Cyber Security News

  Cryptocurrency brokerage platform Voyager stopped its operations on 28th December after it suffered a  cyberattack that disrupted its DNS configuration. Voyager Digital LLC is a cryptocurrency is a brokerage platform where an investor can trade their assets with the help of the Voyager mobile app. The company has shown rapid growth in the year 2020, increasing its growth by 40x times in the last 12 months. Not only this, Voyager currently holds under management $200 million in assets. On 28th December, Voyager's online platform had to shut down due to, as per the press release "currently undergoing maintenance."  The company later revealed that it had suffered a cyberattack which led to the closing and canceling of all limit orders. Steve Ehrlich, Co-founder, and CEO of Voyager said in a press release that "customer funds and security are of the utmost importance to Voyager. Whilst all funds and crypto are secure we have had to temporarily halt trading on the pl...

A serious vulnerability affected Google Docs that could allow anyone to steal screenshots of users’ documents. Google fixed the vulnerability Vulnerability In Google Docs Could Allow Hijacking Feedback Screenshots on Latest Hacking News . from Latest Hacking News https://ift.tt/2MnF7kg

The Japanese mechanical giant Kawasaki Heavy Industries Group has recently disclosed a security breach affecting its numerous offices worldwide. The Japanese Giant Kawasaki Admits Security Breach With Potential Data Leak on Latest Hacking News . from Latest Hacking News https://ift.tt/3o5lyuV

The hacker group Lazarus attacked the developers of the coronavirus vaccine: the Ministry of Health and a pharmaceutical company in one of the Asian countries Kaspersky Lab reported that the hacker group Lazarus has launched two attacks on organizations involved in coronavirus research. The targets of the hackers, whose activities were discovered by the company, were the Ministry of Health in one of the Asian countries and a pharmaceutical company. According to Kaspersky Lab, the attack occurred on September 25. Hackers used the Bookcode virus, as well as phishing techniques and compromising sites. A month later, on October 27, the Ministry of Health servers running on the Windows operating system was attacked. In the attack on the Ministry, according to the IT company, the wAgent virus was used. Similarly, Lazarus previously infected the networks of cryptocurrency companies. "Two Windows servers of a government agency were compromised on October 27 by a sophisticated malware ...

One more corporate giant has fallen victim to a devastating cyber attack. The latest victim is the appliances giant Whirlpool Appliances Giant Whirlpool Suffered Ransomware Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/3rDSJba

Researchers have uncovered a huge phishing campaign exploiting Facebook ads and GitHub pages. Through these baits, the attackers targeted over Facebook Ads Phishing Campaign Stole Facebook Credentials Of 615K Users on Latest Hacking News . from Latest Hacking News https://ift.tt/38LbW21

Amidst perhaps the most widespread and impactful cyberattack in history, American businesses and government agencies alike must take a drastically different approach to cybersecurity. Unfortunately, many cybersecurity professionals have become complacent and have become far too dependent on a handful of well-marketed tools designed for yesterday’s threats that underperform against modern attacks. It is far easier for cybersecurity manufacturers to deliver services from their own cloud. It may be less expensive for the vendor but relying on a “trusted 3rd party” for your security is a foundational vulnerability that has been proven to be disastrous for you as a customer. We are currently in a state of cyber-warfare. Nation-states regularly use their practically limitless resources and technical sophistication to overpower companies and government agencies. Cybersecurity professionals need to shift their focus from “indicators of compromise” to data protection, which will limit how wi...

Not only a programmer but also just a specialist with a good knowledge of mathematics can become a hacker in Russia, said the head of Group-IB Ilya Sachkov. The entrepreneur believes that for such people money is a priority. "This is a talented young man, whose task is to earn money and that's all. He is not always well-educated in the humanities, not someone who will cause you sympathy. The priority is money, expensive cars, expensive watches, holidays abroad," said Sachkov. Ten years ago, the career of a hacker was chosen exclusively by students, mostly children from disadvantaged families. However, the situation has changed: this profession is now chosen by those who "live in very rich families, with normal relations between parents". A typical Russian hacker "tries to play Don Corleone", communicates with former or current law enforcement officers, and also looks for political assistants who will explain to him that real Russian hackers steal m...

