Hackers believed to be working for Western intelligence agencies breached the systems of Russian tech giant Yandex last year as part of an attack that involved a new variant of the Regin malware, Reuters reported on Thursday. Reuters learned from four sources that the breach occurred between October and November 2018, it targeted Yandex’s research […]
Attacks and APT groups
Turla APT found exploiting LightNeuron backdoor, a first of its kind targeting Microsoft Exchange email servers. A Russian cyber-espionage group has developed and has been using one of the most complex backdoors ever spotted on an email server, according to new research published today by cyber-security firm ESET. The backdoor, named LightNeuron, was specifically designed […]
Even the Central Intelligence Agency has a so-called onion service now….
Wyzant—an online marketplace that makes it easy for parents and students to connect with private tutors, in-person and online, in over 250 different subjects—has suffered a data breach exposing “certain personal identification information” for its customers. The Hacker News received a copy of an email notification Wyzant recently sent to its affected customers, which reveals […]
Israel military said it bombed building housing Hamas cyber forces. For the first time, Israel has used brute military force to respond to a Hamas cyber-attack, three years after NATO proclaimed “cyber” an official battlefield in modern warfare. The “bomb-back” response took place on Saturday when Israel Defense Forces (IDF) launched an air-strike against a […]
MegaLocker encrypts a victim’s files using AES-128 ECB, and adds the extension “.nampohyu” to files. The ransom note “!DECRYPT_INSTRUCTION.TXT” instructs the victim to go to a Tor website to contact the criminals. The text of the ransom note can be found below: What happened to your files ? All of your files were protected by […]
A recently detected variant of the AESDDoS botnet malware is targeting a recent vulnerability Atlassian’s collaborative software Confluence, Trend Micro’s security researchers have discovered. The attack attempts to exploit a server-side template injection vulnerability (CVE-2019-3396) in the Widget Connector macro in Confluence Server to install malware capable of performing distributed denial of service (DDoS) attacks, […]
Avast Security News Team, 27 April 2019 A hacker broke into ProTrack and iTrack vehicle-tracking GPS services to extort “reward” money and reveal the systems’ vulnerabilities. A hacker with the username “L&M” has infiltrated two GPS vehicle-tracking services, ProTrack and iTrack, gaining access to more than 27,000 accounts in South Africa, Morocco, India, the Philippines, […]
While foreign phone carriers are sharing data to stop SIM swap fraud, US carriers are dragging feet….
by Danny Bradbury The National Security Agency (NSA) has asked to end its mass phone surveillance program because the work involved outweighs its intelligence value, according to reports this week. Sources told the Wall Street Journal that the NSA has recommended the White House terminates its call data records (CDR) program. The logistics of operating […]