Hacking News

The first iPhone Rapid Security Response update released by Apple fails to install

Apple has released its first Rapid Security Response update, but many iPhone users reported problems during the installation of the iOS Security Response. On June 2022, Apple announced that the Rapid Security Response feature would be available starting with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 operating systems.  Once a Rapid Security Response has been […]

The post The first iPhone Rapid Security Response update released by Apple fails to install appeared first on Security Affairs.

May 2, 2023
0 comment
Read More >>

Fortinet warns of a spike in attacks against TBK DVR devices

FortiGuard Labs researchers observed a worrisome level of attacks attempting to exploit an authentication bypass vulnerability in TBK DVR devices. FortiGuard Labs researchers are warning of a spike in malicious attacks targeting TBK DVR devices. Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK […]

The post Fortinet warns of a spike in attacks against TBK DVR devices appeared first on Security Affairs.

May 2, 2023
0 comment
Read More >>

North Korea-linked ScarCruft APT uses large LNK files in infection chains

North Korea-linked ScarCruft APT group started using oversized LNK files to deliver the RokRAT malware starting in early July 2022. Check Point researchers reported that the infection chains observed in the attacks attributed to North Korea-linked ScarCruft APT group (aka APT37, Reaper, and Group123) since 2022 have stopped heavily relying on malicious documents to deliver malware and instead […]

The post North Korea-linked ScarCruft APT uses large LNK files in infection chains appeared first on Security Affairs.

May 2, 2023
0 comment
Read More >>

CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link, Apache, and Oracle vulnerabilities to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog: CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability. The CVE-2023-1389 flaw is an unauthenticated […]

The post CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

May 2, 2023
0 comment
Read More >>

New Lobshot hVNC malware spreads via Google ads

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Researchers from Elastic Security Labs spotted a new remote access trojan dubbed LOBSHOT was being distributed through Google Ads. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the […]

The post New Lobshot hVNC malware spreads via Google ads appeared first on Security Affairs.

May 2, 2023
0 comment
Read More >>

T-Mobile suffered the second data breach in 2023

T-Mobile disclosed the second data breach of 2023, threat actors had access to the personal information of hundreds of customers since February. T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information of hundreds of customers starting in late February 2023. The security breach impacted a limited number of […]

The post T-Mobile suffered the second data breach in 2023 appeared first on Security Affairs.

May 1, 2023
0 comment
Read More >>

Experts spotted a new sophisticated malware toolkit called Decoy Dog

Infoblox researchers discovered a new sophisticated malware toolkit, dubbed Decoy Dog, targeting enterprise networks. While analyzing billions of DNS records, Infoblox researchers discovered a sophisticated malware toolkit, dubbed Decoy Dog, that was employed in attacks aimed at enterprise networks. Threat actors behind the malware were observed using known tricks to avoid detection such as registering a domain, […]

The post Experts spotted a new sophisticated malware toolkit called Decoy Dog appeared first on Security Affairs.

May 1, 2023
0 comment
Read More >>

German IT provider Bitmarck hit by cyberattack

Bitmarck, one of the largest IT service providers for social insurance carriers in Germany, announced yesterday that it has suffered a cyber attack. The German IT service provider Bitmarck announced on April 30 it had taken all its systems offline due to a cyberattack. The incident impacted statutory health insurance companies that have their IT operated […]

The post German IT provider Bitmarck hit by cyberattack appeared first on Security Affairs.

May 1, 2023
0 comment
Read More >>

Russian APT Nomadic Octopus hacked Tajikistani carrier

Russian APT group Nomadic Octopus hacked a Tajikistani carrier to spy on government officials and public service infrastructures. Russian cyber espionage group Nomadic Octopus (aka DustSquad) has hacked a Tajikistani telecoms provider to spy on 18 entities, including high-ranking government officials, telecommunication services, and public service infrastructures. The cyberspies compromised a broad range of devices, […]

The post Russian APT Nomadic Octopus hacked Tajikistani carrier appeared first on Security Affairs.

May 1, 2023
0 comment
Read More >>

Google banned 173k developer accounts in 2022

In 2022, Google prevented 1.43 million policy-violating apps from being published in the official Google Play store. Google announced that it prevented 1.43 million policy-violating applications from being published on Google Play in 2022. The IT giant also announced it has banned 173k developer accounts and prevented over $2 billion in fraudulent and abusive transactions. Google […]

The post Google banned 173k developer accounts in 2022 appeared first on Security Affairs.

May 1, 2023
0 comment
Read More >>