A naukri.com initiative
Hacking News
Securityaffairs
2M
302
Image Credit: Securityaffairs
Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign
- A subgroup of the Russia-linked Seashell Blizzard APT group (aka Sandworm) ran a global multi-year initial access operation called BadPilot.
- Microsoft shared findings on research on a subgroup of the Russia-linked APT group Seashell Blizzard behind the global BadPilot campaign, which compromises infrastructure to support Russian cyber operations.
- The subgroup of Seashell Blizzard APT group compromised multiple Internet-facing infrastructures to enable persistence in the networks of high-value targets and support tailored network operations.
- The subgroup exploited known vulnerabilities on network perimeters of small office/home office (SOHO) and enterprise networks to maintain persistence and gain access to targets.
Read Full Article
18 Likes
TechCrunch
2M
160
Image Credit: TechCrunch
China’s Salt Typhoon hackers continue to breach telecom firms despite US sanctions
- The Chinese government-linked hacking group, Salt Typhoon, continues to breach telecommunications providers despite recent US sanctions.
- Salt Typhoon, also known as RedMike, breached five telecommunications firms between December 2024 and January 2025.
- The group previously hacked into US phone and internet giants, gaining access to private communications of senior US government officials.
- Recorded Future expects Salt Typhoon to continue targeting US and other telecommunications providers.
Read Full Article
9 Likes
Securityaffairs
2M
422
Image Credit: Securityaffairs
Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron
- The Sarcoma ransomware group claims to have breached the Taiwanese PCB manufacturer Unimicron and threatens to release the stolen data if no ransom is paid.
- Unimicron Technology Corporation is a key supplier in the semiconductor and electronics industries, providing critical components for products such as smartphones and computers.
- The company confirmed a ransomware attack on its subsidiary in January 2025 and is currently investigating the breach.
- Sarcoma ransomware group has claimed to have stolen 377 GB of SQL files and documents from Unimicron.
Read Full Article
25 Likes
Hackingblogs
2M
169
Image Credit: Hackingblogs
Microsoft’s Patch Tuesday Patched 63 Vulnerabilities Out Of Which 3 Are Actively Exploited: CIA Releases Advisory
- Microsoft released its latest Patch Tuesday, addressing 63 vulnerabilities across its software products, with 3 actively exploited in the wild.
- Two zero-day vulnerabilities were fixed by Microsoft, with updates available for the actively exploited ones.
- Federal agencies have until March 4th to implement mitigations for these vulnerabilities.
- Of the 63 vulnerabilities, 3 were classified as Critical, 57 as Important, 1 as Moderate, and 2 as Low in severity.
- One of the critical vulnerabilities was in the Windows Ancillary Function Driver for WinSock, allowing attackers to gain SYSTEM privileges.
- Another critical vulnerability was in the Windows Lightweight Directory Access Protocol (LDAP) for remote code execution.
- The CISA advisory emphasizes the urgency of addressing these vulnerabilities to protect against cyber threats.
- A remote code execution vulnerability in Microsoft High Performance Compute (HPC) Pack was identified as the most severe in the update.
- Federal agencies are urged to remediate known exploited vulnerabilities promptly, as highlighted by CISA's Binding Operational Directive.
- The severity ratings, exploit statuses, and types of various vulnerabilities patched by Microsoft were detailed in the update.
Read Full Article
10 Likes
Livebitcoinnews
2M
257
Image Credit: Livebitcoinnews
BNB Chain Four Meme Platform Hit by $183K Hack
- Four.Meme, a BNB Chain memecoin launchpad, lost $183K in a security incident.
- The platform has suspended token launches and is working to fix the issue.
- The breach occurred after the platform experienced record user activity.
- Increasing targeting of memecoin launchpads raises concerns about security in the crypto industry.
Read Full Article
15 Likes
Hackers-Arise
2M
445
Image Credit: Hackers-Arise
Physical Security: Single Pin Lockpicking for Hackers and Pentesters
- Lock picking is a critical skill for penetration testers to bypass physical security non-destructively through techniques like Single Pin Picking (SPP).
