2019 veiled as.ABCD virus. The threat actors behind the ransomware were observed to be leveraging brute-force tactics and evasion-based techniques to infect computers and encrypt files until the victim pays the ransom. LockBit enables attackers to move around a network after compromising it quickly; it exploits SMB, ARP tables, and PowerShell to proliferate the malware through an infected network. The developers rely on third parties to spread the malware via any means the third party devises. After successfully infecting the network, the attacker redirects the victim to a payment site operated by them. The victim is then subjected to threats of data leak until the ransom is paid to the attackers. Modus operandi of the attack The attackers drop the payload that is hidden under the '.text' sections, evading conventional AV's mechanism from...

National Security Adviser Ajit Doval announced that the Union government is set to come up with National Cyber Security Strategy 2020 for guaranteeing a safe, secured, trusted, and resilient cyberspace.  The proposed strategy toward uniting all cybersecurity agencies for making sure about, reinforcing, and synergizing the cybersecurity ecosystem by closely connecting with businesses, citizens, and beyond. That endeavors were being made by adversaries to exploit the crisis in the wake of the pandemic through different misinformation, fake news, and social media campaigns.  "For our adversaries, the huge data floating around in cyberspace is a goldmine for extracting information to undermine the privacy of our citizens and add to the vulnerability of protecting data of our critical information infrastructure, “Mr. Doval said. He said that phishing campaigns utilizing the Coronavirus theme targeted banks, defence, and critical infrastructure during this period.  Mr. Do...

  Recently, India's largest data agency NIC ( National Informatics Center) was hacked by a malware unidentified as of yet. The attack was sent from an email, infiltrating the network and around a hundred computers were affected.  After the attack, the incident was reported to Delhi Police's Special Cell and the case was registered under the Information Technology Act (IT Act). The attack came from an email, which upon opening by an employee - all data from the machine was stolen and encrypted.  The National Informatics Center is a branch of the Ministry of Electronics and Information Technology (MEITY). The NIC is responsible for the government's technical infrastructure and for the implementation and delivery of digital India initiatives. The Institute contained sensitive information related to National Security, India's Citizens, Home Ministry, Security Advisor, and the stolen data could very well harm National Interest.  Upon investigation by Delhi Police...

A new vulnerability named Zerologon has been identified by cybersecurity organization, Secura who tracked the high rated vulnerability as CVE-2020-1472; it allows attackers to gain admin control of a Windows domain, inducing the ability to steal credentials from individual Windows account. In order to exploit Zerologon, the attacker is required to be on the network, access to which can be acquired by various methods such as phishing, drive-by exploits or etc. The attacker disables security features that protect the Netlogen process and change a system's password linked with its Active Directory account. Zerologon exploits a weak cryptographic algorithm used in the Netlogon authentication process, as per the expert findings at Secura. While exploiting the vulnerability and attempting to authenticate against the domain controller, the bug impersonates the identity of any computer on a network and disables security features. In order to obtain domain administrator access to car...