menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

1M

read

435

img
dot

Image Credit: Securityaffairs

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

  • Threat actors are using Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores.
  • GTM is a free tool that simplifies analytics and ad tracking for website owners.
  • The e-skimmer malware is hidden in a website's database and disguised as GTM and Google Analytics scripts to evade detection.
  • The malware collects credit card data filled in during the checkout process and sends it to attackers' control server.

Read Full Article

like

26 Likes

share

6 Shares

source image

NullTX

1M

read

425

img
dot

Image Credit: NullTX

Scam Alert: Fraudulent Links and Fake Verification Pages Target Crypto Users

  • An investigation by Scam Sniffer has recently uncovered a cryptocurrency user scam that is way too sophisticated.
  • The scam targets the basic details of well-known tokens and uses them to lure in victims with the promise of fake trading opportunities manipulated by the scammers.
  • The newest find has triggered warning signals in the crypto society and is underscoring how scammers are now using a more subtle and effective approach to defraud their victims.
  • One of the well-known tokens affected in this way is the $CAR token.
  • The links are set up to steal personal information; or, if a user’s computer is not already compromised, install software that will defeat whatever defenses the user has.
  • The harmful links were being disseminated by the well-known Telegram chat group caronsolanas, which revolves around conversations related to Solana projects.
  • The scam looks exactly like Cloudflare’s captcha verification system and is intended to mislead users into thinking that they are completing a normal security procedure.
  • The scammers are not only using this new method as a direct attack on individual users; they are also directly harming the platforms and services we all use.
  • This scam is part of a larger trend involving more and more sophisticated phishing attacks in the crypto space.
  • It is all the more important for crypto users to be on alert and to work with a virtual currency world that pays them the respect of cons-free sophistication.

Read Full Article

like

25 Likes

share

5 Shares

source image

Securityaffairs

1M

read

425

img
dot

Image Credit: Securityaffairs

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

  • Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites.
  • The police arrested four European citizens in Phuket, Thailand, who are suspected to have stolen over $16 million through ransomware attacks affecting over 1,000 victims worldwide.
  • The gang compromised at least 17 Swiss companies using the Phobos ransomware between April 2023 and October 2024.
  • The 8Base ransomware group has been active since March 2022, targeting small and medium-size businesses in various industries.

Read Full Article

like

25 Likes

share

5 Shares

source image

Medium

1M

read

210

img
dot

Image Credit: Medium

The Hunt for the Xbox Hackers

  • A high-stakes game of cat and mouse has been playing out in the shadowy corners of the internet, as hackers target the Xbox gaming console.
  • The Xbox Underground, a notorious group of hackers, infiltrated Microsoft's networks in the early 2010s, aiming for more than just free games or cheats.
  • They targeted Microsoft's gaming infrastructure, stealing unreleased software, accessing development tools, and attempting to sell stolen intellectual property to competitors.
  • At their peak, the Xbox Underground caused millions of dollars in damages.

Read Full Article

like

12 Likes

share

2 Shares

source image

Securityaffairs

1M

read

398

img
dot

Image Credit: Securityaffairs

Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’

  • Apple released emergency security updates to address a zero-day vulnerability exploited in highly sophisticated attacks.
  • The vulnerability allowed attackers to disable the USB Restricted Mode on a locked device.
  • The USB Restricted Mode is a security feature that protects devices from unauthorized access via the Lightning port.
  • Apple fixed the vulnerability with improved state management in iOS 18.3.1 and iPadOS 18.3.1.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securityaffairs

1M

read

261

img
dot

Image Credit: Securityaffairs

HPE is notifying individuals affected by a December 2023 attack

  • HPE is notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors.
  • The Midnight Blizzard (aka APT29, SVR group, Cozy Bear, Nobelium, BlueBravo, and The Dukes) group along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.
  • HPE investigation revealed that the attackers gained access to the company environment and exfiltrated data since May 2023.
  • The IT giant determined that the intrusion is likely linked to another attack conducted by the same APT group, of which they were notified in June 2023.
  • HPE emphasized that, as of the filing date, the incident has not significantly affected its operations.
  • Microsoft warned that some of its corporate email accounts were compromised by the same Russia-linked group Midnight Blizzard.
  • HPE recently confirmed that the incident was contained and remediated, but confirmed that threat actors gained access data from compromised mailboxes.
  • With the assistance of e-discovery specialists, HPE conducted a thorough review of the data at issue to identify the types of information that may have been subject to unauthorized access and determine to whom this information relates.
  • On February 5, 2025, HPE also notified the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) that Social Security numbers, driver’s license information, and credit or debit card numbers belonging to ten MA Residents were breached.
  • At the time of this writing, the company has yet to reveal how many individuals are affected in total.

Read Full Article

like

15 Likes

share

3 Shares

source image

Hackers-Arise

1M

read

59

img
dot

Image Credit: Hackers-Arise

Malware Analysis: Process Injection in the REMCOS RAT

  • Process injection is one of those stealthy techniques malware loves to use to stay under the radar.
  • This post walks you through an actual malware sample that uses process injection, breaking down how it works.
  • By injecting malicious code into legitimate processes, attackers can hide in plain sight, making detection a real challenge.
  • Process injection is a technique used by malware to execute code within the address space of another legitimate process. This allows attackers to evade detection by blending malicious activity with trusted system processes.
  • Common injection methods include Remote Thread Injection, Process Hollowing, APC Injection, and DLL Injection, each leveraging system APIs to manipulate memory and execution flow.
  • By injecting code into a legitimate process, malware can bypass security mechanisms, hide from forensic tools, and maintain persistence.
  • In this post, we'll go step by step, looking at how the injection happens, what's going on under the hood, and how we can spot it using the right tools.
  • The article discusses the malware sample named REMCOS RAT (Remote Control & Surveillance), that is used for stealthy remote control, data exfiltration, and persistence on compromised systems
  • The functions CreateToolhelp32Snapshot, Process32First, and Process32Next are commonly used in the initial reconnaissance phase of malware that performs process injection.
  • VirtualAllocEx is a Windows API function that allows a process to allocate memory in the address space of another process. It is commonly used in legitimate applications for interprocess communication, but it is also frequently abused by malware for Process Injection techniques.