While smart doorbells are a convenience, they are also vulnerable to cyber attacks. Researchers have discovered numerous popular smart doorbell Multiple Smart Doorbells Found Vulnerable To Cyber Attacks on Latest Hacking News . from Latest Hacking News https://ift.tt/38NMh8K

Customer Relation Management is the full form for CRM software. This software was developed, keeping in mind the CRM strategy. How to choose a CRM software for a real estate company? on Latest Hacking News . from Latest Hacking News https://ift.tt/38BFPBG

Broker Freedom Finance admitted the fact of hacking its internal network and stealing data leaks about 16,000 clients of the company for 2018. The founder and CEO of the company Timur Turlov announced this on Instagram. He called the incident "an extremely unpleasant and shameful incident in information security", which occurred on December 24, and admitted: "We screwed up." According to him, one employee of the company received a phishing email, which he opened and ran on the local machine despite the security warning. "And then all the weak points of our security were revealed," said Turlov. “Cyber ransomware attacked a segment of our internal network and stole some data from the local machines of a number of employees in Russia. These are machines belonging to the employees of a Russian broker that provides access to the Russian stock market and almost the entire data packet is dated 2018,” wrote Turlov on his Instagram. Almost no customers who ope...

While no one can deny the importance of training employees regarding cybersecurity for business, GoDaddy went a bit too far. GoDaddy Apologized For The Insensitive Phishing Test Of Its Staff on Latest Hacking News . from Latest Hacking News https://ift.tt/38E2D3X

A team of researchers from the University of Cambridge, UK, has discovered how smart voice assistants can cause data leak. Voice Assistants Can Store And Leak Texts Typed On Smartphones In Proximity on Latest Hacking News . from Latest Hacking News https://ift.tt/2KKbyZz

Virtualization and SQL Server can go hand in hand, but this is not a combination you should rush to adopt Main areas to consider before implementing a new virtualized SQL server on Latest Hacking News . from Latest Hacking News https://ift.tt/3aTKstX

Are you still using Windows Mobile and are wondering how to download Twitter? If so, you are certainly not alone Twitter Download To Your Computer For Free on Latest Hacking News . from Latest Hacking News https://ift.tt/3rwuTOx

A researcher discovered a highly critical vulnerability affecting the Nintendo 3DS console. Exploiting this bug could allow an adversary to Critical Vulnerability In Nintendo 3DS Console Could Allow MiTM Attacks on Latest Hacking News . from Latest Hacking News https://ift.tt/2X1V7ut

As the holiday season begins, the cybercriminals are working overtime to execute more dangerous cyberattacks. One such incident has recently Livecoin Cryptocurrency Exchange Hacked Losing Control Of All Servers on Latest Hacking News . from Latest Hacking News https://ift.tt/3mQo6LV

Another day, another ransomware attack incident surfaces online. The recent reports refer to the ransomware attack hitting Sangoma Technologies. The Sangoma Technologies Disclose Ransomware Attack – Conti Ransomware Gang Involved on Latest Hacking News . from Latest Hacking News https://ift.tt/3rzYvL8

With every business resorting to online operations today, the threat of working across digitized platforms has increased by multifold. In The Most Dangerous Online Threats Businesses Should Prepare For on Latest Hacking News . from Latest Hacking News https://ift.tt/3nTieD8

The emergence of the digital world paved the way for people to perform various activities online, from browsing to shopping, Here are 7 VPN Reviews on Reddit You Need to Check Out If You’re Looking for a VPN on Latest Hacking News . from Latest Hacking News https://ift.tt/2WPIzWU

The book promotion platform NetGalley has recently suffered a data breach. The site faced a defacement amidst which the attackers Book Promotion Site NetGalley Disclosed Data Breach Following Website Defacement on Latest Hacking News . from Latest Hacking News https://ift.tt/3rwJKsk

