menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Info. Security News News

Info. Security News News

source image

Securityaffairs

1w

read

321

img
dot

Image Credit: Securityaffairs

Credit Card Skimmer campaign targets WordPress via database injection

  • Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection.
  • Attackers hide the malicious code in the WordPress wp_options table, injecting obfuscated JavaScript into widget_block for persistence and to avoid file scans.
  • The JavaScript code targets checkout pages, creating fake payment screens to capture credit card details and billing information.
  • The stolen data is encoded and encrypted, then transmitted to an attacker-controlled server.

Read Full Article

like

19 Likes

share

4 Shares

source image

Securityaffairs

1w

read

198

img
dot

Image Credit: Securityaffairs

Microsoft took legal action against crooks who developed a tool to abuse its AI-based services

  • Microsoft has taken legal action against ten individuals for creating tools to bypass safety measures in its cloud AI products.
  • The individuals used stolen credentials and custom software to breach computers running Microsoft's Azure OpenAI services.
  • The illegal activity violated U.S. law and Microsoft's Acceptable Use Policy and Code of Conduct.
  • Microsoft has locked out the crooks and implemented additional countermeasures to prevent future abuses.

Read Full Article

like

11 Likes

share

2 Shares

source image

Securityaffairs

1w

read

4

img
dot

Image Credit: Securityaffairs

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

  • Pro-Russia hackers NoName057 targeted Italy again after Zelensky’s visit to the country.
  • Italian ministries, institutions, critical infrastructure's websites, and private organizations were targeted.
  • The attacks coincided with Ukrainian President Volodymyr Zelensky's visit to Italy and the commitment of Italy's support for Ukraine.
  • The group NoName057(16) has been active since March 2022 and carries out attacks during periods of geopolitical tensions.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

1w

read

21

img
dot

Image Credit: Securityaffairs

How a researcher earned $100,000 hacking a Facebook server

  • Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024.
  • Security researcher Ben Sadeghipour found a vulnerability in Facebook's ad platform that allowed him to take control of an internal company server.
  • The flaw was caused by an unpatched Chrome version used by Facebook's ad server.
  • As soon as Sadeghipour reported the bug, Facebook acknowledged and addressed the issue.

Read Full Article

like

1 Like

share

Share

source image

Hackersking

1w

read

169

img
dot

Image Credit: Hackersking

Premium Shodan Features For Free Using Ultimate Tool ShodanSpider v2 For Penetration Testers

  • ShodanSpider v2 is a free tool that offers premium Shodan features for penetration testers and cybersecurity researchers.
  • Key features include free CVE search, CLI-based interface, regular updates, powerful search options, saving of search results, and being completely free.
  • ShodanSpider v2 allows searching for known vulnerabilities directly within Shodan's database, without needing a paid subscription.
  • The tool is lightweight, efficient, and continuously updated with new functionality and enhancements.

Read Full Article

like

10 Likes

share

2 Shares

source image

Medium

1w

read

72

img
dot

Image Credit: Medium

Cracking Wi-Fi Passwords: Using the Batch-WI-FI-Brute-Forcer Tool in Windows

  • Wi-Fi networks can be vulnerable to security risks due to weak or easy-to-guess passwords.
  • Hackers can exploit these vulnerabilities using brute-force or dictionary attacks to gain unauthorized access to the network.
  • The Batch-WI-FI-Brute-Forcer tool provides a way to test the security of Wi-Fi networks by attempting different passwords.
  • Users can run the script, select a target network, and begin the brute force process to find the correct password.

Read Full Article

like

4 Likes

share

1 Share

source image

Securityaffairs

1w

read

85

img
dot

Image Credit: Securityaffairs

U.S. cannabis dispensary STIIIZY disclosed a data breach

  • US marijuana dispensary STIIIZY disclosed a data breach after a vendor’s point-of-sale system was compromised.
  • The breach exposed customer data and IDs between October 10 and November 10, 2024.
  • The compromised information includes government-issued identification cards, transaction histories, and other personal information.
  • The breach was claimed by the Everest cybercrime group, who leaked the stolen data after a failed negotiation.

