New cyber ransomware, significant upgrades to cybercriminal groups’ arsenals, APT group assaults, hacking of routers and Microsoft Exchange systems via the spectacular exposures of ProxyShell and PetitPotam – learn about these and other developments in the field of information security in our analysis.
AT&T data reportedly pertaining to the largest US telecoms company’s 70 million users was put up for sale on a hacker site. Customer information includes identities, locations, contact information, dates of birth, and social security numbers. The AT&T database has a starting price of $ 200,000, with the possibility to acquire pieces for $ 30,000.
Operators of the well-known DDoS botnet Mirai are making use of vulnerabilities in the Realtek SDK. According to SAM, the assaults began three days after the specifics of the vulnerabilities were published by the information security business IoT Inspector. The vulnerabilities were first disclosed by SecurityLab a week ago.
After attacking Microsoft Exchange servers, LockFile encrypts Windows domains. LockFile initially appeared in July 2021, with a ransom message in the lock file-README.hta file. This is one of four groups that can pose a severe danger to businesses and vital assets.
Lojas Renner, a Brazilian apparel brand, has been the victim of a heinous cyber assault. According to one of the Brazilian blogs, the attack may have been carried out by the organization RansomExx. As a result of the event, several of its IT systems were inaccessible.
Ragnarok (Asnarök), a cyber ransomware organization, has proclaimed the end of its operations and offered a free application to restore encrypted files. On Thursday, August 26, the group’s darknet web page issued a free decryptor with an integrated master key for decoding. Security experts examined the decryptor and confirmed its validity. They are presently undertaking a comprehensive examination of the program with the goal of rebuilding it into a secure and user-friendly version that will be released on Europol’s NoMoreRansom webpage.
AT&T Alien Labs detected a cluster of Linux ELF programs as changes to the open-source PRISM backdoor. Over the last three years, the organization has employed the backdoor in many initiatives. During an attack on an organization, a new backdoor was planted in a bank’s computer network.
ESET cybersecurity specialists uncovered the SideWalk modular backdoor employed by an APT organisation named SparklingGoblin. This backdoor shares many similarities with the group’s CROSSWALK backdoor, which focuses on the educational sphere in East and Southeast Asia.
A previously unknown vulnerability in iOS can be exploited with just one click, according to a new report. Since February 2021, a vulnerability called FORCED ENTRY has been used in attacks on activists and dissidents in Bahrain. Cybercriminals are using commercial spyware Pegasus from NSO Group in phishing campaigns.
Intel 471 opens the curtain on how the ShinyHunters cybercriminal group conducts its operations. The group is closely scrutinizing the company’s source code on GitHub repositories for vulnerabilities that could be exploited to launch larger cyberattacks, according to a new report from Intel 471.
The State Department has been “cyberattacked,” a journalist says. The hacker attack may have happened “a couple of weeks ago,” the journalist said. It is unknown what measures were taken to mitigate the impact of the cyberattack, and what the current risks to operations are.
Hackers call themselves Belarusian cyber-guerrillas. The hackers have published a considerable part of the stolen data. The database contains lists of Interior Ministry informers, personal data of high-ranking officials and intelligence officers, and even recordings of secret telephone conversations.