TheHackerNews

April 5, 2022 A previously undocumented “sophisticated” information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. “BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP credentials, saved browser credentials, and email clients,” Zscaler ThreatLabz researchers Mitesh Wani …

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums Read More »

April 5, 2022 A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale. Dubbed “Brokenwire,” the method interferes with the control communications that transpire between the …

Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles Read More »

April 5, 2022 At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and SideWinder, have targeted a variety of sectors, including energy, …

Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware Read More »

April 5, 2022 A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially. “The Beastmode (aka B3astmode) Mirai-based DDoS campaign has aggressively updated its arsenal of exploits,” Fortinet’s FortiGuard Labs Research team said. “Five …

Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers Read More »

April 3, 2022 A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. “An attacker exploiting the first one could take over any developer account and publish malicious releases, …

15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks Read More »

April 3, 2022 The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. “Both teenagers have been charged with: three counts of unauthorized access to a computer with …

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group Read More »

April 3, 2022 DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts. Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have been discovered internally by the GitLab team. <!–adsense–> “A hardcoded password …

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts Read More »

April 2, 2022 A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data. “The nature of targeting was opportunistic insofar that multiple infections in several countries and various sectors …

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit Read More »

April 2, 2022 Two new security vulnerabilities have been disclosed in Rockwell Automation’s programmable logic controllers (PLCs) and engineering workstation software that could be exploited by an attacker to inject malicious code on affected systems and stealthily modify automation processes. The flaws have the potential to disrupt industrial operations and cause physical damage to factories …

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code Read More »

April 2, 2022 The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne. The findings come as the U.S. telecom company disclosed that it was the target of a …

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems Read More »