October 23, 2024 at 04:35PM A hacker named Satanic claims to have stolen records of 350 million Hot Topic customers, including personal information. They demand $20,000 for the database, asserting limited financial details are compromised. The breach possibly originated from an employee’s malware infection. The data’s actual value appears minimal despite its large scale. **Meeting … Read more
July 9, 2024 at 07:07AM The internet is divided into Clear Web, Deep Web, and Dark Web. Clear Web is publicly accessible, while Deep Web requires credentials and Dark Web involves anonymous and encrypted sources. Tor, a network for anonymous communication, facilitates illegal activities. Criminal services, forums, and network attacks operate within the Dark Web’s … Read more
April 26, 2024 at 10:23AM A campaign named “Dev Popper” is targeting developers with fake job interviews to trick them into downloading and running a Python remote access trojan (RAT), enabling the threat actors to gather system information and gain remote access. Analysts suspect North Korean involvement based on observed tactics. Similar tactics have been … Read more
April 5, 2024 at 07:06AM Sansec reports exploitation of CVE-2024-20720 in Magento, allowing backdoor injection. Adobe patched it in Feb 2024, but unpatched websites remain vulnerable. Threat actors exploit by injecting XML code. Attackers use layout parser and assert package for system command execution. Backdoor is periodically reinfected for remote code execution and payment data … Read more
March 18, 2024 at 10:21AM Fujitsu, a leading Japanese technology company, confirmed a cyberattack resulting in the likely theft of personal and customer information. Malware infected work computers, prompting immediate disconnection and enhanced monitoring. The company is investigating the incident, informed relevant authorities, and has begun notifying affected individuals and customers while continuing to assess … Read more
February 28, 2024 at 11:57PM Acemagic, a Chinese PC maker, confirmed the presence of Bladabindi and Redline malware on some of its mini PCs. The company explained that developers’ adjustments to enhance user experience inadvertently caused the malware. Acemagic will issue refunds for affected machines and offer rebates for disinfecting and future purchases. The alleged … Read more
February 27, 2024 at 12:27PM Russian military hackers, tracked as APT28 and Fancy Bear, are using compromised Ubiquiti EdgeRouters to build botnets for cyber espionage. They target militaries, governments, and organizations worldwide by stealing credentials, hosting malicious tools, and phishing landing pages. The FBI advises performing a factory reset, upgrading firmware, changing credentials, and implementing … Read more
November 29, 2023 at 01:06AM A new ransomware called Xaro, derived from the DJVU/STOP strain, has been spreading through disguised cracked software. It encrypts files and steals information, demanding $980 in ransom. The malware also installs additional payloads like stealer and loader programs, aiming for double extortion and increased attack success rates. Cybersecurity experts warn … Read more
October 26, 2023 at 10:56AM StripedFly is a sophisticated cross-platform malware that infected over a million Windows and Linux systems for five years. Kaspersky discovered it in 2022 and found evidence of its activity since 2017. The malware features TOR-based traffic concealing mechanisms, automated updating, worm-like spreading, and an exploit created before it was publicly … Read more