The NB65 or Network Battalion 65 group, which is allied with the notorious hacker collective Anonymous, allegedly leaked more than 900,000 emails from the All-Russia State Television and Radio Broadcasting Company (VGTRK).
Cyble discovered a new RAT, dubbed Borat. With a builder, feature modules, and a server certificate, it offers ransomware and DDOS attack services. It is not known whether Borat is being sold or freely shared among cybercriminals. While analyzing the campaign and digging into its origin, a researchers group discovered the payload executable to be AsyncRAT, […]
The hacker disguised the phishing email as a payment notification from a trusted bank and asked the recipient to open the attached Excel file that is protected by a password.
The attacks took place between August last year and March, sources said. The investigation found the data passing in and out of Indian Load Despatch Centres to the Chinese state-sponsored C2 servers spread across the world, researchers said.
Since Russia’s invasion of Ukraine, Distributed Denial of Secrets team has been inundated with files that hacktivists say they’ve stolen from Russian banks, energy companies, government agencies and media companies.
The most critical of the vulnerabilities, with a CVSS score of 9.1, is CVE-2022-26851. Affected versions of the PowerScale OneFS software contain “a predictable file name from observable state”.
Tracked from CVE-2022-22954 to CVE-2022-22961 (CVSS scores: 5.3 – 9.8), the issues impact VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager.
Lambda is a scalable compute service offered by Amazon Web Services (AWS) for running code, server and OS maintenance, capacity provisioning, logging, and operating numerous backend services.
The exposed information includes names, addresses, phone numbers, dates of births, and partial or full social security numbers, as well as information about injuries and worker compensation claims.
Microsoft said that it’s currently tracking a “low volume of exploit attempts” targeting the critical Spring4Shell (aka SpringShell) remote code execution (RCE) vulnerability across its cloud services.