Hacking News

Charming Kitten APT is targeting Iranian dissidents in Germany

Germany’s Federal Office for the Protection of the Constitution (BfV) warns that the Charming Kitten APT group targeted Iranian dissidents in the country. The Federal Office for the Protection of the Constitution (BfV) is warning that an alleged nation-state actor targeted Iranian dissident organizations and individuals in the country. The intelligence agency attributes the attack […]

The post Charming Kitten APT is targeting Iranian dissidents in Germany appeared first on Security Affairs.

August 11, 2023
0 comment
Read More >>

Statc Stealer, a new sophisticated info-stealing malware

Experts warn that a new info-stealer named Statc Stealer is infecting Windows devices to steal a broad range of sensitive information. Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. The malware can steal sensitive information from various web browsers, including login data, […]

The post Statc Stealer, a new sophisticated info-stealing malware appeared first on Security Affairs.

August 11, 2023
0 comment
Read More >>

CISA discovered a new backdoor, named Whirlpool, used in Barracuda ESG attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) observed a new backdoor, named Whirlpool, in attacks on Barracuda ESG appliances. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor, named Whirlpool, that was employed in attacks targeting Barracuda ESG devices. At the end of May, the network security solutions provider Barracuda warned […]

The post CISA discovered a new backdoor, named Whirlpool, used in Barracuda ESG attacks appeared first on Security Affairs.

August 10, 2023
0 comment
Read More >>

CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog

US CISA added zero-day vulnerability CVE-2023-38180 affecting .NET and Visual Studio to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added an actively exploited zero-day vulnerability CVE-2023-38180 (CVSS score 7.5) affecting .NET and Visual Studio to its Known Exploited Vulnerabilities Catalog. The vulnerability can be exploited to trigger a denial-of-service (DoS) condition, […]

The post CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

August 10, 2023
0 comment
Read More >>

US Govt launches Artificial Intelligence Cyber Challenge

The US Government House this week launched an Artificial Intelligence Cyber Challenge competition for creating a new generation of AI systems. On Wednesday, the United States Government House introduced an Artificial Intelligence Cyber Challenge competition. The two-year competition aims to foster the development of innovative AI systems that can protect critical applications from cyber threats. […]

The post US Govt launches Artificial Intelligence Cyber Challenge appeared first on Security Affairs.

August 10, 2023
0 comment
Read More >>

Data of all serving police officers Police Service of Northern Ireland (PSNI) mistakenly published online

Police Service of Northern Ireland (PSNI) mistakenly shared sensitive data of all 10,000 serving police officers in response to a FOI request. The Police Service of Northern Ireland (PSNI) has mistakenly shared sensitive data of all 10,000 serving police officers in response to a Freedom of Information (FOI) request. The request aimed at determining the […]

The post Data of all serving police officers Police Service of Northern Ireland (PSNI) mistakenly published online appeared first on Security Affairs.

August 10, 2023
0 comment
Read More >>

Balada Injector still at large – new domains discovered

The Balada Injector is still at large and still evading security software by utilizing new domain names and using new obfuscation. During a routine web monitoring operation, we discovered an address that led us down a rabbit hole of WordPress-orientated “hack waves” caused by the Balada Injector malware. This evidence suggests that the malware is […]

The post Balada Injector still at large – new domains discovered appeared first on Security Affairs.

August 9, 2023
0 comment
Read More >>

EvilProxy used in massive cloud account takeover scheme

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months. Most of the attacks targeted high-ranking executives. The researchers estimated […]

The post EvilProxy used in massive cloud account takeover scheme appeared first on Security Affairs.

August 9, 2023
0 comment
Read More >>

Downfall Intel CPU side-channel attack exposes sensitive data

Google researcher Daniel Moghimi devised a new side-channel attack technique, named Downfall, against Intel CPU. Google researcher Daniel Moghimi devised a new side-channel attack technique Intel CPU, named Downfall, that relies on a flaw tracked as CVE-2022-40982. An attacker can exploit this vulnerability to access and steal data from other users who share the same […]

The post Downfall Intel CPU side-channel attack exposes sensitive data appeared first on Security Affairs.

August 9, 2023
0 comment
Read More >>

LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems

The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems. The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. Varian Medical Systems, Inc. designs, manufactures, sells, and services medical devices and software products […]

The post LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems appeared first on Security Affairs.

August 9, 2023
0 comment
Read More >>