Read Full Article

like

5 Likes

share

1 Share

source image

TechBullion

1w

read

243

img
dot

Image Credit: TechBullion

Virtual Interview:  “Mukund Sarma Is Redefining FinTech Security Through Innovation and Vision”

  • Mukund Sarma is the Head of Product Security at Chime Financial, where he oversees application security, cloud security, and data security initiatives.
  • Sarma has shaped FinTech security strategies for high-growth tech companies by developing innovative and impactful solutions that integrate seamlessly with engineering workflows.
  • The urgent need for robust FinTech application security measures and practices is due to the value of the data and transactions it handles, making it highly targeted by cybercriminals.
  • Sarma developed Monocle, a gamified application security platform, and Overwatch, a serverless orchestration system that has revolutionized vulnerability migration practices.
  • Recent high-profile data breaches illustrate the escalating stakes in FinTech security.
  • Sarma recommends companies to adopt zero-trust architectures, invest in security automation, and integrate security into development workflows to proactively address emerging threats.
  • The emerging challenges include Deepfake-based fraud and sophisticated supply chain attacks, requiring innovative tools beyond traditional security measures to detect and mitigate advanced threats.
  • Sarma advises aspiring professionals in cybersecurity to focus on building strong technical skills and understanding how security aligns with business objectives, anticipating and staying curious about challenges, and embracing collaboration.
  • Mukund Sarma's innovative and impactful security solutions have shaped the future of FinTech security.
  • Sarma's leadership has redefined application security, cloud security, and data protection.

Read Full Article

like

14 Likes

share

3 Shares

source image

Securityaffairs

1w

read

153

img
dot

Image Credit: Securityaffairs

Banshee macOS stealer supports new evasion mechanisms

  • Experts found a new version of the Banshee macOS information stealer with enhanced evasion mechanisms.
  • Banshee Stealer is distributed through phishing websites and fake GitHub repositories, masquerading as popular software.
  • The malware can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and browser extensions.
  • The latest version of Banshee Stealer expands its potential targets by removing the Russian language check.

Read Full Article

like

9 Likes

share

2 Shares

source image

Securityintelligence

1w

read

13

img
dot

Image Credit: Securityintelligence

Is the water safe? The state of critical infrastructure cybersecurity

  • Critical infrastructure remains a primary target for cyberattacks and cybersecurity is the top public safety and national security concern.
  • The rising number of cyberattacks on water systems and other essential services reveal the susceptibility of industrial sectors to cyber threats and the unpreparedness of operators.
  • The average total cost of a data breach in the industrial sector was $5.56 million in 2024, an 18% increase for the industry compared to 2023.
  • The DHS has recognized the need for more support for state and local government cybersecurity, and has allocated $280 million in grant funding for the State and Local Cybersecurity Grant Program (SLCGP).
  • The Cyberspace Solarium Commission recommends identifying minimum security burdens for important entities critical to national security.
  • Lack of adequate cyber defense resources for smaller water systems and inadequate communication between government agencies and private industry remain to be significant challenges that need addressed.
  • Collaboration between government, private industry and international partners will be the key to building a resilient defense against evolving cyber threats.
  • Public safety and national security are at risk from cyberattacks and every meaningful response from policymakers and the public requires concerted effort.
  • The DHS funding could expand efforts aimed at protecting critical infrastructure providers, while the recommendations of the Cyberspace Solarium Commission could address critical gaps in the national cyber defense strategy.
  • Building trust between the government and private sectors is challenging, given the historical tensions that exist, but collaboration between them is essential to address the growing threat to critical infrastructure.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

1w

read

171

img
dot

Image Credit: Securityaffairs

Researchers disclosed details of a now-patched Samsung zero-click flaw

  • Researchers at Google Project Zero disclosed a now-patched zero-click vulnerability that affects Samsung devices.
  • The vulnerability, tracked as CVE-2024-49415, is an out-of-bound write issue in libsaped.so and allows remote attackers to execute arbitrary code.
  • The flaw affects Samsung Galaxy S23 and S24 phones and is linked to Google Messages' transcription service when RCS is enabled.
  • The vulnerability was reported to Samsung by Google Project Zero researcher Natalie Silvanovich, and it has been patched.