On December 25th, Apple users started facing issues in iCloud sign-in in the early morning. The outage that lasted for around 24 hours prevented users from setting up new Apple gadgets and devices; users experienced problems in the activation of Apple Watch, HomePod, iPhone along with several other devices. Reportedly, the problem was caused by an unspecified problem that occurred in Apple's iCloud backend. However, it was only a matter of a day before Apple resolved the issue by the evening of December 26th.  The problem surfaced around 5 a.m. on the day of Christmas, making users wait longer than usual to relish the experience of their Apple product for Christmas. On Friday, while replying to a supposedly eager customer, Apple's support team tweeted acknowledging the customer's eagerness and indicating that the iCloud outage that lasted until Saturday was a result of the heightened demand experienced by the company.   "We know your mom is eager to have everythin...

Signal is known for its robust, seemingly impossible encryption technology for securing users’ data. However, Cellebrite now claims to have Cellebrite Claims To Decrypt Signal App On Android Devices on Latest Hacking News . from Latest Hacking News https://ift.tt/3pomCdC

UK police has arrested 21 malicious actors across the United Kingdom who were the part of nationwide cyber crackdown targeting customers of WeLeakInfo.com. Now-defunct online service which was previously giving access to data hacked from other Networks. According to the National Crime Agency, “those 21 people have been arrested across the Nation as part of an operation targeting customers of an online criminal marketplace were using stolen personal credentials to commit further cyber and fraud offences’’.  All men those have been arrested aged between 18 and 38, out of 21 – 9 people have been detained under Computer Misuse Act offences, another 9 people under for Fraud offences, and remaining 3 under investigation for both the aforementioned. National Crime Agency has also seized £41,000 in bitcoin from the individuals.  As per the sources, the UK National Crime Agency (NCA), the US Federal Bureau of Investigation (FBI), the Netherlands National Police Corps, the Police S...

 Kaspersky Lab and Yandex have identified malicious code in browser extensions. Through them, attackers could gain access to the account in social networks and increase views of videos on various sites Kaspersky Lab and Yandex experts have identified potentially malicious code that pulls more than twenty browser extensions, including Frigate Light, Frigate CDN and SaveFrom. Through extensions, cybercriminals could, unnoticed by the user, gain access to his VKontakte account, and increase video views on various sites. Extensions received tasks from their own server, generated fraud traffic by playing videos in hidden tabs, and intercepted a token for access to the social network. The code was run only when the browser was actively used, activating the built-in detection protection. The investigation began after users of Yandex.Browser began to complain about the sounds of advertising, although the video on the screen was not played. Yandex disabled extensions in Yandex. Browser ...

In a joint operation, the law enforcement authorities from multiple countries recently took down three Bulletproof VPN services. These services Joint LEA Operation Took Down Three Bulletproof VPN Services on Latest Hacking News . from Latest Hacking News https://ift.tt/3pp9KE3

TruKno’s ThreatBoard is a platform that helps security professionals uncover the root causes behind emerging cyber-attacks, Improving proactive defense postures.. TTP Based Threat Intelligence Trukno, a Community-based Threat Intelligence Platform uncovering the root causes behind the latest cyber-attacks, is set to release their open-access beta December 22nd. Every second a new attack in cyberspace takes place, according to a report by Acronis, 32% of all major companies are attacked at least once a day. Unless the outcome of these attacks are notable (like the FireEye breach), the reports of these attacks often get buried in the never-ending flow of new cyber information. These reports, when in the hands of the right people, oftentimes contain valuable intelligence on the Tactics, Techniques, and Procedures used by adversaries. This knowledge can help cyber defenders better assess risk and take proactive measures to prevent these same attack techniques from being effective again...

