Unknown attackers have mounted disruptive distributed denial-of-service (DDoS) attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The list of targets included the websites of: The Ministry of Defence of Ukraine, The Armed Forces of Ukraine, The Ukrainian Public Radio, Privatbank, and Oschadbank. Of these targets, only the public radio's website remained online and available to users, bearing up against the attack. READ MORE...
VMware on Tuesday announced that it has patched several high-severity vulnerabilities that were disclosed last year at a major Chinese hacking contest. The security holes impact VMware ESXi, Workstation, and Fusion, and they were used at the 2021 Tianfu Cup hacking contest by Kunlun Lab, the team that won the event. Kunlun Lab earned a total of more than $650,000 for a wide range of exploits demonstrated at Tianfu Cup. READ MORE...
Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that's actively being jumped on by attackers in the wild. In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome's Animation component. This kind of flaw can lead to all sorts of misery, ranging from the corruption of valid data to the execution of arbitrary code on vulnerable systems. READ MORE...
The FBI and US Secret Service today released a joint cybersecurity advisory on pervasive ransomware-as-a-service group BlackByte, warning that attackers deploying the ransomware had infected organizations in at least three US critical infrastructure sectors - government facilities, financial, and food and agriculture - as well as others outside the US. READ MORE...
The infamous Emotet malware has switched tactics yet again, in an email campaign propagating through malicious Excel files, researchers have found. Researchers at Palo Alto Networks Unit 42 have observed a new infection approach for the high-volume malware, which is known to modify and change its attack vectors to avoid detection so it can continue to do its nefarious work, they wrote in a report published online Tuesday. READ MORE...
A Mexican businessman has admitted in a United States federal court to conspiring to sell and use interception devices and hacking services from companies in Italy, Israel, and elsewhere. The man, Carlos Guerrero, of Chula Vista, California, and Tijuana, Mexico, owned and operated multiple companies in the U.S. and Mexico. Documents presented in court allege that Guerrero brokered the same surveillance tools to Mexican government clients and commercial and private customers. READ MORE...
A reporter who faced potential hacking charges for viewing website source code in his browser can rest easier now that Missouri officials have decided not to prosecute him. This month, Cole County Prosecutor Locke Thompson announced no charges would be filed in conjunction with the revelation that Missouri's Department of Elementary and Secondary Education's (DESE) website exposed the Social Security details of educators. READ MORE...
Using pixelation to redact images? Those pixels may not actually be hiding anything. A researcher has demonstrated how he was able to successfully recover text that had been redacted using the pixelation technique. Further, the researcher has released a GitHub tool that can be used by anyone to reconstruct text from obscure, pixelated images. This week, Dan Petro, Lead Researcher at offensive security firm Bishop Fox has demonstrated how he was able to completely recover text from a pixelated image. READ MORE...