Archive for the ‘Hacking’ Category

Hacked government, college sites push malware via fake hacking tools

A large scale hacking campaign is targeting governments and university websites to host articles on hacking social network accounts that lead to malware and scams. Some of the sites targeted in this campaign belong to government sites for San Diego, Colorado, Minnesota, as well as sites for UNESCO, the National Institutes of Health (nih.gov), National […]

Leave a Comment

So you’ve decided you want to write a Windows rootkit. Good thing this chap’s just demystified it in a talk

Demirkapi shows how drivers can be misused for deep pwnage DEF CON Writing a successful Windows rootkit is easier than you would think. All you need is do is learn assembly and C/C++ programming, plus exploit development, reverse engineering, and Windows internals, and then find and abuse a buggy driver, and inject and install your rootkit, […]

Leave a Comment

Hackers abuse lookalike domains and favicons for credit card theft

Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Source: Hackers abuse lookalike domains and favicons for credit card theft Credit Card Scammers on the Dark Web Preventing Credit Card Fraud: A Complete Guide for Everyone from Merchants to Consumers PCI Compliance Download a Security Risk Assessment Steps […]

Leave a Comment

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

More than 130 security researchers and developers are ready to showcase their work. Source: 11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface Explore InfoSec Hacking Download a Security Risk Assessment Steps paper!

Leave a Comment

Twitter says a spear phishing attack led to the huge bitcoin scam

Twitter shared an update in a blog post and tweets Thursday night. Source: Twitter says a spear phishing attack led to the huge bitcoin scam Twitter Says It Knows How Hackers Gained Access What is spear phishing? Phishing Scams Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take an […]

Leave a Comment

Hacker leaks 386 million user records from 18 companies for free

A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. Source: Hacker leaks 386 million user records from 18 companies for free

Leave a Comment

Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Attackers increasingly try to confuse and bypass machine-learning systems. So the companies that deploy them are getting creative. Source: Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Leave a Comment

Apple starts giving ‘hacker-friendly’ iPhones to top bug hunters

These special ‘research’ iPhones will come with specific, custom-built iOS software with features that ordinary iPhones don’t have. Starting today, the company will start loaning these special research iPhones to skilled and vetted researchers that meet the program’s eligibility. Source: Apple starts giving ‘hacker-friendly’ iPhones to top bug hunters Apple Offering $1 Million Bounty If […]

Leave a Comment

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

The list was shared by the operator of a DDoS booter service. the list was compiled by scanning the entire internet for devices that were exposing their Telnet? port (23). Telnet sends password as plain text. we are still using clear text protocols in 2020? The hacker then may try using factory default usernames and […]

Leave a Comment

A hacker is selling details of 142 million MGM hotel guests on the dark web

EXCLUSIVE: The MGM Resorts 2019 data breach is much larger than initially reported. Source: A hacker is selling details of 142 million MGM hotel guests on the dark web | ZDNet According to the ad, the hacker is selling the details of 142,479,937 MGM hotel guests for a price just over $2,900. The hacker claims […]

Leave a Comment

A hacker gang is wiping Lenovo NAS devices and asking for ransoms

Ransom notes signed by ‘Cl0ud SecuritY’ hacker group are being found on old LenovoEMC NAS devices. Source: A hacker gang is wiping Lenovo NAS devices and asking for ransoms | ZDNet Dealing with a Ransomware Attack: A full guide A Beginner’s Guide to Protecting and Recovering from Ransomware Attacks Download a Security Risk Assessment Steps […]

Leave a Comment

Digital Downfall: Technology, Cyberattacks and the End of the American Republic

Digital Downfall: Technology, Cyberattacks and the End of the American Republic… Source: Digital Downfall: Technology, Cyberattacks and the End of the American Republic: Is America on the brink of civil war? Could foreign cyber plots turn Americans against one another and cause a disastrous domestic conflict? What would happen if the lights went out and […]

Leave a Comment

Hackers steal secrets from US nuclear missile contractor

Cyber extortionists have stolen sensitive data from a company which supports the US Minuteman III nuclear deterrent. Source: Hackers steal secrets from US nuclear missile contractor Download a Security Risk Assessment steps paper! Subscribe to DISC InfoSec blog by Email

Leave a Comment

Microsoft IIS servers hacked by Blue Mockingbird to mine Monero

This month news broke about a hacker group, namely Blue Mockingbird, exploiting a critical vulnerability in Microsoft IIS servers to plant Monero (XMR) cryptocurrency miners on compromised machines. Source: Microsoft IIS servers hacked by Blue Mockingbird to mine Monero Download a Security Risk Assessment Checklist paper! Subscribe to DISC InfoSec blog by Email

Leave a Comment

It’s not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously

GRU crew actively exploit hole – but you it patched months ago, right? Source: It’s not every day the NSA publicly warns of attacks by Kremlin hackers – so take this critical Exim flaw seriously Russian hackers stole NSA data Inside Russia’s Hacker Underworld HBO What to Do About Cyberattacks Get a Cyber Aware Cheat […]

Leave a Comment

Blue Team Cheat Sheets

  Blue Team Cheat Sheets Open a PDF file The best practice guide for an effective infoSec function. Cyber Security Fundamentals: What is a Blue team?   Subscribe to DISC InfoSec blog by Email

Leave a Comment

Chinese spies stole NSA hacking tools, report finds

In the report, the cybersecurity company Symantec claims that a Chinese hacker group associated with Chinese government intelligence conducted a hacking campaign using a tool that at the time was only known to be the property of the NSA. Source: Chinese spies stole NSA hacking tools, report finds Enter your email address: Delivered by FeedBurner

Leave a Comment

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here’s a detailed analysis by Bitdefender of an attack on one bank. Source: From phish to network compromise in two hours: How Carbanak operates

Leave a Comment

Flipboard says hackers stole user details | ZDNet

Extent of the hack is unknown, but Flipboard said hackers had access to its systems for almost nine months. Source: Flipboard says hackers stole user details | ZDNet Flipboard confirms database hack, resets all user passwords InfoSec Breaches  Subscribe in a reader

Leave a Comment

Hacking the ‘Unhackable’ eyeDisk USB stick with Wireshark

The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way. Source: Hacking the ‘Unhackable’ eyeDisk USB stick with Wireshark  Subscribe in a reader

Leave a Comment