U.S. Charges 9 ‘SIM Swapping’ Attackers For Stealing $2.5 Million

The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called “The Community” and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly $2.5 million worth of the cryptocurrency using a method known as “SIM Swapping.” According to the Read more about U.S. Charges 9 ‘SIM Swapping’ Attackers For Stealing $2.5 Million[…]

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data

The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by Read more about North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data[…]

‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on Read more about ‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic[…]

U.S. Charges Chinese Hacker For 2015 Anthem Data Breach

The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies. Fujie Wang (王 福 杰) and another hacker named John Doe with three different aliases—Deniel Jack, Kim Read more about U.S. Charges Chinese Hacker For 2015 Anthem Data Breach[…]

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store. A WordPress security company—called “Plugin Vulnerabilities“—that recently gone rogue in order to protest against moderators of the WordPress’s official support Read more about Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension[…]

New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches

Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner. Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy violations, it seems Read more about New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches[…]

Docker Hub Suffers a Data Breach, Asks Users to Reset Password

Docker Hub, one of the largest cloud-based library of Docker container images, has suffered a data breach after an unknown attacker gained access to the company’s single Hub database. Docker Hub is an online repository service where users and partners can create, test, store and distribute Docker container images, both publicly and privately. The breach Read more about Docker Hub Suffers a Data Breach, Asks Users to Reset Password[…]

Unprotected Database Exposes Personal Info of 80 Million American Households

A team of security researchers has claims to have found a publicly-accessible database that exposes information on more than 80 million U.S. households—nearly 65 percent of the total number of American households. Discovered by VPNMentor’s research team lead by hacktivists Noam Rotem and Ran Locar, the unsecured database includes 24GB of extremely detailed information about Read more about Unprotected Database Exposes Personal Info of 80 Million American Households[…]

Rapidly Growing Electrum Botnet Infects Over 152,000 Users; Steals $4.6 Million

An ongoing attack against Electrum Bitcoin wallets has just grown bigger and stronger with attackers now targeting the whole infrastructure of the exchange with a botnet of over 152,000 infected users, raising the amount of stolen users’ funds to USD 4.6 million. Electrum has been facing cyber attacks since December last year when a team Read more about Rapidly Growing Electrum Botnet Infects Over 152,000 Users; Steals $4.6 Million[…]

Over Dozen Popular Email Clients Found Vulnerable to Signature Spoofing Attacks

A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft Outlook, Apple Mail with GPGTools, iOS Mail, GpgOL, KMail, Evolution, MailMate, Airmail, K-9 Mail, Read more about Over Dozen Popular Email Clients Found Vulnerable to Signature Spoofing Attacks[…]