Microsoft Says It Disrupted the Operations of the Russian-speaking hack group SEABORGIUM

Microsoft Threat Intelligence Center (MSTIC) experts say they have disrupted an operation by the Russian-speaking hack group SEABORGIUM targeting people and organizations in NATO countries. Let me remind you that we also reported that IS Specialists Discovered a New Version of Malware from Russian Hackers LOLI Stealer. The grouping, which Microsoft calls SEABORGIUM, has been… Continue reading Microsoft Says It Disrupted the Operations of the Russian-speaking hack group SEABORGIUM

Researcher Hacks Starlink Terminal With $25 Homemade Board

Lennert Wouters, a researcher at the Catholic University of Leuven, who previously discovered a bug that allowed to hijack Tesla in a couple of minutes, said that he hacked the Starlink terminal using a $25 mod chip. At the Black Hat 2022 conference, Wouters announced that he intends to make this tool available for copying.… Continue reading Researcher Hacks Starlink Terminal With $25 Homemade Board

Chinese Hackers Injected a Backdoor into the MiMi Messenger

SEKOIA and Trend Micro specialists published reports on the activity of the Chinese hack group APT27 (aka Emissary Panda, Iron Tiger and LuckyMouse) and said that hackers introduced a backdoor into the MiMi messenger. The attackers have created a cross-platform malicious version of the Chinese messenger MiMi (秘密, “secret” in Chinese), and use it to… Continue reading Chinese Hackers Injected a Backdoor into the MiMi Messenger

Cuba Ransomware Operators Use Previously Unknown ROMCOM RAT

Palo Alto Networks reports that the Cuba ransomware operators have begun to use new tactics in their attacks, including the use of a previously unknown remote access trojan (RAT) called ROMCOM RAT. Let me remind you that we reported that New Cuba Ransomware Variant Involves Double-Extortion Scheme. In their report, the researchers talk about the… Continue reading Cuba Ransomware Operators Use Previously Unknown ROMCOM RAT

Auto Parts Manufacturer Attacked by Three Different Ransomware in Two weeks

Sophos experts told about an interesting case when an unnamed auto parts manufacturer was attacked by three different ransomware in a row, in just two weeks. Let me remind you that we also wrote that New RedAlert Ransomware Targets Windows and Linux VMware ESXi Servers, and also that Hackers Launched LockBit 3.0 and Bug Bounty… Continue reading Auto Parts Manufacturer Attacked by Three Different Ransomware in Two weeks

Microsoft fixes DogWalk bug as part of Patch Tuesday

Microsoft fixed more than 120 vulnerabilities this month, including the DogWalk bug, as part of the traditional “Update Tuesday”. Indeed, one of the most serious issues in the package was the DogWalk zero-day vulnerability (CVE-2022-34713, CVSS score 7.8), which leads to arbitrary code remote execution and is already under attack. In total, 121 vulnerabilities were… Continue reading Microsoft fixes DogWalk bug as part of Patch Tuesday

IS Specialists Discovered a New Version of Malware from Russian Hackers LOLI Stealer

Cyble Research Labs specialists found a sample of malware in the wild, which turned out to be an updated version of a previously discovered malware named LOLI Stealer. Let me remind you that we also reported that FFDroider Stealer is the new hazard to your social networks, and also that STOP Ransomware Spreads through Discord,… Continue reading IS Specialists Discovered a New Version of Malware from Russian Hackers LOLI Stealer

Slack Is Resetting User Passwords Due to a Bug

Slack developers have notified about 0.5% of users that they are forcibly resetting their passwords due to a bug. They will need to change their passwords due to a recently fixed bug that exposed salted password hashes when creating or revoking invite links. Let me remind you that we also wrote that ToTok messenger turned… Continue reading Slack Is Resetting User Passwords Due to a Bug

Most Often, Malware to Bypass Protection Impersonates Skype, Adobe Acrobat and VLC

VirusTotal analysts presented a report on the methods that malware operators use to bypass protection and increase the effectiveness of social engineering. The study showed that attackers are increasingly imitating legitimate applications such as Skype, Adobe Reader and VLC Player to gain the trust of victims. Let me remind you that we also wrote that… Continue reading Most Often, Malware to Bypass Protection Impersonates Skype, Adobe Acrobat and VLC

ParseThru Vulnerability Threatens Go-Based Applications

Researchers have discovered a vulnerability called ParseThru — the bug affects Go-based products and can be abused to gain unauthorized access to cloud applications. Experts from the Israeli company Oxeye, which specializes in the security of cloud applications, noticed the problem. ParseThru is related to how URL parsing is implemented in some Go applications. The… Continue reading ParseThru Vulnerability Threatens Go-Based Applications