Category: Attack Feeds

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week. The infection chain commences with a phishing  – Read...

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the “level of security,” CERT-UA added, cautioning organizations to be on the lookout for such social engineering attempts that seek to ...

FortiGate firewall leak exposes 15,000+ configurations, impacting organizations globally. The actor behind the leak is Belsen Group. Learn…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning “organization” in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications...

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. “Internet hosts that accept tunneling packets without verifying the sender’s identity can be hijacked to perform anonymous attacks and provide access to their networks,” Top10VPN said in a study, as part of a collaboration with KU Leuven professor  –...

For the upcoming Pwn2Own Automotive contest, a total of four in-vehicle infotainment (IVI) head units have been selected as targets. One of these is the single-DIN Pioneer DMH-WT7600NEX. This unit offers a variety of functionality, such as wired and wireless Android Auto and Apple CarPlay, USB media playback, and more. This blog post aims to detail some of the attack...

Security researcher discovers a non-password-protected database containing over 240,000 records belonging to US-based FinTech bill payment platform Willow…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that can’t be fought with  –...

Sneaky 2FA: New Phishing-as-a-Service targets Microsoft 365, leveraging sophisticated evasion techniques and a Telegram-based platform to steal credentials.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Cybercrime can be defined as “criminal activities carried out by means of computers or the Internet.” With the growing use of smartphones, mobile devices have become an integral part of this definition, significantly expanding the scope of potential cyber threats. Recent Incidents of Mobile Cybercrime In a notable case, twelve people were recently arrested in […] The post Mobile Cybercrime...

A Hidden Goldmine for Identity ThievesCopier and Printer Identity Theft Printers, fax machines, and copiers—once considered harmless office staples—have become unexpected goldmines for identity thieves. These devices often contain hard drives that store sensitive and personal information, creating significant vulnerabilities for individuals and businesses alike. The Hidden Threat in Office Equipment Since 2002, nearly all […] The post Copier and...

Ponzi schemes of all sorts are over 150 years old and the reason that they have held such great success is that people continue to fall for them. This is no more true than the uptick in Ponzi schemes in SA, and for every criminal busted by the FSCA (Financial Sector Conduct Authority), it seems […] The post Ponzi Scams...

Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below – @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing liquidity pool  – Read More ...

Hacker IntelBroker claims to have breached Hewlett Packard Enterprise (HPE), exposing sensitive data like source code, certificates, and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Popular video-sharing social network TikTok has officially gone dark in the United States, 2025, as a federal ban on the app comes into effect on January 19, 2025. “We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable,” the company said in a pop-up message. “We’re working...

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. “People’s Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recent  – Read More ...

Explore Bitcoin’s 2025 prospects, market trends, mining, and secure methods like cloud platforms. Learn strategies to manage risks…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The Transportation Security Administration is locking in a pair of pipeline directives for additional years ahead of the looming White House transition. In a posting to the Federal Register on Friday, the Department of Homeland Security component said it ratified the Security Directive Pipeline-2021-01 series and the Security Directive Pipeline-2021-02 series and would extend the requirements of each for another...

The Department of the Treasury has sanctioned a Chinese national and a cybersecurity company based in Sichuan, China, for taking part in the Salt Typhoon hacking campaign that has swept up data from at least nine U.S. telecommunications companies. The department’s Office of Foreign Assets Control (OFAC) named Yin Kecheng of Shanghai and the Sichuan Juxinhe Network Technology Co. Ltd.,...

Department of Homeland Security secretary nominee Kristi Noem committed to senators Friday that if confirmed she would keep the department out of efforts to combat disinformation and misinformation, and pledged to make the Cybersecurity and Infrastructure Security Agency “smaller, more nimble.” The South Dakota governor’s remarks signal that the incoming Trump administration will act on an issue that has galvanized...

With Chinese-sponsored hackers lingering in the IT systems of various U.S. critical infrastructure networks, potentially imminent threats to the country’s national security abound. The Cybersecurity and Infrastructure Security Agency and federal partners hope to lessen that threat by closing a so-called “software understanding gap.” In a document released Thursday with the Defense Advanced Research Projects Agency, the Office of the...

