In August, Imperva, a security vendor that provides network security software and services admitted that the company’s cloud firewall product, Cloud Web Application Firewall (Cloud WAF), led to the compromise of customer data. In the results of the survey released recently, Imperva said that the data breach occurred because the AWS API key had been stolen. Read the rest of this post »
Published by Emerson L. Sullivan on October 15, 2019 9:11 am
Recently, a 29-year-old Singaporean hacker Matthew Ho was arrested for stealing mining resources from Amazon AWS and Google Cloud. He faces at least 34 years in prison on 14 counts of wire fraud, illegal access to equipment and identity theft. Read the rest of this post »
Published by Emerson L. Sullivan on October 12, 2019 2:59 am and last modified on October 12, 2019 3:00 am.
New Zealand’s primary health organization Tū Ora Compass Health official website was attacked by hackers in August this year. The later investigation revealed that the hacker had invaded the websites dating back to 2016, and there may be 1 million users’ data has been leak. Read the rest of this post »
Published by Emerson L. Sullivan on October 10, 2019 6:42 am
Beginning on September 24th, Bitcoin collapsed for a full week and prices continued to fluctuate around $8,000. Bitcoin buyers have now received warnings that their cryptocurrency investments face another threat. Uniper Threat Labs security researchers say the spyware provided by the Trojan uses the encrypted Telegram messaging platform to reveal cryptocurrency data. Read the rest of this post »
Published by Emerson L. Sullivan on October 8, 2019 2:39 am and last modified on October 8, 2019 2:39 am.
At the end of August, Nemty Ransomware was actively, spreading via compromised RDP connections. The ransomware virus has been traded through the dark network, and the ransomware mode of “blocking the road, robbing and sitting on the ground” has forced the user to accumulate wealth.
Now, 1.5 version of the Nemty ransomware virus has hit again, raging the network. Read the rest of this post »
Published by Emerson L. Sullivan on October 5, 2019 11:27 am and last modified on September 30, 2019 11:56 am.
Since the Astaroth fileless attack was released in July this year, Microsoft has once again revealed a new wave of Nodersok file-free attacks recently. The hackers also use legitimate tools to launch attacks in order to convert infected systems into proxies and perform click-fraud. It is estimated that thousands of Windows computers have been wrapped up.
Nodersok attacks do not infect any files on the device, and do not leave traces on the hard disk. It is only a series of infections are launched through legitimate tools.
Microsoft said that Nodersok, like Astaroth, performs every step of the infection chain only on legitimate tools, whether it’s the built-in mshta.exe and powershell.exe, or node.exe and Windivert.dll/sys downloaded from a third-party website. The functionalities that come with these scripts or Shellcodes appear encrypted form. They then are decrypted, and executed only in memory. No malicious code is written to the hard disk.
Microsoft discovered the Nodersok attack in mid-July this year and launched an investigation because it detected an abnormality in the use of mshta.exe. Now Nodersok’s main goal is to target the average consumer in the US and Europe.
Published by Emerson L. Sullivan on October 2, 2019 7:08 am and last modified on September 30, 2019 8:08 am.
The Captcha verification code mechanism (a method for identifying real humans or network robots by identifying the letters in the picture) is familiar for most Internet users. However, this mechanism is no longer safe. Security researchers have found that hackers are using it to take victims to phishing pages. According to researchers, the phishing campaign uses captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs) into order to trick victims into providing sensitive information. Read the rest of this post »
Published by Emerson L. Sullivan on September 27, 2019 2:29 am
Security vendor UpGuard announced a data breach this week, saying its researchers found 1.7TB of data on a public rsync server, and the data content revolves around Russia’s network monitoring system SORM. Read the rest of this post »
Published by Emerson L. Sullivan on September 23, 2019 2:19 am
On September 18, Symantec, a network security company, said that since July 2018, the gang of Tortoiseshell hackers has attacked at least 11 organizations, most of which are located in Saudi Arabia. The hacker group mainly targets Saudi IT vendors and collects data including IP addresses, the operating system version, computer name, and network connections on its network. Researchers say they don’t have enough information to attribute this behavior to a known organization or government. However, CrowdStrike’s vice president of intelligence said that the hackers described by Symantec seem to be supporting the Islamic Revolutionary Guard Corps. Read the rest of this post »
Published by Emerson L. Sullivan on September 20, 2019 2:21 am
On September 16, ZDNet reported that more than 24.38 million Lumin PDF users were disclosed on the Hacking Forum. Lumin PDF is a little-known cloud-based service that allows users to view, edit, and share PDF files through web-based dashboards, browser extensions, or corporate mobile applications. Read the rest of this post »
Published by Emerson L. Sullivan on September 18, 2019 8:29 am and last modified on September 18, 2019 8:30 am.