menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

1M

read

114

img
dot

Image Credit: Securityaffairs

U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp vulnerability to its Known Exploited Vulnerabilities catalog.
  • SimpleHelp vulnerability, tracked as CVE-2024-57727, allows unauthenticated path traversal, giving attackers access to sensitive data from the server.
  • Arctic Wolf reports an ongoing campaign targeting SimpleHelp servers by exploiting the vulnerabilities disclosed by Horizon3.
  • CISA orders federal agencies to fix the SimpleHelp vulnerability by March 6, 2025.

Read Full Article

like

6 Likes

share

1 Share

source image

Securityaffairs

1M

read

127

img
dot

Image Credit: Securityaffairs

China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws

  • China-linked APT group Salt Typhoon breached U.S. telecom providers by exploiting Cisco IOS XE flaws CVE-2023-20198 and CVE-2023-20273.
  • The vulnerabilities allowed the attackers to gain admin privileges on routers and escalate to root, potentially exfiltrating data.
  • The attacks targeted ISPs in the U.S., Italy, a U.K.-affiliated U.S. telecom, and providers in South Africa and Thailand.
  • RedMike used GRE tunnels on compromised Cisco devices for persistence, evasion, and data exfiltration.
  • APT Salt Typhoon, also known as FamousSparrow and GhostEmperor, targeted government entities and telecoms since 2019.
  • The group breached nine U.S. telecoms, including Charter Communications and Windstream, exploiting network device vulnerabilities.
  • White House confirmed China-linked APT Salt Typhoon's cyberespionage campaign targeting telco firms globally.
  • China accessed metadata but no classified info was compromised; Neuberger revealed China targeted government and political figures.
  • Global warnings were issued against PRC-linked cyber espionage targeting telecom networks; measures advised to strengthen network security.
  • Bejing denied responsibility for the hacking campaign as efforts were made to secure networks post cyberespionage attempts.

Read Full Article

like

7 Likes

share

1 Share

source image

Medium

1M

read

31

img
dot

Mastering Ethical Hacking in 2025: An Advanced Guide for Cybersecurity & Experts and Military…

  • Kashyap Divyansh is a Certified Ethical Hacker (CEH) and Cybersecurity Expert.
  • He shares advanced cybersecurity methodologies for professionals.
  • He lists various cutting-edge cybersecurity tools and technologies.
  • He discusses military-grade cyber operations and the future of ethical hacking.

Read Full Article

like

1 Like

share

Share

source image

Securityaffairs

1M

read

63

img
dot

Image Credit: Securityaffairs

Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

  • Threat actors are exploiting a zero-day SQL injection vulnerability in PostgreSQL, according to researchers from cybersecurity firm Rapid7.
  • The vulnerability, tracked as CVE-2025-1094, is an SQL injection issue in PostgreSQL's psql tool caused by improper neutralization of quoting syntax in libpq functions.
  • This flaw allows attackers to inject malicious SQL commands and potentially achieve remote code execution.
  • PostgreSQL has released patches in versions 17.3, 16.7, 15.11, 14.16, and 13.19 to address the vulnerability.

Read Full Article

like

3 Likes

share

Share

source image

Securityaffairs

1M

read

393

img
dot

Image Credit: Securityaffairs

Valve removed the game PirateFi from the Steam video game platform because contained a malware

  • Valve removed the game PirateFi from the Steam video game platform because it contained a Windows malicious code to steal browser cookies and hijack accounts.
  • Affected users were warned to fully reformat their operating systems to remove the threat.
  • The game PirateFi was flagged by multiple antivirus as Trojan.Win32.Lazzzy.gen.
  • It is estimated that over 800 users may have downloaded the game.

Read Full Article

like

23 Likes

share

5 Shares

source image

Hackingblogs

1M

read

302

img
dot

Image Credit: Hackingblogs

Hacker Finds Critical Bug Allowing Access to Private Emails of Any YouTube Channel – $10,633 Bounty

  • Brutecat, a researcher, discovered a critical bug that allows access to the private emails of any YouTube channel.
  • YouTube awarded Brutecat a $10,000 bounty for finding the bug.
  • The bug involves leaking Google account IDs on YouTube, particularly through the blocklist and live chat context menus.
  • The solution proposed is for YouTube to secure backend services and ensure Gaia IDs are not available through these APIs.