- Advanced Single Pin Picking (SPP) techniques require a deep understanding of lock mechanisms, precision, and tactile feedback.
- Tension control is fundamental in successful lock picking, with high-security locks often requiring extremely light tension for manipulation.
- Varying tension is essential for complex locks with security pins, allowing dynamic adjustments during the picking process.
- The jiggle test is a useful technique in pin setting, helping to identify whether pins are properly set, under-set, set, or over-set.
- Understanding feedback from both standard and security pins is crucial in advanced Single Pin Picking (SPP).
- Security pins like spool, serrated, and mushroom pins require specific manipulation techniques for successful lock picking.
- Ethical considerations and legal responsibilities are important in lock picking, highlighting the need for proper authorization and adherence to legal guidelines.
- Continuous practice on diverse locks and environments is essential for improving physical security testing skills as a pentester.
- Mastery of tension control, pin feedback interpretation, and handling high-security locks can enhance efficiency and success in bypassing physical security systems.
Read Full Article
26 Likes
Securityaffairs
2M
293
Image Credit: Securityaffairs
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel
- Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel, a decision reportedly made by the Trump administration.
- Vinnik, a Russian national, pleaded guilty to money laundering charges related to operating the cryptocurrency exchange BTC-e from 2011 to 2017, processing over $9 billion in transactions and serving over a million users globally.
- In July 2017, law enforcement shut down BTC-e, which received criminal proceeds from various illegal activities, including computer intrusions, ransomware attacks, and identity theft.
- Vinnik was accused of promoting unlawful activities through BTC-e, leading to at least $121 million in losses.
- Greek authorities arrested Vinnik in 2017 for laundering billions worth of cryptocurrency through the BTC-e Bitcoin exchange.
- French authorities accused Vinnik of hacking, money laundering, extortion, and involvement in organized crime, defrauding more than 100 individuals and businesses globally.
- Vinnik denied charges of extortion and money laundering and returned to Greece before extradition to the U.S., where he must forfeit seized money as part of the exchange.
- The U.S. also charged Aliaksandr Klimenka, linked to BTC-e, with money laundering conspiracy and operating an unlicensed money services business.
- Vinnik's release, negotiated as a gesture by Trump and Putin for peace talks, has sparked disappointment among government officials regarding the potential impact on cybercrime.
- The exchange involving Vinnik and Fogel has raised concerns about emboldening cybercriminals and ransomware actors, according to U.S. law enforcement.
Read Full Article
17 Likes
Securityaffairs
2M
156
Image Credit: Securityaffairs
North Korea-linked APT Emerald Sleet is using a new tactic
- North Korea-linked APT Emerald Sleet is using a new tactic.
- Emerald Sleet is tricking targets into running PowerShell and executing code provided by the attacker.
- The APT group, also known as Kimsuky, primarily targets think tanks and organizations in South Korea.
- Microsoft Threat Intelligence has observed this shift in tactics, indicating a new approach to compromising traditional espionage targets.
Read Full Article
9 Likes
TheNewsCrypto
2M
454
Image Credit: TheNewsCrypto
zkLend Hit by Starknet Exploit and Lost $4.9 Million
- ZkLend lost over $4.9 million in a cyber attack.
- The team offered a whitehat bounty for the stolen assets.
- Experts fear 2025 could see a surge in crypto hacking activities.
- Hackers have been given an ultimatum to return the funds or face prosecution.
Read Full Article
27 Likes
NullTX
2M
450
Image Credit: NullTX
Attack on Four_Meme Leads to Loss of $183K: Uniswap V3 Mechanism Exploited
- The Four_Meme project experienced a breach resulting in a loss of around $183,000 due to an attack on the Uniswap V3 mechanism.
- The attacker exploited weaknesses in the mechanism, starting by purchasing project tokens at a low price before liquidity was added to PancakeSwap.
- The attacker then created a trading pair pool on PancakeSwap with inflated token prices, taking advantage of Uniswap V3's ability to set prices in advance.