One more time, TaskRabbit has made it to the news. However, the issue isn’t as severe this time as in TaskRabbit Reset Passwords After Credential Stuffing Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/2KXytAk

Recently, one more business suffered serious disruptions due to a ransomware attack. This time, the victim is Symrise AG that Flavor And Fragrance Giant Symrise AG Hit By Clop Ransomware on Latest Hacking News . from Latest Hacking News https://ift.tt/2KZcokR

Highly critical vulnerabilities existed in Dell Wyse Thin client devices. As discovered, exploiting these bugs could let an adversary take Dell Wyse Thin Client Vulnerabilities Could Allow Device Takeover on Latest Hacking News . from Latest Hacking News https://ift.tt/3rwVriu

  On 24th December, E-Hacking News conducted an interesting interview with Mr. Narendra Bhati , a Bug Bounty Hunter/Ethical Hacker. He was recently awarded a total of $20,500 by Apple Security. Narendra also discovered an Address Bar Spoofing Vulnerability in multiple browsers.   Q.1 Can you please start by introducing yourself to our readers?  My name is Narendra Bhati, I’m a Bug Bounty Hunter and Ethical Hacker. I belong to a small town called Sheoganj in Rajasthan. Currently, I’m working as a lead Pentester in Suma Soft Private Limited for the last 7 years.  Q.2 How do organizations react when you find a bug and go to them?  Especially Google, Apple, and Hacker One, I believe that the response time has been better than the last time. Nowadays, everyone is working from their home and they can look into the issues quickly as they do not have to go to the office, which saves time.  Q.3 On your blog  Web Security Geeks , you posted about a bank...

  As the year is coming to a wrap, the 2020 holiday season is being actively attacked by malicious actors.  In recent months, a steady upsurge has been witnessed in cybercrime related to online shopping as people have increasingly shopped online this year. Security experts have predicted a further spike in cyber scams during the holiday season, especially throughout the month of December.  On Wednesday, Abnormal Security Corporation disclosed that its email security platform has blocked a credential phishing attack that was imitating the U.S. postal service for victims’ credit card credentials. The attack was pursuing recipients for special delivery charges so they can get their delivery within three days.  Companies reported that peoples are approaching fast order delivery and online orders are continuing to pour in, because of this, courier services are facing more pressure from consumers. It's mainly due to the pandemic that online shipping demand ...

  19 tech companies, cybersecurity firms, and non-profits have collaborated with the Institute for Security and Technology (IST) to form a new group called "The Ransomware Task Force" (RTF) to tackle the increasingly destructive and prevalent threat of ransomware. The joint venture includes big names such as Microsoft, McAfee, Rapid7, Cybereason along with other cyber advocacy groups, threat intelligence, think tanks, and research groups   –  The Global Cyber Alliance, The Cyber Threat Alliance, and The CyberPeace Institution, to name a few.    The primary focus of The Ransomware Task Force will be to provide security against Ransomware attacks by engaging various stakeholders in assessing technical solutions and identifying loopholes in already existing solutions. The idea is to work collectively on building a roadmap to address the scope of the threat based on an 'industry consensus' instead of relying upon individual suggestions.     The foundin...

According to Positive Technologies, in 2020, cybercriminals have become increasingly interested in hacking sites: in seven out of ten cases, the purpose of an attack is to gain access to a resource, including for its further sale to another attacker. The company's experts, to find out the most popular targets of hacking sites, examined more than 80 million messages on the ten most active forums in the shadow segment of the Internet, which provide services for hacking sites, buying and selling databases, and accessing web resources. According to Positive Technologies analyst Yan Yurakov, since March 2020, interest in the topic of hacking sites has been identified. He also explained that this trend could lead to an increase in the number of companies represented on the Internet, which was provoked by the pandemic. In seven out of ten requests related to hacking sites, the main goal is to gain access to a web resource. Attackers can not only steal confidential information but also...

