Archive for the ‘hacking news’ Category

New Zoom Hack Lets Hackers Compromise Windows and Its Login Password

April 1st, 2020
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic overnight made it one of the most favorite communication tool for millions of people around the globe. No doubt, Zoom is an efficient online video meeting solution that's helping people stay socially connected during these unprecedented times, but it's

Posted in hack windows password, hacking news, SMB relay attack, Video Conferencing Software, video hack, windows security, zoom | Comments (0)

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

April 1st, 2020
Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at Guardicore

Posted in cryptocurrency, Cyber Attack, database hacking, Database Security, hacking news, Malware attack, MSSQL hacking, MySQL, Windows Malware | Comments (0)

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

March 24th, 2020
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the

Posted in cybersecurity, hacking news, HTTP, network security, openwrt, Router Security, Vulnerability | Comments (0)

TrueFire Guitar Tutoring Website Suffers Magecart-style Credit Card Breach

March 17th, 2020
Online guitar tutoring website TrueFire has apparently suffered a 'Magecart' style data breach incident that may have potentially led to the exposure of its customers' personal information and payment card information. TrueFire is one of the popular guitar tutoring websites with over 1 million users, where wanna-be-guitarists pay online to access a massive library of over 900 courses and

Posted in credit card breach, credit card hacking, cyber security, data breach, hacking news, magecart | Comments (0)

Europol Arrests 26 SIM Swapping Fraudsters For Stealing Over $3 Million

March 16th, 2020
Europol, along with the Spanish and the Romanian national police, has arrested 26 individuals in connection with the theft of over €3.5 million ($3.9 million) by hijacking people's phone numbers via SIM swapping attacks. The law enforcement agencies arrested 12 and 14 people in Spain and Romania, respectively, as part of a joint operation against two different groups of SIM swappers, Europol

Posted in bank hacking, computer fraud, hacker arrested, hacking news, Mobile Security, Sim hacking, SIM Swapping, SIM Swapping Attacker, Telecom hacking | Comments (0)

Virgin Media Data Leak Exposes Details of 900,000 Customers

March 6th, 2020
On the same day yesterday, when the US-based telecom giant T-Mobile admitted a data breach, the UK-based telecommunication provider Virgin Media announced that it has also suffered a data leak incident exposing the personal information of roughly 900,000 customers. What happened? Unlike the T-Mobile data breach that involved a sophisticated cyber attack, Virgin Media said the incident was

Posted in data breach, data leaked, Database Security, hacking news, Telecom company, Telecom hacking, Virgin Media, Virgin Mobile | Comments (0)

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

March 5th, 2020
The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. The affected pppd software is an implementation of Point-to-Point Protocol (PPP) that enables communication

Posted in hacking linux, hacking news, hacking router, Linux Vulnerability, Point-to-Point Protocol, PPP daemon, pppd vulnerability, Software vulnerabilities | Comments (0)

Hackers Compromise T-Mobile Employee’ Email Accounts and Steal User’ Data

March 5th, 2020
If you are a T-Mobile customer, this news may concern you. US-based telecom giant T-Mobile has suffered yet another data breach incident that recently exposed personal and accounts information of both its employees and customers to unknown hackers. What happened? In a breach notification posted on its website, T-Mobile today said its cybersecurity team recently discovered a sophisticated

Posted in cybersecurity, data breach, data leaked, data security, hacking news, t-mobile, T-Mobile hack, Telecom company, Telecom hacking | Comments (0)

2 Chinese Charged with Laundering $100 Million for North Korean Hackers

March 3rd, 2020
Two Chinese nationals have been charged by the US Department of Justice (DoJ) and sanctioned by the US Treasury for allegedly laundering $100 million worth of virtual currency using prepaid Apple iTunes gift cards. According to a newly unsealed court document, the illicit funds originated from a $250 million haul stolen from two different unnamed cryptocurrency exchanges that were perpetrated

Posted in cryptocurrency, cryptocurrency exchange, cybersecurity, hacking news, Lazarus Group, Money Laundering, North Korea, North Korean hackers | Comments (0)

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

February 28th, 2020
If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) 'file read and inclusion bug'

Posted in Apache, Apache exploit, Apache Tomcat, hacking news, local file inclusion, remote code execution, remote file inclusion, server security, server vulnerability, Tomcat Server | Comments (0)