- When liquidity was injected into the pool, the attacker added more liquidity at a higher price, leading to significant profit from selling off the tokens acquired at a low price.
- This attack highlighted vulnerabilities in the Uniswap V3 protocol, showcasing risks related to price manipulation and design flaws in decentralized exchanges like PancakeSwap.
- The stolen funds are currently held in the attacker's address, raising questions about potential retrieval by the Four_Meme team.
- The incident emphasizes the need for enhanced security measures in the rapidly growing DeFi sector to counteract potential attacks and vulnerabilities.
- Attacks on DeFi platforms like Four_Meme underscore the importance of robust security protocols and continuous vigilance in the evolving cryptocurrency landscape.
- The attack serves as a cautionary tale for projects and investors in the DeFi space, urging them to prioritize security and risk management in the face of increasing threats.
- As the DeFi space expands, it is crucial for all stakeholders to remain proactive in identifying and addressing system vulnerabilities to prevent substantial financial losses.
- Security should always be a primary consideration in the cryptocurrency realm, emphasizing the need for thorough research and caution before engaging in trading or investment activities.
Read Full Article
27 Likes
Securityaffairs
2M
13
Image Credit: Securityaffairs
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog
- U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog.
- The vulnerabilities added to the catalog include Zyxel DSL CPE OS Command Injection and Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow.
- The Zyxel flaw allows unauthenticated attackers to execute arbitrary commands, potentially leading to device takeover, data exfiltration, or network infiltration.
- The two zero-day flaws in Microsoft Windows being actively exploited in the wild were addressed through security updates in February 2025.
Read Full Article
Like
Securityaffairs
2M
55
Image Credit: Securityaffairs
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs
- Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the wild.
- The vulnerabilities include a Windows Storage Elevation of Privilege flaw and a Windows Ancillary Function Driver for WinSock Elevation of Privilege flaw.
- The zero-day flaws allow attackers to delete files and gain SYSTEM privileges.
- Microsoft Patch Tuesday security updates for February 2025 addressed a total of 57 vulnerabilities, with three rated as Critical.
Read Full Article
3 Likes
Idownloadblog
2M
238
Image Credit: Idownloadblog
Security researcher wh1te4ever shares Safari-based remote execution exploit patched in iOS 16.5.1, macOS 13.4.1
- A Safari-based remote code execution (RCE) bug, patched by Apple in iOS 16.5.1 and macOS 13.4.1, has been exploited.
- Security researcher @wh1te4ever shared a link to a WebKit bug exploit and a demonstration video showcasing the bug.
- The exploit is likely patched, but has been confirmed to work on iOS & macOS versions prior to the patches.
- The exploit is not expected to result in a new jailbreak for iPhones and iPads.
Read Full Article
14 Likes
Idownloadblog
2M
78
Image Credit: Idownloadblog
Latest iPadOS 18.3.1 update still jailbreakable on iPad 7th generation via palera1n, right out of the box
- The latest iPadOS 18.3.1 update is still jailbreakable on the iPad 7th generation using palera1n.
- Devices equipped with A12 or newer chips are not yet eligible for jailbreak.
- Owners of the iPad 7th generation can update to iPadOS 18.3.1 and continue jailbreaking with palera1n.
- The palera1n jailbreak tool is also compatible with iPadOS 17.7.5 on older supported iPads.
Read Full Article
4 Likes
Securityaffairs
2M
160
Image Credit: Securityaffairs
Attackers exploit a new zero-day to hijack Fortinet firewalls
- Fortinet warned of attacks using a now-patched zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls.
- The vulnerability is an authentication bypass issue that could allow a remote attacker to gain super-admin privileges.
- Fortinet provides temporary mitigation by disabling the HTTP/HTTPS administrative interface or limiting access via local-in policies.
- Arctic Wolf researchers observed a four-phase campaign involving unauthorized logins, account creation, and config changes on Fortinet firewalls.
Read Full Article
9 Likes
For uninterrupted reading, download the app