Read Full Article

like

18 Likes

share

4 Shares

source image

Hackers-Arise

1M

read

288

img
dot

Image Credit: Hackers-Arise

Vagrant: Building Secure Testing Environments

  • Vagrant simplifies creating and managing virtual machines by automating the process through configuration files, known as Vagrantfiles.
  • Key concepts include boxes (package format for Vagrant environments), Vagrantfiles (describe machine configurations), providers (virtualization software), and provisioners (for automating installation and configuration).
  • To begin using Vagrant, install both Vagrant and a virtualization provider like VirtualBox, create a Vagrant environment with 'vagrant init', and start it with 'vagrant up'.
  • Common Vagrant commands include 'vagrant up', 'vagrant halt', 'vagrant reload', 'vagrant ssh', and 'vagrant status' for managing virtual machines.
  • Customizing Vagrant environments is flexible with options like specifying resources, setting up networks, and automating software installations.
  • For cybersecurity use cases, Vagrant provides a secure platform for creating and managing vulnerable virtual machines for testing and learning purposes.
  • Security best practices include using private networks, limiting shared folders, and taking snapshots for quick restoration to known states on vulnerable machines.
  • Vagrant offers a safe environment for practicing security concepts, enabling users to immerse themselves in cybersecurity while protecting their host system.

Read Full Article

like

17 Likes

share

4 Shares

source image

Securityaffairs

1M

read

146

img
dot

Image Credit: Securityaffairs

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

  • Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies.
  • Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies, especially during active periods of local conflicts.
  • Unmanned Aerial Vehicles (UAVs) have become integral to modern military operations, leading to increased focus on counter-UAV (C-UAV) technologies.
  • Foreign actors show a significant interest in UAV and counter-UAV technologies, and there has been an observed increase in foreign actors involved in science and technology and drone engineering.

Read Full Article

like

8 Likes

share

2 Shares

source image

TechCrunch

1M

read

196

img
dot

Image Credit: TechCrunch

Valve removes Steam game that contained malware

  • Valve removed a game called PirateFi from the Steam platform due to the presence of malware.
  • Affected users were advised to consider reformatting their operating system to ensure removal of any malicious software.
  • The specific type of malware was not disclosed by Valve.
  • Malware targeting gamers is attractive to hackers due to the deep access gaming apps have to users' devices.

Read Full Article

like

11 Likes

share

2 Shares

source image

Securityaffairs

1M

read

123

img
dot

Image Credit: Securityaffairs

China-linked APTs’ tool employed in RA World Ransomware attack

  • Threat actors linked to China deployed a tool associated with China-based APT groups in the November 2024 RA World ransomware attack on an Asian software firm.
  • The attack suggests that the threat actor may be acting independently as a ransomware operator.
  • The tools used in the attack are commonly associated with China-based espionage groups, indicating a potential link to cyber espionage.
  • There is a possibility that the attacker used the ransomware attack as a diversion, but failed to hide espionage tools, and actively pursued ransom negotiations.

Read Full Article

like

7 Likes

share

1 Share

source image

TechCrunch

1M

read

182

img
dot

Image Credit: TechCrunch

Spyware maker caught distributing malicious Android apps for years

  • Italian spyware maker SIO has been distributing malicious Android apps, disguised as popular apps like WhatsApp, to steal private data from targets.
  • Security researchers confirmed that the spyware, called Spyrtacus, can steal messages, data, record calls, and capture audio and images.
  • SIO sells spyware to the Italian government, targeting individuals through these malicious apps posing as legitimate services.
  • The spyware campaign involved distributing phony apps related to popular cellphone providers and bypassing Google Play Store detection.
  • Google confirmed no Spyrtacus-containing apps are on Google Play since 2022 and described the spyware's use as part of a 'highly targeted campaign.'
  • SIO joins a legacy of Italian spyware companies like Hacking Team, with SIO's Spyrtacus detected in the wild since 2019.
  • SIO is linked to ASIGINT, associated with command-and-control servers managing Spyrtacus, alongside other Italian spyware makers like Cy4Gate.
  • The Spyrtacus spyware reveals traces of Neapolitan origin, hinting at developers from the Naples region behind its creation.
  • Italian spyware companies have previously left regional clues in their spyware, as seen with eSurv, another Calabrian spyware maker.
  • Unanswered questions remain about the government customer behind Spyrtacus and the targets affected by this malicious spyware.