The past week was way too hectic for both journalists and the cybersecurity community as the SolarWinds cyber attack caused SolarWinds Cyber Attack – What We Know About It, So Far on Latest Hacking News . from Latest Hacking News https://ift.tt/3piLtzC

The words “stay safe” used to be only applied when couples would reach that next level of intimacy. Nowadays you How to Protect Yourself With a VPN on Latest Hacking News . from Latest Hacking News https://ift.tt/34ESN0m

One of the top scams worldwide is identity theft. With the right information, scammers can go on a campaign of How to Avoid Identity Theft and Other Online Scams on Latest Hacking News . from Latest Hacking News https://ift.tt/3pi82EE

  UK subway market has disclosed that its marketing system has been hacked. The malicious actor was sending TrickBot malware-laden phishing emails to the customers by using its marketing system.  Threat actor successfully accessed subway UK customers' confidential information such as names and email addresses by hacking a subcard server. This campaign has come to light when BleepingComputer observed a massive phishing campaign targeting U.K. citizens, pretending to be order confirmation from subway UK.  According to the researchers, threat actor was distributing malicious Excel documents to the users that would install the updated version of the TrickBot malware into the system. As per the analysis, the downloaded TrickBot malware is a DLL that will be inserted into legitimate Windows Problem Reporting executable directly (wermgr.exe) from memory to avoid being caught by security software and would appear like an authentic task running in the task manager.  Wh...

When it comes to the subject of backing up data, you’ll find a range of opinions, which can be confusing What Is the Safest Backup Option Available to Regular Users on Latest Hacking News . from Latest Hacking News https://ift.tt/34AV3Wm

All types of businesses are targeted by cyberattacks, so just because you run a small business does not mean that How to secure your business from cyberattacks  on Latest Hacking News . from Latest Hacking News https://ift.tt/37GyIZH

Another day, another ransomware attack has made it to the news. This time, the victim firm is a trucking and Trucking And Freight Company Forward Air Suffered Ransomware Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/3rkSIJ7

 Deputy Interior Minister Igor Zubov noted that the number of cybercrimes has increased significantly in the context of the coronavirus pandemic The Ministry of Internal Affairs of Russia organizes cyber police in its structure, the corresponding decision has already been made by the head of the department, Vladimir Kolokoltsev. "Today we can talk about the phenomenon of influence on the mass consciousness of young people in terms of changing their behavior in a destructive way. Therefore, this part of the work requires very serious attention. We are making serious changes directly in our structures. The Minister of Internal Affairs Kolokoltsev Vladimir made the decision on the creation of cyber police, it is a question not of one day, it will take a lot of time, demands both money, and equipment, and changes of qualification of employees" said he. Zubov also noted that in the context of the coronavirus pandemic, the overall crime rate in Russia remained the same, but the...

  iPhones of around 36 Journalists at Al Jazeera news organisation have been hacked by nation-sponsored hackers who sent malware laden iMessages. The attackers who are suspected to be backed by the governments of the United Arab Emirates and Saudi Arabia, exploited a zero-day vulnerability in iMessage which was later fixed by Apple.  In a technical report, experts have stated that the Journalists' iPhones were snooped on by attackers who employed NSO's Pegasus software to deploy spyware onto the iPhones of 36 journalists, executives and producers at the news agency, Al Jazeera.  Pegasus is a modular malware developed by the Israeli firm NSO which is used for surveillance purposes and has also been linked to surveillance abuse at multiple occasions. The spyware allows hosts to remotely monitor and exploit devices. Reportedly, the attack took place invisibly and it didn't require the attackers to trick the victims into clicking on a malicious link – as opposed to conven...

  Trukno: Virtual Threat Intelligence Analyst to launch their Broad Beta Version on 22nd. Every second a new attack in cybersecurity occurs, according to a report by Acronis 32% of companies are attacked at least once a day and to keep up with these threats and attacks is a mind picking process. There are two ways of keeping up with Cyber Security- a) being updated with cyber blogs or b) hiring your own cyber threat analyst. But Trukno is a platform that provides a virtual threat intelligence analyst for people who want to keep up with cybersecurity, be up to date on recent attacks as well as to know the threat actors and attack landscape trend with their syndicated search engine and threat curator.  Set to launch their Broad Beta version on 22nd December, for individuals who are full-time cybersecurity analysts as well as for the majority of people who want to know the how and happenings in cybersecurity in a much faster, easier, and detailed way.  Ehacking news had...

