hackers
-
Blog
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and reported it to Fortinet, but…
Read More » -
Blog
US indicts Snowflake hackers who extorted $2.5 million from 3 victims
The U.S. Department of Justice has unsealed the indictment against two suspected Snowflake hackers, who breached more than 165 organizations using the services of the Snowflake cloud storage company. Connor Riley Moucka and John Erin Binns are accused of using credentials, obtained with the help of info-stealing malware, to hijack Snowflake accounts that were not protected by multi-factor authentication Moucka…
Read More » -
Blog
MA tax preparer and accountant pays ransom after hackers steal private info of 70K clients
Massachusetts accounting firm Bookkeeping & Business Services (BBS) this week confirmed it notified 70,168 people about a December 2023 data breach that compromised clients’ private medical and tax information. What info was compromised depends on whether the victim is a medical billing client or tax preparation client. For tax preparation clients, the breached info can include: Name Social Security number…
Read More » -
Blog
Hackers now use ZIP file concatenation to evade detection
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them. The technique exploits the different methods ZIP parsers and archive managers handle concatenated ZIP files. This new trend was spotted by Perception Point, who discovered a a concatentated ZIP archive hiding a trojan while analyzing a phishing attack…
Read More » -
Blog
Unpatched Mazda Connect bugs let hackers install persistent malware
Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. The security issues remain unpatched and some of them are command injection flaws that could be leveraged to obtain unrestricted access to vehicle networks, potentially impacting the car’s operation and safety. Vulnerability details…
Read More » -
Blog
Nokia says hackers leaked third-party app source code
Nokia’s investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted. The statement comes in response to threat actor IntelBroker earlier this week releasing data belonging to Nokia, allegedly stolen after breaching a third-party vendor’s server. The hacker tried to…
Read More » -
Blog
North Korean hackers use new macOS malware against crypto firms
North Korean threat actor BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. Researchers are calling the campaign Hidden Risk and say that it lures victims with emails that share fake news about the latest activity in the cryptocurrency sector. The malware deployed in these attacks relies on a novel persistence mechanism on macOS that…
Read More » -
Blog
IT certifications for cloud architects, data security engineers, and ethical hackers yield the biggest pay boosts – Computerworld
“While learning new technology skills is vital, the ability for employees to demonstrate practical expertise through industry-recognized certifications is increasingly valued,” Gartner said. “Though they may not be a mandatory prerequisite for every position, certifications can empower individuals and organizations alike.” “Our data suggests that tech professionals skilled in cloud computing, security, data privacy, and risk management, as well as…
Read More » -
Blog
Cisco bug lets hackers run commands as root on UWRB access points
Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. Tracked as CVE-2024-20418, this security flaw was found in Cisco’s Unified Industrial Wireless Software’s web-based management interface. Unauthenticated threat actors can exploit it in low-complexity command injection attacks that…
Read More » -
Blog
Hackers increasingly use Winos4.0 post-exploitation kit in attacks
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. The toolkit is the equivalent of Sliver and Cobalt Strike post-exploitation frameworks and it was documented by Trend Micro this summer in a report on attacks against Chinese users. At the time, a threat actor tracked as Void Arachne/Silver Fox lured victims with offers of various…
Read More »