Archive for the ‘Hacking’ Category

Hackers hijack Telegram, email accounts in SS7 mobile attack

Hackers with access to the Signaling System 7 (SS7) used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business. Source: Hackers hijack Telegram, email accounts in SS7 mobile attack Telegram SS7 attack

Leave a Comment

Hacker Accessed Network of U.S. Agency and Downloaded Data

An unnamed U.S. federal agency was hit with a cyber-attack after a hacker used valid access credentials, authorities said on Thursday. While many details of the hack weren’t revealed, federal authorities did divulge that the hacker was able to browse directories, copy at least one file and exfiltrate data, according to the Cybersecurity & Infrastructure […]

Leave a Comment

Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000

Nearly 2,000 e-commerce shops pwned over weekend so it’s time to migrate Source: Russian hacker selling how-to vid on exploiting unsupported Magento installations to skim credit card details for $5,000 Thousands of e-commerce stores built using Magento 1 have been poisoned with malicious code that steals customers’ bank card information as they enter their details […]

Leave a Comment

CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs

CISA says attacks have started a year ago and some have been successful. Source: CISA: Chinese state hackers are exploiting F5, Citrix, Pulse Secure, and Exchange bugs | ZDNet Chinese Hackers Working w/ Ministry of State Security Charged w/ Global Computer Intrusion Campaign The Hacker and the State: Cyber Attacks and the New Normal of […]

Leave a Comment

Hackers are backdooring QNAP NAS devices with 3-year old RCE bug

Hackers are scanning for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions, trying to exploit a remote code execution (RCE) vulnerability addressed by QNAP in a previous release. Source: Hackers are backdooring QNAP NAS devices with 3-year old RCE bug CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malwareQSnatch […]

Leave a Comment

The Best DEF CON Talks Of All Time!

As the title of this post suggests we’ve sourced what we believe to be the best DEF CON presentations from 1993 to the present day. For those that don’t know, DEF CON is literally the ‘poster-child’ Source: The Best DEF CON Talks Of All Time!

Leave a Comment

Mozilla offers rewards for Bypassing Firefox Exploit Mitigations

Mozilla has expanded its bug bounty program including rewards for bypass methods for the exploit mitigations and security features in Firefox. Source: Mozilla offers rewards for Bypassing Firefox Exploit Mitigations Why Firefox is the best browser for privacy and how to configure things properly

Leave a Comment

Hacked government, college sites push malware via fake hacking tools

A large scale hacking campaign is targeting governments and university websites to host articles on hacking social network accounts that lead to malware and scams. Some of the sites targeted in this campaign belong to government sites for San Diego, Colorado, Minnesota, as well as sites for UNESCO, the National Institutes of Health (nih.gov), National […]

Leave a Comment

So you’ve decided you want to write a Windows rootkit. Good thing this chap’s just demystified it in a talk

Demirkapi shows how drivers can be misused for deep pwnage DEF CON Writing a successful Windows rootkit is easier than you would think. All you need is do is learn assembly and C/C++ programming, plus exploit development, reverse engineering, and Windows internals, and then find and abuse a buggy driver, and inject and install your rootkit, […]

Leave a Comment

Hackers abuse lookalike domains and favicons for credit card theft

Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Source: Hackers abuse lookalike domains and favicons for credit card theft Credit Card Scammers on the Dark Web Preventing Credit Card Fraud: A Complete Guide for Everyone from Merchants to Consumers PCI Compliance Download a Security Risk Assessment Steps […]

Leave a Comment

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

More than 130 security researchers and developers are ready to showcase their work. Source: 11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface Explore InfoSec Hacking Download a Security Risk Assessment Steps paper!

Leave a Comment

Twitter says a spear phishing attack led to the huge bitcoin scam

Twitter shared an update in a blog post and tweets Thursday night. Source: Twitter says a spear phishing attack led to the huge bitcoin scam Twitter Says It Knows How Hackers Gained Access What is spear phishing? Phishing Scams Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take an […]

Leave a Comment

Hacker leaks 386 million user records from 18 companies for free

A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. Source: Hacker leaks 386 million user records from 18 companies for free

Leave a Comment

Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Attackers increasingly try to confuse and bypass machine-learning systems. So the companies that deploy them are getting creative. Source: Facebook’s ‘Red Team’ Hacks Its Own AI Programs

Leave a Comment

Apple starts giving ‘hacker-friendly’ iPhones to top bug hunters

These special ‘research’ iPhones will come with specific, custom-built iOS software with features that ordinary iPhones don’t have. Starting today, the company will start loaning these special research iPhones to skilled and vetted researchers that meet the program’s eligibility. Source: Apple starts giving ‘hacker-friendly’ iPhones to top bug hunters Apple Offering $1 Million Bounty If […]

Leave a Comment

Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices

The list was shared by the operator of a DDoS booter service. the list was compiled by scanning the entire internet for devices that were exposing their Telnet? port (23). Telnet sends password as plain text. we are still using clear text protocols in 2020? The hacker then may try using factory default usernames and […]

Leave a Comment

A hacker is selling details of 142 million MGM hotel guests on the dark web

EXCLUSIVE: The MGM Resorts 2019 data breach is much larger than initially reported. Source: A hacker is selling details of 142 million MGM hotel guests on the dark web | ZDNet According to the ad, the hacker is selling the details of 142,479,937 MGM hotel guests for a price just over $2,900. The hacker claims […]

Leave a Comment

A hacker gang is wiping Lenovo NAS devices and asking for ransoms

Ransom notes signed by ‘Cl0ud SecuritY’ hacker group are being found on old LenovoEMC NAS devices. Source: A hacker gang is wiping Lenovo NAS devices and asking for ransoms | ZDNet Dealing with a Ransomware Attack: A full guide A Beginner’s Guide to Protecting and Recovering from Ransomware Attacks Download a Security Risk Assessment Steps […]

Leave a Comment

Digital Downfall: Technology, Cyberattacks and the End of the American Republic

Digital Downfall: Technology, Cyberattacks and the End of the American Republic… Source: Digital Downfall: Technology, Cyberattacks and the End of the American Republic: Is America on the brink of civil war? Could foreign cyber plots turn Americans against one another and cause a disastrous domestic conflict? What would happen if the lights went out and […]

Leave a Comment

Hackers steal secrets from US nuclear missile contractor

Cyber extortionists have stolen sensitive data from a company which supports the US Minuteman III nuclear deterrent. Source: Hackers steal secrets from US nuclear missile contractor Download a Security Risk Assessment steps paper! Subscribe to DISC InfoSec blog by Email

Leave a Comment