With Chinese-sponsored hackers lingering in the IT systems of various U.S. critical infrastructure networks, potentially imminent threats to the country’s national security abound. The Cybersecurity and Infrastructure Security Agency and federal partners hope to lessen that threat by closing a so-called “software understanding gap.” In a document released Thursday with the Defense Advanced Research Projects Agency, the Office of the...

As the incoming Trump administration prepares to take office, it confronts a critical juncture for cybersecurity. The escalating digital threats from state-sponsored adversaries like China, Iran, North Korea and Russia coincide with fractured global governance and a shifting domestic policy landscape. This moment presents a unique opportunity for the administration to establish itself as a global leader in offensive cybersecurity...

Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker  – Read More  – The Hacker News 

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. “Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These attacks  – Read More  –...

Explore how AI tools like OpenAI’s Sora face restrictions in Europe due to GDPR, with insights on bypassing…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People’s Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions. “These  –...

Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that’s capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting  – Read...

Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,  – Read More  – The Hacker News 

Hospitals and health systems across the country are experiencing a significant rise in cyberattacks. These cyber incidents have caused extended disruptions, patient diversion to other facilities, and the cancellation of medical appointments and procedures — all of which undermine patient care and safety. These attacks also expose vulnerabilities in our health care system and degrade patient trust. The more they...

Silverfort has discovered that a misconfiguration can bypass an Active Directory Group Policy designed to disable NTLMv1, allowing…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

No, Brad Pitt isn’t in love with you. A French woman was duped into believing a hospitalised Brad Pitt had fallen in love with her. The scammers even faked a “breaking news” report announcing the revelation of Brad’s new love… Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users’ data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data  – Read More ...

The U.S. Treasury Department announced sanctions Thursday against two individuals and four entities allegedly involved in generating revenue for North Korea through illicit remote IT workforce operations, the latest salvo in ongoing efforts to disrupt financial streams that support Pyongyang’s weapons programs. The sanctions focus on efforts in which North Korea sent thousands of skilled IT professionals outside of the...

A sweeping executive order on cybersecurity released Thursday won largely positive reviews, with the main question being its timing — and what will come of it with the executive branch set to be handed over from president to president. Chris Inglis, the former national cyber director for Joe Biden who has served under both Democrats and Republicans, told CyberScoop there...

Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up...

The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims’ WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. “Star Blizzard’s targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations  – Read More ...

The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025.  Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change in the group’s tactics, techniques,...

Previously, we covered the internals of the Autel MaxiCharger where we highlighted each of the main components. In this post, we aim to outline the attack surface of the MaxiCharger in the hopes of providing inspiration for vulnerability research. All information has been obtained through reverse engineering, experimenting, and combing through the Autel MaxiCharger manual (PDF). At the time of...

Slow adoption of cloud technologies poses a cybersecurity hazard for federal agencies, which will require an overhaul of contracting, regulatory and budgeting procedures to fix, a bipartisan think tank report that will be released Thursday concludes. Led by veterans of both the first Trump administration and Biden administration as well as lawmakers from both parties, the Center for Strategic and...

One of the chief architects of the Cybersecurity and Infrastructure Security Agency campaign to get software developers to design their products with security in mind said he believes it could be one of the best tools the Trump administration has to counter China. Jack Cable, who is departing his role as senior technical adviser Thursday, said major hacking campaigns by...

The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust management? Forget it. It’s simply not built for today’s fast-paced, hybrid environments. You need...

Technology is changing the global economy, and fintech companies are at the backbone of this transformation. To keep…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. “In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads,” HP Wolf Security said in its Threat Insights...

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that’s designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. “A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications,” Silverfort researcher Dor Segal said in a  – Read More  – The...

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party UEFI certificate, according to a new  – Read More  – The...

You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).  Stolen credentials on criminal forums cost as ...

Cybercriminals are exploiting the California wildfires by launching phishing scams. Learn how hackers are targeting victims with fake domains and deceptive tactics, and how to protect yourself from these cyber threats.  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The video game Path of Exile 2 suffers a security breach, we explore the issues of using predictive algorithms in travel surveillance systems, and the very worst IoT devices are put on show in Las Vegas. Oh, and has Elon Musk accidentally revealed he cheats at video games? All this and much more is discussed in the latest edition of...

Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated ...