The developer behind the popular “node-ipc” NPM package uploaded a destructive version to protest Russia’s invasion of Ukraine. RIAEvangelist, the developer behind the popular “node-ipc” NPM package, shipped a new version that wipes Russia, Belarus systems to protest Russia’s invasion of Ukraine. The Node-ipc node module allows local and remote inter-process communication with support for Linux, […]
The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and other groups in its ecosystem, continue to target the Russian government and private organizations. Let’s summarize the most interesting attacks observed in the last few days. Yesterday Anonymous announced the hack of the website of […]
SolarWinds warns customers of potential cyberattacks targeting unpatched installs of its Web Help Desk (WHD) product. SolarWinds has published a security advisory to warn customers of the risk of cyberattacks targeting unpatched Web Help Desk (WHD) installs. The WHD is described by SolarWinds as an affordable Help Desk Ticketing and Asset Management Software. SolarWinds declared […]
The Security Service of Ukraine (SBU) announced the arrest of a “hacker” who helped Russian Army during the invasion. The Security Service of Ukraine (SBU) announced to have arrested a hacker who provided technical support to Russian troops during the invasion, the man provided mobile communication services inside the Ukrainian territory. The man has broadcasted […]
Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo 360’s Netlab have discovered a new backdoor used to infect Linux systems and include them in a botnet tracked as B1txor20. The malware was first spotted on February 9, 2022, when 360Netlab’s honeypot system captured […]
Russian disinformation continues, this time it used a deepfake video of Zelenskyy inviting Ukrainians to ‘lay down arms.’ A deepfake video of the Ukrainian president Volodymyr Zelenskyy telling its citizens to lay down arms is the last example of disinformation conducted by Russia-linked threat actors. The fake video shows President Zelenskyy saying ‘It turned out […]
The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the […]
FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the organization’s Duo MFA. The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) warned that Russia-linked threat actors have gained access to a non-governmental organization (NGO) cloud by exploiting misconfigured default multifactor […]
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Original post at https://cybernews.com/cyber-war/hacker-breaches-key-russian-ministry-in-blink-of-an-eye/ Spielerkid89, who wished to remain anonymous, did not intend to harm the organization and left its systems intact. However, his experiment is a […]
OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero researchers Tavis Ormandy. An attacker can trigger the vulnerability by crafting […]