Feds explain how Iranian hackers obtained US voter registration data
The attacks involved exploitation of known vulnerabilities, directory traversal, SQL injection, web shell uploads, and unique flaws in websites.
Cybersecurity News - Page 342
Google exposes Windows zero-day vulnerability actively exploited in the wild
Attackers are using the zero-day Windows flaw together with separate bug in Chrome, which Google already fixed last month.
Vulnerability summary for the week: October 30, 2020
A weekly vulnerability digest.
Hackers are on the hunt for Oracle WebLogic servers vulnerable to CVE-2020-14882
The vulnerability allows unauthenticated attackers to take over the system by sending a simple HTTP GET request.
US Cyber Command provides info on malware implants used in attacks against parliaments, embassies
US authorities shared details on the ComRAT malware and the Zebrocy backdoor used by Russia-linked Turla and APT 28 hacker groups.
Maze ransomware gang prepares for shut down
The Maze group had stopped encrypting new victims in September 2020, and is now trying to get the last payments from their victims.
Iranian hackers targeted “high profile” security conference attendees
The attacks involved spoofed emails with invitations ostensibly sent from organizers of the Munich Security Conference and the Think 20 Summit in Saudi Arabia.
US authorities warn of a global North Korean cyber espionage operation
The group is focused on gathering intelligence on foreign policy and national security issues related to the Korean peninsula.
FBI: Hackers target misconfigured SonarQube instances to steal government source code
Malicious actors exploit known configuration vulnerabilities to gain access to proprietary code repos owned by government entities and private businesses.
Italian energy giant Enel suffers Netwalker ransomware attack
The cybercriminals behind the Netwalker ransomware operation claim to have stolen nearly 5 terabytes data from the company.
Showing elements 3411 - 3420