Read Full Article

like

3 Likes

share

Share

source image

Securityaffairs

1M

read

362

img
dot

Image Credit: Securityaffairs

XE Group shifts from credit card skimming to exploiting zero-days

  • The cybercrime group XE Group has transitioned from credit card skimming to targeted information theft.
  • XE Group has shifted its focus to exploiting zero-day vulnerabilities in supply chain attacks.
  • The group used a VeraCore zero-day to deploy reverse shells and web shells in recent attacks.
  • XE Group employs advanced tactics, including supply chain attacks and obfuscated executables disguised as PNG files.

Read Full Article

like

21 Likes

share

5 Shares

source image

Securityaffairs

1M

read

375

img
dot

Image Credit: Securityaffairs

UK Gov demands backdoor to access Apple iCloud backups worldwide

  • The UK government is demanding a backdoor to access Apple iCloud backups worldwide, raising concerns over privacy and encryption.
  • The Technical Capability Notice issued by the UK requires Apple to create a blanket capability to view fully encrypted material.
  • Apple can appeal the notice, but compliance is required during the process.
  • If the UK obtains access, it may prompt other countries like China to demand similar backdoor access.

Read Full Article

like

22 Likes

share

5 Shares

source image

Idownloadblog

1M

read

330

img
dot

Image Credit: Idownloadblog

Updated palera1n jailbreak beta brings fix for loader app crash on devices configured to use 12-hour time

  • The palera1n team released an updated beta build of the checkm8 bootrom exploit-based palera1n jailbreak tool, version 2.1 beta 2.
  • The update includes a bug fix for a crash issue when using 12-hour time in the palera1n loader app.
  • All palera1n users are recommended to update to the latest version for the fix.
  • The palera1n jailbreak is compatible with devices running iOS, iPadOS, or tvOS 15.0 and later, up to 18.x, with A8-A11 chips.

Read Full Article

like

19 Likes

share

4 Shares

source image

Securityaffairs

1M

read

13

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

  • PlayStation Network has been experiencing an outage for over 24 hours.
  • Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer.
  • Russian intelligence is recruiting Ukrainians for terror attacks using messaging apps.
  • Hospital Sisters Health System was impacted, affecting 882,782 individuals.

Read Full Article

like

Like

share

Share

source image

Medium

2M

read

412

img
dot

Image Credit: Medium

From Duplicate to Letter of Appreciation: How I Hacked NASA

  • A security researcher, Harsh Kothari, hacked into NASA.
  • Initially, the vulnerability he reported was deemed a duplicate submission.
  • However, after further testing, Harsh discovered that the data was still accessible.
  • Bugcrowd resolved the vulnerability after Harsh confirmed its reproducibility.

Read Full Article

like

24 Likes

share

5 Shares

source image

Securityaffairs

2M

read

197

img
dot

Image Credit: Securityaffairs

PlayStation Network outage has been going on for over 24 hours

  • PlayStation Network has been down for nearly a day, causing frustration amongst players.
  • Sony has provided little communication regarding the global outage and has not shared technical details of the issue.
  • Multiple online services are still experiencing issues after 24 hours, including account management, gaming, social features, PlayStation Video, and the PlayStation store.
  • Experts suspect that a cyber attack could be the cause of the outage, as indicated by security researcher Dominic Alvieri's tweets.

Read Full Article

like

11 Likes

share

2 Shares

source image

Dev

2M

read

45

img
dot

Image Credit: Dev

How to protect yourself against cyber threats

  • Understanding Cyber Threats: Cybersecurity threats such as malware, phishing, Man-in-the-Middle attacks, software vulnerability exploits, and social engineering attacks put personal, financial, and corporate data at risk.
  • Implementing Technical Security Measures: Adopting technical measures such as using reliable antivirus and firewall, regularly updating software and operating systems, and using a virtual private network (VPN) can reduce the risk of cyberattacks and protect sensitive data.
  • Creating Strong Passwords: Creating and managing strong passwords, using passphrases and complex combinations, and avoiding password reuse across multiple accounts can enhance online account protection. Enabling two-factor authentication (2FA) adds an extra layer of security.
  • Prevention is Key: Understanding cyber threats, implementing technical security measures, and practicing secure online habits are vital for protecting against cyber threats. Taking proactive measures is crucial to reducing the risk of falling victim to these threats.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

2M

read

376

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Trimble Cityworks flaw to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Trimble Cityworks vulnerability to its Known Exploited Vulnerabilities catalog.
  • The vulnerability, tracked as CVE-2025-0994, is a deserialization of untrusted data issue that could allow an attacker to achieve remote code execution.
  • Trimble Cityworks is a GIS-centric software used for asset management and permitting in local governments and public works organizations.
  • CISA has ordered federal agencies to fix this vulnerability by February 28, 2025.

Read Full Article

like

22 Likes

share

5 Shares

Prev

20
21
22
23
24
25
26
27
28
29
30

Next

For uninterrupted reading, download the app