Pegasus malware was used to attack Spanish Prime Minister Pedro Sánchez’s phone

Pegasus-smartphone-01

The Pegasus spying malware was used to hack the smartphones of Spain’s prime minister and minister of defense, according to the Madrid government. That’s the first verified use of the eavesdropping software against a current head of state. Last year, the phones of Prime Minister Pedro Sánchez and Defense Minister Margarita Robles were illegally hacked … Read more

PostgreSQL Databases Exposed to Customers Due To A Microsoft Azure Vulnerability

Azure-database-vulnerability

Microsoft fixed two problems with the Azure Database for PostgreSQL Flexible Server on Thursday, which may lead to an illegal cross-account SQL database in a territory. “A malicious user might circumvent authentication to get access to other customers’ databases by leveraging an elevated rights flaw in the Flexible Server authentication procedure for a replication user,” … Read more

A Bug In RainLoop Webmail Gives Hackers Access To All Emails

The open-source RainLoop web-based email client contains an unpatched high-severity security flaw that might be used to steal emails from users’ inboxes. In a study published this week, SonarSource security researcher Simon Scannell stated, “an attacker may simply exploit the code vulnerability by sending a malicious email to a target that uses RainLoop as a … Read more

Hackers insert the ‘More Eggs’ malware into resumes sent to hiring managers at corporations

cv-01

A year after fake job offers attracted potential LinkedIn job searchers, a fresh wave of phishing attempts targeting corporate recruiting supervisors with the more eggs virus has been uncovered, employing fake resumes as an infection vector. “This year, the more eggs operation has inverted the social engineering script, targeting hiring managers with fake resumes rather … Read more

ESET Discovers UEFI Flaws in Popular Lenovo Laptops

lenovo-laptop-01

Do you own a Lenovo laptop? According to the most recent batch of vulnerabilities discovered by ESET security experts, you may need to undertake some quick patching. Today, three vulnerabilities were discovered: CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972. The last two are especially aggravating since they are associated with UEFI firmware drivers used throughout the manufacturing process … Read more

Hackers Taking Advantage of a Recently Discovered Windows Print Spooler Vulnerability

printer-01

A security hole in Microsoft’s Windows Print Spooler component, which was fixed in February, is still being actively abused in the wild, according to the US Cybersecurity and Infrastructure Security Agency (CISA). As a result, the agency has added the weakness to its Known Exploited Vulnerabilities Catalog, requiring FCEB agencies to fix the issues by … Read more

IcedID Malware used in a new hacking campaign targeting the Ukrainian government

malware-image-laptop-01

CERT-UA, Ukraine’s Computer Emergency Response Team, has issued a warning about a new wave of social engineering attacks that exploit IcedID malware and Zimbra vulnerabilities to steal sensitive data. According to the CIA, the IcedID phishing assaults are tied to a threat cluster known as UAC-0041. The infection begins with a simple email attachment containing … Read more

Beanstalk hack highlights the dangers of a malicious governance proposal

beanstalk-01

On April 17th, Beanstalk Farms, an Ethereum-based Defi system, was hacked to the tune of $182 million. PeckShield, a blockchain security startup, was the first to notice the robbery and estimated that the attacker took at least $80 million in cryptocurrency, however, the protocol’s losses were significantly higher. On its Discord server, Beanstalk provided a … Read more

Hackers used stolen OAuth access tokens to breach organizations

github-oauth-tokens-01

On Friday, GitHub, an open-source software hosting site, said that it had uncovered evidence of an unknown attacker illegally acquiring sensitive data from several organizations using stolen OAuth user credentials. “An attacker utilized stolen OAuth user credentials given to two third-party OAuth integrators, Heroku and Travis-CI, to access data from a variety of organizations, including … Read more

Google Removes Apps For Covertly Copying Contact Information

apps-playstore-smartphone-01

Google has removed apps that were found to be covertly copying contact information. More than a dozen applications have been withdrawn from Google’s Play Store after it was discovered that they had malicious code that collected people’s geolocation, telephone numbers, and email addresses. A QR code scanner, a weather app, and Muslim prayer applications are … Read more

Popular Hacking Forum Raidforums Seized By The FBI

cyber-crime-01

US and foreign law enforcement officials have taken control of a popular website where hackers have marketed data stolen from American individuals and corporations, the latest in a long-running effort to crack down on forums where cybercriminals gather. According to a notice put on RaidForums’ home page on Tuesday, “this domain has been seized” by … Read more

Meta Says Hacking Group Sent Bogus Ukrainian Surrender Messages

hacker-110

According to a recent security investigation by Meta, a Belarus-aligned hacking group attempted to get access to Ukrainian military personnel’s Facebook accounts and broadcast videos calling for the Ukrainian army to surrender using hijacked accounts. The hacking attack, dubbed “Ghostwriter” by security researchers, was carried out by a group known as UNC1151, which according to … Read more

Hackers Use Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams

crypto-phishing-mailchimp-01

According to a revelation by Bleeping Computer, Mailchimp, an email marketing provider, was hacked on March 26th. When a customer support tool was hacked, the organization became aware of the hostile occurrence. Mailchimp was bought by Intuit, a financial software company, in September 2020. Mailchimp says it was hacked. According to Siobhan Smyth, their chief … Read more

Brokenwire Exploit Could Disrupt Electric Vehicle Charging

electric-car-01

Remote attackers might use the Brokenwire exploit to disrupt electric vehicle charging. According to a new study from the University of Oxford and Armasuisse S+T, a mechanism for attacking a common charging system has been discovered, which might cause significant issues for electric vehicles. The “Brokenwire” strategy compels the automobile to cancel its charging session … Read more

Supply Chain Issues in The PHP Package Management PEAR

php-pear-01

For 15 years, supply chain issues in the PHP package management PEAR went unnoticed. PEAR was vulnerable to attack due to a cryptographic vulnerability and a problem in an out-of-date dependency. According to security experts, attackers could have caused havoc on the PHP ecosystem by exploiting a pair of long-standing vulnerabilities in package management PEAR … Read more

Browser-in-the-Browser Technique Being Used In Ukraine Hacking Attacks

browser-in-the-browser-2

A Belarusian threat actor that is known as Ghostwriter (aka UNC1151) has been observed leveraging a browser-in-the-browser technique. This method simulates a browser window in order to launch convincing social engineering campaigns. The Ghostwriter hacking group has used this technique, which masquerades as a legitimate domain by simulating a browser window over the website, to … Read more