IcedID Malware used in a new hacking campaign targeting the Ukrainian government

malware-image-laptop-01

CERT-UA, Ukraine’s Computer Emergency Response Team, has issued a warning about a new wave of social engineering attacks that exploit IcedID malware and Zimbra vulnerabilities to steal sensitive data. According to the CIA, the IcedID phishing assaults are tied to a threat cluster known as UAC-0041. The infection begins with a simple email attachment containing … Read more

Beanstalk hack highlights the dangers of a malicious governance proposal

beanstalk-01

On April 17th, Beanstalk Farms, an Ethereum-based Defi system, was hacked to the tune of $182 million. PeckShield, a blockchain security startup, was the first to notice the robbery and estimated that the attacker took at least $80 million in cryptocurrency, however, the protocol’s losses were significantly higher. On its Discord server, Beanstalk provided a … Read more

Hackers used stolen OAuth access tokens to breach organizations

github-oauth-tokens-01

On Friday, GitHub, an open-source software hosting site, said that it had uncovered evidence of an unknown attacker illegally acquiring sensitive data from several organizations using stolen OAuth user credentials. “An attacker utilized stolen OAuth user credentials given to two third-party OAuth integrators, Heroku and Travis-CI, to access data from a variety of organizations, including … Read more

Google Removes Apps For Covertly Copying Contact Information

apps-playstore-smartphone-01

Google has removed apps that were found to be covertly copying contact information. More than a dozen applications have been withdrawn from Google’s Play Store after it was discovered that they had malicious code that collected people’s geolocation, telephone numbers, and email addresses. A QR code scanner, a weather app, and Muslim prayer applications are … Read more

Pros and Cons of Cyber Security College Degree

cyber-security-secure-lock-01

In our increasingly tech-dependent culture, cyber threats have been a major source of anxiety. Hackers have devised new methods for gaining access to security databases and computer systems. As a result, a solid solution is required to safeguard sensitive information. Cyber security experts protect computers, networks, and even sensitive data against attack, discover potential vulnerabilities … Read more

Tips on Cyber Security for Students

cybersec-image-1

More than a year after the ubiquitous Covid-19 has imposed distance learning and virtualization models. Even before COVID-19 spread to online learning, most students had to use a computer every day. Whether it is chatting with classmates, writing notes, or exploring careers, technology use is essential for every student. Cyber security concerns have become an … Read more

Cyber Security Awareness for Students: Why It’s Important

internet-01

Importance of cyber security Cybersecurity includes all practices and technologies that keep computers and electronic data secure. In a world where more and more businesses are connecting to the internet, this has become a concern. Therefore, cybersecurity is becoming more and more important for students learning at colleges. Most schools have switched to online classes … Read more

Popular Hacking Forum Raidforums Seized By The FBI

cyber-crime-01

US and foreign law enforcement officials have taken control of a popular website where hackers have marketed data stolen from American individuals and corporations, the latest in a long-running effort to crack down on forums where cybercriminals gather. According to a notice put on RaidForums’ home page on Tuesday, “this domain has been seized” by … Read more

Meta Says Hacking Group Sent Bogus Ukrainian Surrender Messages

hacker-110

According to a recent security investigation by Meta, a Belarus-aligned hacking group attempted to get access to Ukrainian military personnel’s Facebook accounts and broadcast videos calling for the Ukrainian army to surrender using hijacked accounts. The hacking attack, dubbed “Ghostwriter” by security researchers, was carried out by a group known as UNC1151, which according to … Read more

Does College Degree Matter in Cybersecurity?

college-degree-cyber-sec-01

Cyber security is one of the vital elements of the modern world dominated by computer and digital technology. At the same time, it’s one of the most demanded areas of computer science, with cyber security specialists earning quite considerable amounts. At the same time, such a specialist must walk the path of a true computer … Read more

Hackers Use Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams

crypto-phishing-mailchimp-01

According to a revelation by Bleeping Computer, Mailchimp, an email marketing provider, was hacked on March 26th. When a customer support tool was hacked, the organization became aware of the hostile occurrence. Mailchimp was bought by Intuit, a financial software company, in September 2020. Mailchimp says it was hacked. According to Siobhan Smyth, their chief … Read more

CloudSEK EWYL CTF – Hogwarts Recruitment for Cyber Staff

harry-potter-01

For fun and profit, I’ve been participating in some CTF Capture the Flag challenges recently. I came in third place and am quite pleased with my performance. Allow me to take you through some of the CTF challenges in which I have participated. Official PDF Report Hogwarts Recruitment for Cyber Staff   This was a … Read more

Categories CTF

Brokenwire Exploit Could Disrupt Electric Vehicle Charging

electric-car-01

Remote attackers might use the Brokenwire exploit to disrupt electric vehicle charging. According to a new study from the University of Oxford and Armasuisse S+T, a mechanism for attacking a common charging system has been discovered, which might cause significant issues for electric vehicles. The “Brokenwire” strategy compels the automobile to cancel its charging session … Read more

Supply Chain Issues in The PHP Package Management PEAR

php-pear-01

For 15 years, supply chain issues in the PHP package management PEAR went unnoticed. PEAR was vulnerable to attack due to a cryptographic vulnerability and a problem in an out-of-date dependency. According to security experts, attackers could have caused havoc on the PHP ecosystem by exploiting a pair of long-standing vulnerabilities in package management PEAR … Read more

Browser-in-the-Browser Technique Being Used In Ukraine Hacking Attacks

browser-in-the-browser-2

A Belarusian threat actor that is known as Ghostwriter (aka UNC1151) has been observed leveraging a browser-in-the-browser technique. This method simulates a browser window in order to launch convincing social engineering campaigns. The Ghostwriter hacking group has used this technique, which masquerades as a legitimate domain by simulating a browser window over the website, to … Read more