hackers

Criminals have been hacking the websites of online stores for several years. The Investigative Department of the Russian Interior Ministry has completed a preliminary investigation of a criminal case against a group of hackers who for several years hacked the websites of online stores and stole...

What do cybercriminals plan to do with the information they receive? Security researchers at Proofpoint have discovered that a hacker group allegedly operating in the interests of China is using a new version of the SugarGh0st RAT malware to steal information from artificial intelligence...

South Korean government networks have tested the power of the Trojan. Cybersecurity company Symantec identified a new tool of the North Korean group Kimsuki, which is used to attack government and commercial organizations in South Korea. The new malware is called Gomir and is a Linux version...

Domain Name Server spoofing (DNS) is a cyberattack where an attacker directs the victim's traffic to a malicious site (instead of a legitimate IP address). Attackers use the method of" poisoning " the DNS cache to intercept Internet traffic and steal credentials or confidential information. DNS...

In 2015, the portal for "anonymous" infidelities made one of the most high-profile leaks of the century… In the early 2000s, the dating site Ashley Madison, which helped married people start extramarital affairs, was experiencing a peak in popularity. More than 37 million people have registered...

Massive attacks on vulnerable routers are now a matter of time. SSD Secure Disclosure discovered vulnerabilities in the D-Link EXO AX4800 router (DIR-X4860) that allow you to take full control of the device. Flaws were found in DIR-X4860 routers with the latest firmware version...

3 months without updates is a great opportunity for cybercriminals. The world's largest vulnerability database, NVD, managed by the US National Institute of Standards and Technology (NIST), recently experienced a major outage that resulted in a significant increase in the number of unpublished...

Rust-based software, fake signatures, and communication with OceanLotus. What else will surprise the group? In the period from 2022 to 2023, the Timitator group of cyber criminals actively attacked Chinese energy, scientific and military institutions. The attacks were carried out using phishing...

The simulation environment will allow you to create invulnerable devices that do not need additional protection. MITRE Corporation has introduced a new threat modeling framework, EMB3D, designed for manufacturers of embedded devices used in mission-critical infrastructures. The model provides a...

How did an ordinary network tool gradually turn into a powerful cyber weapon? Recently, hackers are increasingly using the DNS tunneling method to track when victims open phishing emails and click on malicious links, as well as to scan networks for vulnerabilities. DNS tunneling consists of...

Update as soon as possible to protect vulnerable servers. The developers of Cacti, an open source network monitoring and management system, have fixed 12 vulnerabilities, including two critical ones that lead to arbitrary code execution. Here are the most serious of the patched...

Some companies don't even know who is actually flooding them with emails. The researchers found an actively developing social engineering campaign aimed at obtaining initial access to corporate IT systems for their further operation. Attackers bombard businesses with spam mailings to capture...

The popular "requests" package has been maliciously modified. Security researchers from Phylum discovered a malicious package in the popular PyPI repository that disguises itself as the popular "requests" library, but in reality poses a significant threat to the entire developer community. The...

A daring cyberattack exposed the vulnerabilities of dozens of government resources. Researchers of the TechCrunch identified about four dozen advertising links with the domain "gov.in" owned by the governments of various Indian states such as Bihar, Goa, Karnataka, Kerala, Mizoram and...

The crime was solved by specialists of the regional Federal Security Service of Russia. This was reported in the press service of the ministry. The Federal Security Service of Russia for the Stavropol Territory has documented the illegal activities of local residents involved in the use of...

The attack makes a loss of $46,000 daily. Sysdig discovered a new attack scheme in which stolen credentials for cloud services are used to access the services of cloud LLM models in order to sell access to other cybercriminals. The detected attack was directed at the Claude (v2/v3) model from...

A new malicious campaign leaves no chance for South Korean civil servants. North Korean hacker group Kimsuky uses advanced cyber espionage techniques, including the use of social networks and system management tools. This is reported by a recent report of the South Korean company Genians...

More frequent attacks call into question the privacy of thousands of doctors and millions of patients. Ascension, one of the largest private healthcare systems in the United States, has been forced to shut down some of its systems to investigate what the organization describes as a...

Hundreds of thousands of people lost money by trusting the wrong online stores. An international investigation conducted by The Guardian, Die Zeit and Le Monde has uncovered one of the largest Internet fraud schemes in history. Hundreds of thousands of people in Europe and the United States...

The high-profile hack of MOVEit Transfer still reminds us of itself with sudden information security discoveries. A year after a high-profile cyber attack by the Clop group, during which hundreds of companies were compromised with confidential data, the University system of Georgia (USG), which...