Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide
By: Ravie Lakshmanan
A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan (RAT) to break into...
Technical Advisory – Linksys WRT160NL – Authenticated Command Injection (CVE-2021-25310)
Current Vendor: Belkin (Linksys)
Vendor URL: https://www.linksys.com/sg/p/P-WRT160NL/
Versions affected: 1.0.04 build 2 (FW_WRT160NL_1.0.04.002_US_20130619_code.bin)
Systems Affected: Linksys WRT160NL
Authors: Manuel Ginés - Manuel.Ginesnccgroupcom && Diego Gómez Marañón – Diego.GomezMaranonnccgroupcom
CVE Identifier: CVE-2021-25310
Risk: 8.8 (High)...
Breach Data Highlights a Pivot to Orgs Over Individuals
In 2020, breaches were down by 19%, while the impact of those compromises -- measured in people affected -- fell by nearly two-thirds.Both the number of data breaches and...
Law Enforcement Aims to Take Down Netwalker Ransomware
The Department of Justice has so far charged one Canadian national and seized nearly $500,000 in relation to Netwalker ransomware.The Department of Justice (DoJ) has announced a coordinated law...
Here is How Easily the Feds Identified a Darkweb Opioid Dealer
Darkweb markets provide drug dealers with an anonymous platform to peddle their wares but cannot account for all forms of human error.A group of federal law enforcement agents regularly...
Costly short squeeze makes Reddit required reading on Wall Street
Dennis Dick, a professional stock trader in Las Vegas, reads the site Seeking Alpha before work and keeps up to the minute throughout the trading day by watching Twitter,...
Cryptocurrency crime drops in 2020 but ‘DeFi’ breaches rise, study finds
Losses from cryptocurrency theft, hacks, and fraud fell 57% last year to $1.9 billion, as market participants boosted security systems, but crime in the ‘decentralized finance’ space continued to...
Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball
A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack.
The Mimecast certificate compromise reported earlier...
LogoKit Simplifies Office 365, SharePoint ‘Login’ Phishing Pages
A phishing kit has been found running on at least 700 domains – and mimicking services via false SharePoint, OneDrive and Office 365 login portals.
A newly-uncovered phishing kit, dubbed...
Cryptojacking malware targeting cloud apps gets new upgrades, worming capability
By:
Derek B. Johnson
A piece of cryptojacking malware with a penchant for targeting the cloud has gotten...