Read Full Article

like

10 Likes

share

2 Shares

source image

Sentinelone

1w

read

402

img
dot

Image Credit: Sentinelone

The Good, the Bad and the Ugly in Cybersecurity – Week 2

  • The U.S. government launched the Cyber Trust Mark as a cybersecurity label to help consumers identify smart products that meet NIST’s criteria.
  • Integrity Tech, a company based in Beijing, has been sanctioned by the U.S. Treasury for its role in attacks led by Chinese state-sponsored threat actor Flax Typhoon.
  • Attackers are exploiting neglected domains that lack DNS records to bypass security measures and trick victims into triggering the malware.
  • Spoofed email addresses in malspam campaigns continue to work for attackers despite safeguards like DKIM, DMARC, and SPF designed to prevent attackers from spoofing well-known domains.
  • Researchers have identified how these spam campaigns use disused domains to distribute phishing emails containing QR codes to malicious sites and steal users’ information.
  • Chinese threat actor MirrorFace has been accused of targeting Japanese organizations and individuals via persistent attacks that started in 2019.
  • MirrorFace operations can be broken down into three major campaigns, and all of them have leveraged advanced TTPs.
  • The most recent malspam campaigns target industries like government and construction, using trusted platforms such as Canva and Dropbox to host phishing pages and launching SMS phishing schemes.
  • Generic top-level domains (gTLDs) like .top and .xyz account for 37% of malicious domains due to low registration fees and lax regulations.
  • Tools like PhishWP, a malicious WordPress plugin, are being employed to create fake payment gateways aim to harvest sensitive user information in real-time.

Read Full Article

like

24 Likes

share

5 Shares

source image

Hackingblogs

1w

read

64

img
dot

Image Credit: Hackingblogs

Ukrainian hackers claim to have launched a horrific cyberattack against Russian internet provider Nodex

  • Russian internet provider Nodex has revealed a cyberattack that severely damaged its network.
  • The attack is believed to be planned and originated from Ukraine.
  • Nodex's infrastructure was destroyed, and data was stolen.
  • Efforts are underway to restore services, but full recovery has not yet been achieved.

Read Full Article

like

3 Likes

share

Share

source image

Securityaffairs

1w

read

21

img
dot

Image Credit: Securityaffairs

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

  • Cybersecurity firm CrowdStrike has warned of a phishing campaign that uses its recruitment branding to trick recipients into downloading a fake application, which ultimately installs the XMRig cryptominer.
  • The campaign was discovered on January 7, 2025, and involves phishing emails impersonating CrowdStrike recruitment, directing victims to a malicious website.
  • The phishing message claims recipients have been selected for a junior developer role and must download a CRM tool. Regardless of the chosen option, a Windows executable downloads, serving as a downloader for XMRig, supporting evasion mechanisms.
  • Individuals in the recruitment process should verify the authenticity of CrowdStrike communications and avoid downloading unsolicited files.

Read Full Article

like

1 Like

share

Share

source image

Securityaffairs

1w

read

42

img
dot

Image Credit: Securityaffairs

China-linked APT group MirrorFace targets Japan

  • Japanese authorities attribute a cyber-espionage campaign to the China-linked APT group MirrorFace.
  • The campaign has been active since at least 2019, targeting Japanese technology and national security.
  • MirrorFace launched three cyber campaigns targeting Japanese think tanks, government, academia, and key industries.
  • The group used spear-phishing attacks, malware, and exploitation of software vulnerabilities in their campaigns.

Read Full Article

like

2 Likes

share

Share

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app