Google Fi says hackers accessed customer’s information
Reputation, Risk, Security

Google Fi says hackers accessed customer’s information

A data breach has been verified by Google Fi, the company that runs Google's mobile network, and it's likely connected to the recent security failure at T-Mobile that allowed hackers to obtain the personal information of millions of users. The principal network provider for Google Fi recently alerted the firm that there had been suspicious behavior pertaining to a third-party support system storing a "small quantity" of Google Fi customer data, according to an email issued to consumers on Monday and obtained by TechCrunch. The timing of the alert and the fact that Google Fi uses T-Mobile and U.S. Cellular to connect to the internet raise the possibility that the breach is related to the most recent T-Mobile hack read the complete article Google Fi says hackers accessed customers inf...
GitHub Confirms Signing Certificates Stolen in Cyber Attack Revokes Them
Resources, Risk, Security

GitHub Confirms Signing Certificates Stolen in Cyber Attack Revokes Them

GitHub acknowledged on Monday that during a cyberattack in December 2022, threat actors stole three digital certificates used for its Desktop and Atom applications. The business also stated in a blog post that it came to the conclusion that there was no risk to the GitHub.com services or illegal alterations to the projects after looking into the mishap. The statement by Alexis Wales, GitHub's vice president of security operations, states that "a set of encrypted code signing certificates were exfiltrated; however, the certificates were password-protected, and we have no indication of nefarious use." "We will invalidate the exposed certificates used by the GitHub Desktop and Atom applications as a precautionary step read the complete article GitHub Confirms Signing Certificates St...
Hackers Abused Microsoft’s Verified Publisher OAuth Apps to Breach Corporate Email Accounts
Risk, Security

Hackers Abused Microsoft’s Verified Publisher OAuth Apps to Breach Corporate Email Accounts

On Tuesday, Microsoft announced that it had taken action to disable phony Microsoft Partner Network (MPN) accounts that were being used to build malicious OAuth applications as part of a criminal operation to infiltrate the cloud environments of enterprises and steal email. The IT company claimed that the fraudulent actors "built applications that were subsequently deployed in a consent phishing campaign, which duped users into authorizing access to the phony apps." "This phishing campaign primarily targeted clients in the United Kingdom and Ireland." Consent phishing is a type of social engineering assault in which users are persuaded to provide permission to malicious cloud applications read the complete article Hackers Abused Microsoft's Verified Publisher OAuth Apps to Breach Co...
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
Resources, Risk, Security

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

Another wiper malware strain known as NikoWiper was employed by the Russia-affiliated Sandworm as part of an attack that was launched against a Ukrainian energy business in October 2022. Security firm ESET reported in its most recent APT Activity Report released with The Hacker News that "The NikoWiper is based on SDelete, a command line application from Microsoft that is used for safely deleting data." According to the Slovak cybersecurity company, the intrusions corresponded with missile strikes planned by the Russian military and targeted at the Ukrainian energy infrastructure, indicating common goals. The revelation comes only days after ESET linked Sandworm to SwiftSlicer, a Golang-based data wiper that was used on January 25, 2023, against an undisclosed Ukrainian organizat...
10 Free Sources To Learn Ethical Hacking
Courses, Risk, Security

10 Free Sources To Learn Ethical Hacking

By simulating an attack, ethical hacking is a technique for evaluating the security of a website or service. Its goal is to identify weaknesses and address them before an attacker may take advantage of them. Ethical hacking can be performed for free or as part of a contract that costs money. Although businesses frequently test their websites and applications, users can also utilize them to safeguard their accounts. One of the industries with the fastest global growth is ethical hacking. The first step is to choose a location for your ethical hacking practice. One can undertake ethical hacking in a variety of settings, but some demand more effort than others. We'll talk about several sources and websites where beginners can begin their quest for ethical hacking in this article. You'v...
Hacker finds bug that allowed anyone to bypass Facebook 2FA
Resources, Risk, Security

Hacker finds bug that allowed anyone to bypass Facebook 2FA

A bug in a new, centralized system that Meta developed for users to manage their Facebook and Instagram logins could have made it possible for nefarious hackers to disable two-factor safeguards on an account simply by knowing the phone number of the account holder. When a user entered the two-factor code used to log into their accounts on the new Meta Accounts Center, which enables users to link all of their Meta accounts, including Facebook and Instagram, Gtm Mänôz, a security researcher from Nepal, realized that Meta had not set up a limit on the number of attempts. An attacker might use the victim's phone number to access the centralized accounts center, link the victim's number to their own Facebook account, and then brute force the two-factor SMS code read the complete article ...
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
Risk, Security

QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates

A severe security hole affecting its network-attached storage (NAS) devices that might result in arbitrary code injection has been fixed by Taiwanese manufacturer QNAP through the delivery of updates. The vulnerability, tracked as CVE-2022-27596, has a CVSS rating of 9.8 out of a possible 10. Both QTS 5.0.1 and QuTS Hero H5.0.1 are affected. In a monday advisory, QNAP stated that if exploited, the vulnerability would allow remote attackers to inject malicious code. The NIST National Vulnerability Database (NVD) has identified the weakness as a SQL injection vulnerability despite the fact that the precise technical details around it are unclear read the complete article QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates. For recent and latest cybersec...
Five Data Wipers Attack Ukrainian News Agency
Risk, Security

Five Data Wipers Attack Ukrainian News Agency

Multiple harmful pieces of malware that were earlier this month employed in an attack against the nation's news agency have been found by Ukrainian cyber experts (Ukrinform). According to an update from the nation's Computer Emergency Response Team (CERT-UA), the attack was announced on the Telegram channel "CyberArmyofRussia Reborn" on January 17. A team at CERT-UA was instructed by Ukrinform to look at five scripts, and upon doing so, found that their functionality "is targeted at breaching the integrity and availability of information" (writing files/disks with zero bytes/arbitrary data and then deleting them). As far back as December 7th, 2022, the threat actors are thought to have obtained unauthorized remote access to the Ukrinform network read the complete article Five Dat...
Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware
Risk, Security

Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware

Threat actors have been getting around endpoint detection and response (EDR) security products for more than six years by using a malicious live software service called TrickGate. The findings were provided to Infosecurity earlier today by Check Point Research (CPR). According to a recent advisory, the analysis also indicates that a number of threat actors from organizations including Emotet, REvil, Maze, and others used the service to spread malware. More specifically, CPR calculated that threat actors used TrickGate to carry out between 40 and 650 attacks weekly over the course of the previous two years. The industrial industry was where most victims were found, but there were also victims in the business, healthcare, education, and finance sectors read the complete article Ha...
Black Basta Deploys PlugX Malware in USB Devices With New Technique
Risk, Security

Black Basta Deploys PlugX Malware in USB Devices With New Technique

An investigation into the deployment of a new PlugX malware variant that may automatically infect any attached removable USB media devices has identified the use of the Black Basta ransomware threat. The new PlugX variation is "wormable," according to Palo Alto Networks Unit 42, and it may infect USB devices in such a way as to disguise itself from the Windows Operating File System. This information was first shared with Infosecurity earlier today. According to a Unit 42 advisory regarding the new threat, "This PlugX virus also hides attacker files in a USB drive with a novel approach, making the harmful files only readable on a *nix OS or by mounting the USB device in a forensic tool." The PlugX malware can continue to proliferate read the complete article Black Basta Deploys Pl...