News

Researchers at cybersecurity firm Check Point discovered that many Android applications publicly expose sensitive user data through misconfigured third-party services. The research involved the analysis of 23 Android applications and revealed issues related to real-time databases, cloud storage keys, and push notifications. The exposed data, which pertains to more than 100 million Android users, includes…

The Open Systems Interconnection (OSI) model is one of the many useful tools we can use to stop cybersecurity threats. This long-standing standard separates a network into seven layers, offering suggestions for protecting each of them. In this blog series, we’ll examine the layers one by one to understand this model. Each piece follows the same…

Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea | IT Security News 24. May 2021 This article has been indexed from The Hacker News State-sponsored hackers affiliated with North Korea have been behind a slew of attacks on cryptocurrency exchanges over the past three years, new evidence has revealed.Attributing the attack with “medium-high”…

The Federal Bureau of Investigation said that the same group of online extortionists blamed for striking the Irish health system last week have also hit at least 16 US medical and first response networks in the past year. In an alert made public Thursday by the American Hospital Association, the FBI said the cybercriminals using…

State-sponsored hackers affiliated with North Korea have been behind a slew of attacks on cryptocurrency exchanges over the past three years, new evidence has revealed. Attributing the attack with “medium-high” likelihood to the Lazarus Group (aka APT38 or Hidden Cobra), researchers from Israeli cybersecurity firm ClearSky said the campaign, dubbed “CryptoCore,” targeted crypto exchanges in…

Cybercrime , Fraud Management & Cybercrime , Social Engineering Microsoft Says Spam Campaign Uses Updated Variant Prajeet Nair (@prajeetspeaks) • May 24, 2021     If the “Outgoing Payments” PDF is clicked, it downloads the StrRAT. (Source: Microsoft) Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that…

One of the largest insurance companies in the U.S. reportedly paid $40 million in ransom in March to regain control of its network following a ransomware attack. CNA Financial Corp. reportedly paid the hackers two weeks after a heap of company data was stolen, and employees of the company were locked out of their network, Bloomberg reported…

Поступили новые сведения об уязвимости CVE-2021-31166, обнаруженной в системном драйвере Windows — HTTP.sys. Напомним, что с помощью бреши не прошедший аутентификацию злоумышленник может отправить специально созданные пакеты, эксплуатирующие дыру. По словам исследователя Джима Девриза, опасная….

TPG Telecom Limited has disclosed that its legacy cloud-based hosting service, TrustedCloud, was affected in a recent cyberattack, with two clients found to have their data accessed. Only two TPG clients had their data stolen during the April cyberattack, which the enterprise observed on the same day, forcing it to take TrustedCloud offline while the…