A group of anonymous security researchers that calls itself Intrusion Truth have tracked the activity of a China-linked cyber–espionage group dubbed APT40. A group of anonymous security researchers that calls itself Intrusion Truth has discovered that a China-linked cyberespionage group, tracked as APT40, uses 13 front companies operating in the island of Hainan to recruit […]
Facebook addressed last week a security flaw that exposed page admin accounts, the bug was exploited against several high-profile pages. Last week Facebook has addressed a security issue that exposed page admin accounts, the bug was exploited in attacks in the wild against several high-profile pages. The page admin accounts are anonymous unless the Page […]
The alleged hacker behind the credential stuffing attacks on UK National Lottery accounts has been sentenced to nine months in prison. Anwar Batson (29) of London has been sentenced to nine months in prison for fraud and four violations under the Computer Misuse Act of 1990. The sentence was announced by the UK’s National Crime Agency […]
Last week, Senator Tom Cotton (R-Arkansas) introduced a bill that would ban intelligence sharing with countries that use Huawei 5G networks. Senator Tom Cotton (R-Arkansas) has introduced this week a new bill that would ban the sharing of intelligence with countries that use Huawei equipment on their fifth-generation (5G) networks. Since November 2018, the US Government […]
A new MageCart attack made the headlines, crooks installed a software skimmer on a website that collects donations for the victims of the Australia bushfires. Experts from Malwarebytes have discovered a new Magecart attack that compromised a website collecting donations for the victims of the Australia bushfires. Crooks planted a malicious script on the website […]
Experts announced the availability online of proof-of-concept exploit code for CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway servers. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerability, many experts are announcing the availability online of proof-of-concept exploit […]
A flaw, dubbed Cable Haunt, in Broadcom’s cable modem firmware exposed as many as 200 million home broadband gateways in Europe alone, at risk of remote hijackings. Hundreds of millions of Broadcom-based cable modems are at risk of remote hijacking due to the presence of a vulnerability dubbed Cable Haunt, CVE-2019-19494. The flaw resides in […]
The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is warning organizations that attackers continue to exploit the well known Pulse Secure VPN vulnerability tracked as CVE-2019-11510. The CVE-2019-11510 flaw in Pulse Connect Secure […]
In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges. In the mid-2018, the APT targeted cryptocurrency exchanges and cryptocurrency […]
Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerabilities. The anomalous activities were detected last week, as reported by the popular expert Kevin […]