БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 2

Dec 19, 2023

Over 86,000 Routers at Risk — Is Yours One of Them? Shocking Vulnerabilities in Widely Used OT/IoT Routers

Posted by in category: cybercrime/malcode

– Is Yours One of Them? Shocking Vulnerabilities in Widely Used OT/IoT Routers — Vulnerabilities — Information Security Newspaper | Hacking News.

Dec 19, 2023

How hrserver.dll stealthy webshell can mimic Google’s Web Traffic to hide and compromise networks

Posted by in category: cybercrime/malcode

Malware — information security newspaper | hacking news.

Dec 19, 2023

Your Google Cloud Security Might Be at Risk. Hacking GCP via Google Workspace flaw

Posted by in category: cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Dec 19, 2023

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

Posted by in category: cybercrime/malcode

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.

The security shortcoming is CVE-2020–14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.

“This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020–14882 (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials,” Imperva said in a report published last week.

Dec 19, 2023

Silent Email Attack CVE-2023–35628 : How to Hack Without an Email Click in Outlook

Posted by in category: cybercrime/malcode

Vulnerabilities — information security newspaper | hacking news.

Dec 15, 2023

U.S. and China race to shield secrets from quantum computers

Posted by in categories: cybercrime/malcode, encryption, mathematics, quantum physics

No one knows who might get there first. The United States and China are considered the leaders in the field; many experts believe America still holds an edge.

As the race to master quantum computing continues, a scramble is on to protect critical data. Washington and its allies are working on new encryption standards known as post-quantum cryptography – essentially codes that are much harder to crack, even for a quantum computer. Beijing is trying to pioneer quantum communications networks, a technology theoretically impossible to hack, according to researchers. The scientist spearheading Beijing’s efforts has become a minor celebrity in China.

Quantum computing is radically different. Conventional computers process information as bits – either 1 or 0, and just one number at a time. Quantum computers process in quantum bits, or “qubits,” which can be 1, 0 or any number in between, all at the same time, which physicists say is an approximate way of describing a complex mathematical concept.

Dec 14, 2023

China’s Cyber Threat: Is U.S. Infrastructure at Risk?

Posted by in categories: cybercrime/malcode, military

The Chinese military has been escalating its cyber capabilities, posing a potential threat to key American infrastructure. This includes power and water utilities, as well as communication and transportation systems. Over the past year, hackers affiliated with China’s People’s Liberation Army have successfully infiltrated the computer systems of approximately two dozen critical entities.

These cyber intrusions are not isolated incidents. They are part of a broader strategy to develop methods that could cause panic, chaos, or disrupt logistics in the event of a U.S.-China conflict. The victims of these cyber-attacks include a water utility in Hawaii, a major West Coast port, and at least one oil and gas pipeline. There was also an attempt to breach the operator of Texas’s power grid.

Dec 14, 2023

China’s Military Linked to Cyber Infiltration of US Essential Services: Report

Posted by in categories: cybercrime/malcode, military

Takeaways:

• The Chinese military is reportedly increasing its attempts to infiltrate essential infrastructure, utilities, communication, and transportation services in the U.S., according to anonymous U.S. officials and cybersecurity experts.

Continue reading “China’s Military Linked to Cyber Infiltration of US Essential Services: Report” »

Dec 13, 2023

Chinese hackers allegedly target US infrastructure as ‘Volt Typhoon’

Posted by in categories: cybercrime/malcode, energy

The intrusions are part of a broader effort to develop ways to sow chaos or snarl logistics in the event of a U.S.-China conflict in the Pacific, officials say.


While both China and the United States of America have accused each other of conducting cyberattacks for years now, recently, China’s People’s Liberation Army allegedly involved in a series of cyber intrusions referred to as “Volt Typhoon.”

The Washington Post reported earlier this morning that these attacks targeted critical American infrastructure, including water utility systems in Hawaii, major ports on the West Coast, and an oil and gas pipeline, according to experts.

Continue reading “Chinese hackers allegedly target US infrastructure as ‘Volt Typhoon’” »

Dec 12, 2023

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

Posted by in categories: cybercrime/malcode, robotics/AI

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites.

Known as Backup Migration, the plugin helps admins automate site backups to local storage or a Google Drive account.

The security bug (tracked as CVE-2023–6553 and rated with a 9.8÷10 severity score) was discovered by a team of bug hunters known as Nex Team, who reported it to WordPress security firm Wordfence under a recently launched bug bounty program.

Page 2 of 19412345678Last