Category: Attack Feeds

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. “People’s Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recent  – Read More ...

Explore Bitcoin’s 2025 prospects, market trends, mining, and secure methods like cloud platforms. Learn strategies to manage risks…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The Transportation Security Administration is locking in a pair of pipeline directives for additional years ahead of the looming White House transition. In a posting to the Federal Register on Friday, the Department of Homeland Security component said it ratified the Security Directive Pipeline-2021-01 series and the Security Directive Pipeline-2021-02 series and would extend the requirements of each for another...

The Department of the Treasury has sanctioned a Chinese national and a cybersecurity company based in Sichuan, China, for taking part in the Salt Typhoon hacking campaign that has swept up data from at least nine U.S. telecommunications companies. The department’s Office of Foreign Assets Control (OFAC) named Yin Kecheng of Shanghai and the Sichuan Juxinhe Network Technology Co. Ltd.,...

Department of Homeland Security secretary nominee Kristi Noem committed to senators Friday that if confirmed she would keep the department out of efforts to combat disinformation and misinformation, and pledged to make the Cybersecurity and Infrastructure Security Agency “smaller, more nimble.” The South Dakota governor’s remarks signal that the incoming Trump administration will act on an issue that has galvanized...

With Chinese-sponsored hackers lingering in the IT systems of various U.S. critical infrastructure networks, potentially imminent threats to the country’s national security abound. The Cybersecurity and Infrastructure Security Agency and federal partners hope to lessen that threat by closing a so-called “software understanding gap.” In a document released Thursday with the Defense Advanced Research Projects Agency, the Office of the...

With Chinese-sponsored hackers lingering in the IT systems of various U.S. critical infrastructure networks, potentially imminent threats to the country’s national security abound. The Cybersecurity and Infrastructure Security Agency and federal partners hope to lessen that threat by closing a so-called “software understanding gap.” In a document released Thursday with the Defense Advanced Research Projects Agency, the Office of the...

As the incoming Trump administration prepares to take office, it confronts a critical juncture for cybersecurity. The escalating digital threats from state-sponsored adversaries like China, Iran, North Korea and Russia coincide with fractured global governance and a shifting domestic policy landscape. This moment presents a unique opportunity for the administration to establish itself as a global leader in offensive cybersecurity...

Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker  – Read More  – The Hacker News 

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. “Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These attacks  – Read More  –...

Explore how AI tools like OpenAI’s Sora face restrictions in Europe due to GDPR, with insights on bypassing…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People’s Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. “These  –...

Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that’s capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting  – Read...

Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,  – Read More  – The Hacker News 

Hospitals and health systems across the country are experiencing a significant rise in cyberattacks. These cyber incidents have caused extended disruptions, patient diversion to other facilities, and the cancellation of medical appointments and procedures — all of which undermine patient care and safety. These attacks also expose vulnerabilities in our health care system and degrade patient trust. The more they...

Silverfort has discovered that a misconfiguration can bypass an Active Directory Group Policy designed to disable NTLMv1, allowing…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

No, Brad Pitt isn’t in love with you. A French woman was duped into believing a hospitalised Brad Pitt had fallen in love with her. The scammers even faked a “breaking news” report announcing the revelation of Brad’s new love… Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users’ data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data  – Read More ...

The U.S. Treasury Department announced sanctions Thursday against two individuals and four entities allegedly involved in generating revenue for North Korea through illicit remote IT workforce operations, the latest salvo in ongoing efforts to disrupt financial streams that support Pyongyang’s weapons programs. The sanctions focus on efforts in which North Korea sent thousands of skilled IT professionals outside of the...

A sweeping executive order on cybersecurity released Thursday won largely positive reviews, with the main question being its timing — and what will come of it with the executive branch set to be handed over from president to president. Chris Inglis, the former national cyber director for Joe Biden who has served under both Democrats and Republicans, told CyberScoop there...

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up...

The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims’ WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. “Star Blizzard’s targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations  – Read More ...

The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025.  Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change in the group’s tactics, techniques,...