A new zero-day vulnerability in the iOS devices went under exploit for targeting Al-Jazeera journalists. The latest iOS, though, fixes Zero-Click iOS Zero-Day Vulnerability Found Targeting Al-Jazeera Journalists on Latest Hacking News . from Latest Hacking News https://ift.tt/3h7uU6M

FireEye, the cybersecurity firm responsible for finding out about the massive hacking campaign against the US government says that 50 organizations have suffered major breaches from the attack. According to BBC, "Several other organizations around the world, including in the UK, are understood to have been targeted by hackers using the same network management software." FireEye CEO, Kevin Mandia said a total of 18,000 organizations had suffered an attack, out of which 50 have suffered a major data breach.  Among the targets include DHS(Department of Homeland Security), The US Treasury, and state and defenses.  Mike Pompeo, US Secretary of State, says Russia is responsible for the attack. Whereas former US President Donald Trump suspects China behind the cyberattacks. Trump took to Twitter last Saturday and said that he believes China is responsible for the attack against the US. According to FireEye, the hacking breach is very serious and consistent. The US officials believ...

Beginning 2021, Mozilla plans to launch the network partitioning feature with its browser Firefox 85. This new feature will enhance Mozilla To Roll Out Network Partitioning With Firefox 85 on Latest Hacking News . from Latest Hacking News https://ift.tt/3h4KwrA

Another cybersecurity threat is now in the wild aiming at Windows users. Researchers have discovered PyMICROPSIA info-stealing trojan that particularly Info-stealing Trojan PyMICROPSIA Emerges As New Windows Malware on Latest Hacking News . from Latest Hacking News https://ift.tt/34yQYlH

Researchers found numerous third-party extensions on Google Chrome and Microsoft Edge infected with malware. The malware hijacked traffic supposedly for 28 Chrome And Edge Third-Party Extensions Found Infected With Malware on Latest Hacking News . from Latest Hacking News https://ift.tt/2KG0oF5

Here’s one more threat to the security of air-gapped systems that the admins should take care of. Researchers have devised AIR-FI Attack Turns RAM In Air-Gapped Systems Into WiFi To Steal Data on Latest Hacking News . from Latest Hacking News https://ift.tt/3nG47Rm

  The United States is witnessing major cyberattacks, multiple government departments’ agencies are being targeted including treasury and commerce departments, homeland security and now Microsoft is the latest victim of a cyber attack.  The ‘SolarWinds hack’ has emerged as one of the biggest cyberattacks against the US government, its agencies, and several other private companies, so much so that it has been said the world is under global cyber attack.   According to Microsoft’s president, Brad Smith, more victims are expected to surface as investigations continue.  Government departments and private organizations all across the globe are facing difficulties in disabling the compromised SolarWinds products from their systems.  Intelligences investigating the matter, have named the hack ‘Sunburst’, saying that it will take years to fully decipher these cyber-attacks including the attack vectors and the origin. In this regard, Smith further stated, “We sh...

Leveraging the craze the new game has created, threat actors have now begun exploiting the game for malicious activities. As CoderWare Ransomware Masks Itself As Cyberpunk 2077 Mobile Game App on Latest Hacking News . from Latest Hacking News https://ift.tt/3p8R4bu

  A number of organisations have been attacked by what has been chronicled as one of the most severe acts of cyber-espionage in history named "Sunburst", the attackers breached the US Treasury, departments of homeland security, state, defence and the National Nuclear Security Administration (NNSA), part of Department of Energy responsible for safeguarding national security via the military application of nuclear science. While 4 out of 5 victims were US organisations, other targets include the UK, the UAE, Mexico, Canada, Spain, Belgium, and Israel.    The attack came in the wake of the recent state-sponsored attack on the US cybersecurity firm FireEye. The company's CEO, Kevin Mandia said in his blog that the attackers primarily sought information pertaining to certain government customers.     FireEye classified the attack as being 'highly sophisticated and customized; the basis of his 25 years of experience in cybersecurity, Mandia concluded that FireEye ...