БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 12

Dec 19, 2023

Your Google Cloud Security Might Be at Risk. Hacking GCP via Google Workspace flaw

Posted by in category: cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Dec 19, 2023

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

Posted by in category: cybercrime/malcode

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.

The security shortcoming is CVE-2020–14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.

“This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020–14882 (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials,” Imperva said in a report published last week.

Dec 19, 2023

Silent Email Attack CVE-2023–35628 : How to Hack Without an Email Click in Outlook

Posted by in category: cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Dec 15, 2023

U.S. and China race to shield secrets from quantum computers

Posted by in categories: cybercrime/malcode, encryption, mathematics, quantum physics

No one knows who might get there first. The United States and China are considered the leaders in the field; many experts believe America still holds an edge.

As the race to master quantum computing continues, a scramble is on to protect critical data. Washington and its allies are working on new encryption standards known as post-quantum cryptography – essentially codes that are much harder to crack, even for a quantum computer. Beijing is trying to pioneer quantum communications networks, a technology theoretically impossible to hack, according to researchers. The scientist spearheading Beijing’s efforts has become a minor celebrity in China.

Quantum computing is radically different. Conventional computers process information as bits – either 1 or 0, and just one number at a time. Quantum computers process in quantum bits, or “qubits,” which can be 1, 0 or any number in between, all at the same time, which physicists say is an approximate way of describing a complex mathematical concept.

Dec 14, 2023

China’s Cyber Threat: Is U.S. Infrastructure at Risk?

Posted by in categories: cybercrime/malcode, military

The Chinese military has been escalating its cyber capabilities, posing a potential threat to key American infrastructure. This includes power and water utilities, as well as communication and transportation systems. Over the past year, hackers affiliated with China’s People’s Liberation Army have successfully infiltrated the computer systems of approximately two dozen critical entities.

These cyber intrusions are not isolated incidents. They are part of a broader strategy to develop methods that could cause panic, chaos, or disrupt logistics in the event of a U.S.-China conflict. The victims of these cyber-attacks include a water utility in Hawaii, a major West Coast port, and at least one oil and gas pipeline. There was also an attempt to breach the operator of Texas’s power grid.

Dec 14, 2023

China’s Military Linked to Cyber Infiltration of US Essential Services: Report

Posted by in categories: cybercrime/malcode, military

Takeaways:

• The Chinese military is reportedly increasing its attempts to infiltrate essential infrastructure, utilities, communication, and transportation services in the U.S., according to anonymous U.S. officials and cybersecurity experts.

Continue reading “China’s Military Linked to Cyber Infiltration of US Essential Services: Report” »

Dec 13, 2023

Chinese hackers allegedly target US infrastructure as ‘Volt Typhoon’

Posted by in categories: cybercrime/malcode, energy

The intrusions are part of a broader effort to develop ways to sow chaos or snarl logistics in the event of a U.S.-China conflict in the Pacific, officials say.


While both China and the United States of America have accused each other of conducting cyberattacks for years now, recently, China’s People’s Liberation Army allegedly involved in a series of cyber intrusions referred to as “Volt Typhoon.”

The Washington Post reported earlier this morning that these attacks targeted critical American infrastructure, including water utility systems in Hawaii, major ports on the West Coast, and an oil and gas pipeline, according to experts.

Continue reading “Chinese hackers allegedly target US infrastructure as ‘Volt Typhoon’” »

Dec 12, 2023

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

Posted by in categories: cybercrime/malcode, robotics/AI

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.

Known as Backup Migration, the plugin helps admins automate site backups to local storage or a Google Drive account.

The security bug (tracked as CVE-2023–6553 and rated with a 9.8÷10 severity score) was discovered by a team of bug hunters known as Nex Team, who reported it to WordPress security firm Wordfence under a recently launched bug bounty program.

Dec 12, 2023

Ukraine’s Kyivstar Says It Faces ‘Powerful’ Cyberattack

Posted by in categories: cybercrime/malcode, finance, mobile phones

Ukraine’s largest mobile phone operator said Russia was most likely behind a “powerful” cyberattack that disrupted phone and internet services Tuesday for about 24 million people in the country.

The cyberattack, the largest to strike Ukraine since Russia’s invasion began nearly two years ago, took down ATMs and digital banking services, disabled some air raid sirens, and hampered broader cellular service across Ukraine.

“This is definitely a cyberattack and the probability that Russian entities are behind it is very close to 100%,” Oleksandr Komarov, chief executive officer of Kyivstar GSM JSC, told Bloomberg by phone.

Dec 8, 2023

Artificial Intelligence is a Top Priority for Tech Leaders in 2024

Posted by in categories: cybercrime/malcode, robotics/AI

AI will improve cybersecurity they said in IEEE survey.

Page 12 of 204First910111213141516Last