Read Full Article

like

11 Likes

share

2 Shares

source image

Securityaffairs

1M

read

301

img
dot

Image Credit: Securityaffairs

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

  • A subgroup of the Russia-linked Seashell Blizzard APT group (aka Sandworm) ran a global multi-year initial access operation called BadPilot.
  • Microsoft shared findings on research on a subgroup of the Russia-linked APT group Seashell Blizzard behind the global BadPilot campaign, which compromises infrastructure to support Russian cyber operations.
  • The subgroup of Seashell Blizzard APT group compromised multiple Internet-facing infrastructures to enable persistence in the networks of high-value targets and support tailored network operations.
  • The subgroup exploited known vulnerabilities on network perimeters of small office/home office (SOHO) and enterprise networks to maintain persistence and gain access to targets.

Read Full Article

like

18 Likes

share

4 Shares

source image

TechCrunch

1M

read

160

img
dot

Image Credit: TechCrunch

China’s Salt Typhoon hackers continue to breach telecom firms despite US sanctions

  • The Chinese government-linked hacking group, Salt Typhoon, continues to breach telecommunications providers despite recent US sanctions.
  • Salt Typhoon, also known as RedMike, breached five telecommunications firms between December 2024 and January 2025.
  • The group previously hacked into US phone and internet giants, gaining access to private communications of senior US government officials.
  • Recorded Future expects Salt Typhoon to continue targeting US and other telecommunications providers.

Read Full Article

like

9 Likes

share

2 Shares

source image

Securityaffairs

1M

read

420

img
dot

Image Credit: Securityaffairs

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

  • The Sarcoma ransomware group claims to have breached the Taiwanese PCB manufacturer Unimicron and threatens to release the stolen data if no ransom is paid.
  • Unimicron Technology Corporation is a key supplier in the semiconductor and electronics industries, providing critical components for products such as smartphones and computers.
  • The company confirmed a ransomware attack on its subsidiary in January 2025 and is currently investigating the breach.
  • Sarcoma ransomware group has claimed to have stolen 377 GB of SQL files and documents from Unimicron.

Read Full Article

like

25 Likes

share

5 Shares

source image

Hackingblogs

1M

read

169

img
dot

Image Credit: Hackingblogs

Microsoft’s Patch Tuesday Patched 63 Vulnerabilities Out Of Which 3 Are Actively Exploited: CIA Releases Advisory

  • Microsoft released its latest Patch Tuesday, addressing 63 vulnerabilities across its software products, with 3 actively exploited in the wild.
  • Two zero-day vulnerabilities were fixed by Microsoft, with updates available for the actively exploited ones.
  • Federal agencies have until March 4th to implement mitigations for these vulnerabilities.
  • Of the 63 vulnerabilities, 3 were classified as Critical, 57 as Important, 1 as Moderate, and 2 as Low in severity.
  • One of the critical vulnerabilities was in the Windows Ancillary Function Driver for WinSock, allowing attackers to gain SYSTEM privileges.
  • Another critical vulnerability was in the Windows Lightweight Directory Access Protocol (LDAP) for remote code execution.
  • The CISA advisory emphasizes the urgency of addressing these vulnerabilities to protect against cyber threats.
  • A remote code execution vulnerability in Microsoft High Performance Compute (HPC) Pack was identified as the most severe in the update.
  • Federal agencies are urged to remediate known exploited vulnerabilities promptly, as highlighted by CISA's Binding Operational Directive.
  • The severity ratings, exploit statuses, and types of various vulnerabilities patched by Microsoft were detailed in the update.

Read Full Article

like

10 Likes

share

2 Shares

Prev

20
21
22
23
24
25
26
27
28
29
30

Next

For uninterrupted reading, download the app