Archive for the ‘Cyber Attack’ Category

EarSpy – A New Attack on Android Devices Use Motion Sensors to Steal Sensitive Data

There has been a new eavesdropping attack developed by a team of security experts for Android devices which has been dubbed “EarSpy.” With the help of this attack, attackers can detect the following things:- Caller’s gender Caller’s identity to various degrees Speech content As part of its exploratory purpose, EarSpy aims to capture motion sensor data readings […]

Leave a Comment

Windows Code-Execution Vulnerability Let Attackers Run Malicious Code Without Authentication

It has recently been discovered by researchers that Windows has a vulnerability that allows code execution that rivals EternalBlue in terms of potential. It is possible for an attacker to execute malicious code without authentication by exploiting this newly-tracked vulnerability CVE-2022-37958.  It is possible to exploit this vulnerability in a wormable way, which can lead to a chain reaction […]

Leave a Comment

ATTACKING ACTIVE DIRECTORY WITH LINUX

Mastering Active Directory: Design, deploy, and protect Active Directory Domain Services for Windows Server 2022

Leave a Comment

Samsung Galaxy Store Flaw Allows Remote Attacker to Run Code on Affected Phones

A security flaw in the Galaxy Store allows attackers to trigger remote code execution on affected smartphones.  The now patched vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain deep links. An independent security researcher has been credited with reporting the issue. Vulnerability Details The […]

Leave a Comment

Why Ports Are at Risk of Cyberattacks

More docked ships bring a new challenge. The longer a ship is docked, the more vulnerable the port is to a cyberattack. Evidence indicates that the world’s ports are returning to pre-pandemic levels. During the first 11 months of 2021, the value of US international freight increased by more than 22% (PDF) compared with the same 11 […]

Leave a Comment

List of Data Breaches and Cyber Attacks in August 2022 – 97 Million Records Breached

August 2022 has been a lesson in being careful with whom you provide sensitive information. In a month that saw the former US president accused of misappropriating classified government documents, there were also a spate of malicious insiders compromising their employer’s systems. Meanwhile, the bastion of password security, LastPass, announced that its systems had been […]

Leave a Comment

How to Protect Your Small Business From Personalized Cyberattacks

Small businesses (SMBs) are increasingly targets of cyberattacks and are often financially devastated by a single successful attack. Even with a significant network of security tools in place, SMBs can be caught off guard by the increasing number of attack methods threat actors choose to employ. However, with the following information, SMBs can safeguard their […]

Leave a Comment

Twilio Hackers Scarf 10K Okta Credentials in Sprawling Supply Chain Attack

The “0ktapus” cyberattackers set up a well-planned spear-phishing effort that affected at least 130 orgs beyond Twilio and Cloudflare, including Digital Ocean and Mailchimp. The hackers who breached Twilio and Cloudflare earlier in August also infiltrated more than 130 other organizations in the same campaign, vacuuming up nearly 10,000 sets of Okta and two-factor authentication […]

Leave a Comment

AWS and Splunk partner for faster cyberattack response

OCSF initiative will give enterprise security teams an open standard for moving and analyzing threat data BLACK HAT AWS and Splunk are leading an initiative aimed at creating an open standard for ingesting and analyzing data, enabling enterprise security teams to more quickly respond to cyberthreats. Seventeen security and tech companies at the Black Hat USA […]

Leave a Comment

Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers

Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 million vehicles. An attacker can […]

Leave a Comment

Red TIM Research discovers a Command Injection with a 9,8 score on Resi

During the bug hunting activity, Red Team Research (RTR) detected 2 zero-day bugs on GEMINI-NET, a RESI Informatica solution. It’s been detected an OS Command Injection, which has been identified from NIST as a Critical one, its score is 9,8.  This vulnerability comes from a failure to check the parameters sent as inputs into the […]

Leave a Comment

List of data breaches and cyber attacks in May 2022 – 49.8 million records breached

Welcome to our May 2022 review of data breaches and cyber attacks. We identified 77 security incidents during the month, resulting in 49,782,129 compromised records. You can find the full list below, with incidents affecting UK organisations listed in bold. Contents Cyber attacks Ransomware Data breaches Financial information Malicious insiders and miscellaneous incidents In other […]

Leave a Comment

How vx-underground is building a hacker’s dream library

Editor’s Note: When malware repository vx-underground launched in 2019, it hardly made a splash in the hacking world. “I had no success really,” said its founder, who goes by the online moniker smelly_vx. But over the last couple of years, the site’s popularity has soared thanks in part to its robust Twitter presence that mixes […]

Leave a Comment

A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems

Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to shut down part of its infrastructure.  Nordex Group, one of the world’s largest manufacturers of wind turbines, was the victim of a cyberattack that forced the company to take down multiple systems. The attack was […]

Leave a Comment

Brokenwire attack, how hackers can disrupt charging for electric vehicles

Boffins devised a new attack technique, dubbed Brokenwire, against the Combined Charging System (CCS) that could potentially disrupt charging for electric vehicles. A group of researchers from the University of Oxford and Armasuisse S+T has devised a new attack technique, dubbed Brokenwire, against the popular Combined Charging System (CCS) that could be exploited by remote […]

Leave a Comment

List of data breaches and cyber attacks in March 2022 – 3.99 million records breached

In March, we discovered 88 publicly disclosed cyber security incidents, accounting for 3,987,593 breached records. That brings the total number of breached records in the first quarter of 2022 to 75,099,482. We’ll be providing more stats from Q1 2022 in our quarterly review of cyber security incidents, which will be published on our website in […]

Leave a Comment

CISA and DoE warns of attacks targeting UPS devices

The US CISA and the Department of Energy issued guidance on mitigating attacks against uninterruptible power supply (UPS) devices. The US Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy published joint guidance on mitigating cyber attacks against uninterruptible power supply (UPS) devices. The US agencies warn of threat actors gaining access to […]

Leave a Comment

US critical infrastructure operators should prepare for retaliatory cyberattacks

The warning “Most of America’s critical infrastructure is owned and operated by the private sector and critical infrastructure owners and operators must accelerate efforts to lock their digital doors,” he noted, and advised those that have not yet done it to harden their cyber defenses by implementing security best practices delineated earlier this year. “[This warning is] […]

Leave a Comment

IOC Resource for Russia-Ukraine Conflict-Related Cyberattacks

IOC Resource for Russia-Ukraine Conflict-Related Cyberattacks – by Trend Micro Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers

Leave a Comment

A cyber attack heavily impacted operations of Expeditors International

American worldwide logistics and freight forwarding company Expeditors International shuts down global operations after cyber attack American logistics and freight forwarding company Expeditors International was hit by a cyberattack over the weekend that paralyzed most of its operations worldwide. Expeditors company has over 18,000 employees worldwide and has annual gross revenue of around $10 billion. The company discovered the attack on […]

Leave a Comment