A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in … [Read more...] about FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks
attacks
Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago.Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software … [Read more...] about Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
Flaws in Samsung Phones Exposed Android Users to Remote Attacks
New research disclosed a string of severe security vulnerabilities in the 'Find My Mobile'—an Android app that comes pre-installed on most Samsung smartphones—that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone.Portugal-based cybersecurity services provider Char49 revealed its … [Read more...] about Flaws in Samsung Phones Exposed Android Users to Remote Attacks
Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions
An emerging threat actor out of China has been traced to a new hacking campaign aimed at government agencies in India and residents of Hong Kong intending to steal sensitive information, cybersecurity firm Malwarebytes revealed in the latest report shared with The Hacker News.The attacks were observed during the first week of July, coinciding the passage of controversial … [Read more...] about Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions
Intel CPUs Vulnerable to New ‘SGAxe’ and ‘CrossTalk’ Side-Channel Attacks
Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments (TEE).Called SGAxe, the first of the flaws is an evolution of the previously uncovered CacheOut attack (CVE-2020-0549) earlier this year that allows an attacker to retrieve the contents … [Read more...] about Intel CPUs Vulnerable to New ‘SGAxe’ and ‘CrossTalk’ Side-Channel Attacks
New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks
Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware.Though the new malware campaigns are not customized for each organization, the threat actors appear to … [Read more...] about New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks
New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today.With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which … [Read more...] about New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!
Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks
In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in "about: pages" that are the gateway to sensitive preferences, settings, and statics of the browser.Firefox browser has 45 such internal locally-hosted about pages, some of which … [Read more...] about Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks
SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks
Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS.If you are unaware, the name "SimJacker" has been given to a class of vulnerabilities that resides due to a lack of … [Read more...] about SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks
Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks
Watch out Windows users!The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection.The vulnerable component in question is the Bonjour updater, a zero-configuration implementation … [Read more...] about Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks