Crime-as-a-Service (CaaS) is the practice of experienced cybercriminals selling access to the tools and knowledge needed to execute cybercrime – in particular, it’s often used to create phishing attacks. For hackers, phishing is one of the easiest ways…
Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emis…
Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. The video shows an insider plugging a USB Rubber […]
Researchers found evidence that the DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation. BleepingComputer found evidence that after the clamorous Colonia Pipeline attack, the DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation. The experts analyzed encryption algorithms in a decryptor used by BlackMatter, which is actively attacking corporate entities. […]
The post More evidence suggests that DarkSide and BlackMatter are the same group appeared first on Security Affairs.
An attacker could exploit a vulnerability in the WordPress Download Manager plugin, tracked as CVE-2021-34639, to execute arbitrary code under specific configurations. Researchers from Wordfence team discovered a vulnerability, tracked as CVE-2021-34639, affecting the WordPress Download Manager plugin that could allow attackers to execute arbitrary code under specific configurations. The flaw could allow authors and […]
The post WordPress Download Manager Plugin was affected by two flaws appeared first on Security Affairs.
Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile victims. The long-running operation carried out by the group mostly targeted […]
The post GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia appeared first on Security Affairs.
The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said.
Secretive gangs are hacking the computers of governments, firms, even hospitals, and demanding huge sums. But if we pay these ransoms, are we creating a ticking time bomb?They have the sort of names that only teenage boys or aspiring Bond villains wou…
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Crooks target Kubernetes installs via Argo Workflows to deploy miners XCSSET MacOS malware targets Telegram, Google Chrome […]
Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed to have stolen approximately 780 GB of data. The stolen data include the source […]
The post Threat actors leaked data stolen from EA, including FIFA code appeared first on Security Affairs.