Previously, we covered the internals of the Autel MaxiCharger where we highlighted each of the main components. In this post, we aim to outline the attack surface of the MaxiCharger in the hopes of providing inspiration for vulnerability research. All information has been obtained through reverse engineering, experimenting, and combing through the Autel MaxiCharger manual (PDF). At the time of...

Slow adoption of cloud technologies poses a cybersecurity hazard for federal agencies, which will require an overhaul of contracting, regulatory and budgeting procedures to fix, a bipartisan think tank report that will be released Thursday concludes. Led by veterans of both the first Trump administration and Biden administration as well as lawmakers from both parties, the Center for Strategic and...

One of the chief architects of the Cybersecurity and Infrastructure Security Agency campaign to get software developers to design their products with security in mind said he believes it could be one of the best tools the Trump administration has to counter China. Jack Cable, who is departing his role as senior technical adviser Thursday, said major hacking campaigns by...

The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust management? Forget it. It’s simply not built for today’s fast-paced, hybrid environments. You need...

Technology is changing the global economy, and fintech companies are at the backbone of this transformation. To keep…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. “In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads,” HP Wolf Security said in its Threat Insights...

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that’s designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. “A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications,” Silverfort researcher Dor Segal said in a  – Read More  – The...

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party UEFI certificate, according to a new  – Read More  – The...

You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).  Stolen credentials on criminal forums cost as ...

Cybercriminals are exploiting the California wildfires by launching phishing scams. Learn how hackers are targeting victims with fake domains and deceptive tactics, and how to protect yourself from these cyber threats.  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games? All this and much more is discussed in the latest edition of...

Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated ...

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded named  – Read More  –...

A top federal cybersecurity official said Wednesday that threat hunters from the Cybersecurity and Infrastructure Security Agency first discovered activity from Salt Typhoon on federal networks, allowing public and private sector defenders to more quickly “connect the dots” and respond to Chinese attacks on the U.S. telecommunications industry.   Speaking at an event hosted by the Foundation for Defending Democracies, CISA...

CIA director nominee John Ratcliffe said during testimony on Capitol Hill that if confirmed, he hopes to develop offensive cyber tools and supports the creation of a cyber-specific deterrence strategy. Ratcliffe, who served as director of national intelligence and in the House of Representatives for Texas, drew a comparison to the concerns over physical, territorial borders. “It’s invasion through our...

A recent cyberattack, mimicking the tactics of the notorious Black Basta ransomware group, targeted one of SlashNext’s clients.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The Cybersecurity and Infrastructure Security Agency is making one last push before the change in administration for increased information sharing between the public and private sectors, releasing an artificial intelligence-focused playbook Tuesday that aims to foster “a unified approach” to handling AI-related cyber threats. The agency’s AI Cybersecurity Collaboration Playbook was developed with the FBI, the NSA’s Artificial Intelligence Security...

The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. “The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring developers with project tests and code reviews,” Ryan Sherstobitoff, senior vice president of Threat  – Read More ...

Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. “The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages,” Jérôme Segura, senior director of  – Read More ...

For the upcoming Pwn2Own Automotive contest a total of 7 electric vehicle chargers have been selected. One of these is the Autel MaxiCharger AC Wallbox Commercial (MAXI US AC W12-L-4G) which also made an appearance at the inaugural Pwn2Own Automotive last January.  We have previously posted internal photos of the MaxiCharger in 2023 so the goal of this blog post...

Tel Aviv, Israel, 15th January 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Silver Spring, United States / Maryland, 15th January 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with The Hacker  – Read...

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn’t just ineffective—it’s high risk. In the rapidly evolving domain of cybersecurity, the specific challenges and needs for Industrial Control Systems (ICS) and Operational Technology (OT) security distinctly stand out from traditional IT security. ICS/OT  – Read More  –...

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. “Attackers can take control of a malicious server and read/write arbitrary files of any connected client,” the CERT Coordination Center (CERT/CC) said in an advisory. “Sensitive data, such as...

A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News