Category: security
Salt Typhoon hackers used this clever technique to attack US networks
Cisco reveals Salt Typhoon used CVE-2018-0171 to breach target networks It needed login credentials, first The attackers are highly sophisticated and well-funded, Cisco said Chinese state-sponsored threat actor Salt Typhoon was abusing a vulnerability in the Smart Install feature of Cisco IOS software and Cisco IOS XE software to compromise…
Read More
Major website hijacking scam sees over 35,000 sites attacked, redirected to gambling sites, so be on your guard
Researchers found more than 35,000 compromised websites Sites were carrying malicious code that took over the browser window Visitors were being served casino landing pages More than 35,000 websites have been compromised in a major hacking campaign that saw users redirected to malicious pages, or possibly even served malware, experts…
Read More
The US Is Considering a TP-Link Router Ban—Should You Worry?
Several government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links. Source
Read More
North Korean hackers are posing as software development recruiters to target freelancers
North Korea is hiding malware in GitHub projects The projects are then sent to developers as a coding test BeaverTail malware is then used to steal credentials and crypto Freelance software developers are the latest target of North Korean hackers looking to spread infostealing malware, experts have warned. The latest…
Read More
Over a million clinical records exposed in data breach
A clinical research organization’s dataset has been discovered online The documents include Personally Identifiable Information (PII) It’s not clear whether criminals have accessed the information A dataset belonging to a clinical research firm has been discovered publicly exposed online without an encryption or password-protection. Security researcher Jeremiah Fowler discovered the…
Read More
Hackers are targeting Signal with new QR code-linked cyberattack
Google researchers are warning of an ongoing phishing campaign It distributes QR codes which grant the attackers access to people’s Signal accounts The targets are mostly military personnel, experts warn Russian state-sponsored threat actors have been increasingly targeting Signal Messenger users, with QR code-powered phishing attacks, malware, and more, experts…
Read More