The hacker who last week sent out thousands of fake emails from FBI systems is offering to sell data allegedly stolen in the recent breach at mobile stock trading platform Robinhood. Robinhood last week revealed that it had suffered a data breach in early November after someone used social engineering to trick an employee into giving them access to some customer support systems. READ MORE...
Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan's then-government and security forces as the Taliban was moving in to take power. The Pakistan-based group, known as SideCopy, used "romantic lures" from what appeared to be young women on the platform to try to trick the targets into giving the hackers access to their pages. READ MORE...
US, UK, and Australian cybersecurity agencies warned today of ongoing exploitation of Microsoft Exchange ProxyShell and Fortinet vulnerabilities linked to an Iranian-backed hacking group. The warning was issued as a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom's National Cyber Security Centre (NCSC). READ MORE...
Vinny Troia, the cybersecurity researcher mentioned in a fake alert gushed out to thousands of people from the FBI's own email system on Friday night, has fingered the guy who allegedly pulled off the exploit. Troia - white hat threat hunter, cybercrime investigator and founder of security firms Night Lion Security and its rebranded version, Shadowbyte - said in a post published Tuesday that he was contacted on Friday night by the actor who claimed responsibility, Pompompurin. READ MORE...
A vulnerability in Netgear small office/home office (SOHO) devices can be exploited by an attacker on the local area network (LAN) to execute code remotely with root privileges, GRIMM security researchers warn. Tracked as CVE-2021-34991 (CVSS score of 8.8), the vulnerability is described as a pre-authentication buffer overflow and was found to affect a device's Universal Plug-and-Play (UPnP) daemon. READ MORE...
A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. These ransom demands come with a countdown timer to induce a sense of urgency and possibly panic a web admin into paying the ransom. While the ransom demand is not particularly significant compared to what we see on high-profile ransomware attacks, it can still be a considerable amount for many website owners. READ MORE...
Threat intelligence experts at Mandiant have tied the Belarus government to a large-scale disinformation campaign in Europe called Ghostwriter that others - including some European Union member states - have previously attributed to Russia's foreign intelligence services group. The report from Mandiant's threat intelligence team is based on the security vendor's observations of UNC1151, a threat group that it previously has identified as providing technical support to the Ghostwriter campaign. READ MORE...