Russian Hackers Charged For Selling Unauthorized Access To Computer Networks
A Russian citizen has been indicted for working as an “access broker” and selling unauthorized access to computer networks, including a victim company in New Jersey, U.S. Attorney Philip R. Sellinger, District of New Jersey, announced. Details of the Indictment Evgeniy Doroshenko, 31, also known as “Eugene Doroshenko,” “FlankerWWH,” and “Flanker,” of Astrakhan, Russia, faces charges […]
Notorious Data Leak Site Breachforums is back From the Seizure
The notorious data breach forum, Breachforums, has re-emerged after being confiscated by authorities in a surprising development. According to the recent tweet from Dark Web Informer, the news has sent shockwaves through the cybersecurity community and raised concerns about the ongoing battle against cybercrime. Breachforums, a notorious platform known for hosting and distributing stolen data, […]
Hackers Advertising Pulse Connect Secure VPN RCE 0-Day
Cybersecurity experts have identified a critical zero-day vulnerability in Pulse Connect Secure VPN, a widely used virtual private network solution. The vulnerability, which allows for remote code execution (RCE), has been actively exploited by hackers, raising significant concerns among organizations relying on this technology for secure remote access. The discovery was first reported on Twitter, highlighting the […]
Ransomware Attacks Targeting VMware ESXi Infrastructure Adopt New Pattern
Cybersecurity professionals at Sygnia have noted a notable change in the strategies used by ransomware groups that are aiming at virtualized environments, specifically VMware ESXi infrastructure, in relation to development. The incident response team has noted a steady increase in these attacks, with threat actors exploiting misconfigurations and vulnerabilities in virtualization platforms to maximize their […]
Threat Actor Claiming Access to AWS, Azure, MongoDB & Github API Keys
A threat actor has claimed to have gained unauthorized access to API keys for major cloud service providers, including Amazon Web Services (AWS), Microsoft Azure, MongoDB, and GitHub. The announcement was made via a post on the social media platform X by the account DarkWebInformer. The tweet has raised alarms within the cybersecurity community, prompting immediate investigations […]
Rockwell Automation Warns Admin to Disconnect Devices From Internet
Rockwell Automation has sent an urgent message to all of its customers because of rising geopolitical issues and hostile cyber activity worldwide. The company is asking that any devices currently connected to the public internet be checked out immediately and shut down if they aren’t meant to do so. This proactive step is meant to lower the […]
CasperSecurity Stealer Attacking Windows Machine to Steal RDP Credentials
A new piece of malware called CasperSecurity Stealer is a major threat to Windows computers. This complex malware is made to steal Remote Desktop Protocol (RDP) credentials, which is very dangerous for individuals and businesses. A New Breed of Malware CasperSecurity Stealer is a new type of malware that targets RDP passwords in particular. RDP is […]
Hackers Exploited GitHub and FileZilla to Deliver Banking Malware
The Insikt Group at Recorded Future has found a sophisticated cybercrime operation run by Russian-speaking threat actors from the Commonwealth of Independent States (CIS). This group of hackers has used safe websites like GitHub and FileZilla to spread banking malware, which is very dangerous for both personal and business security. GitCaught: Exposing the Misuse of […]
CISA Reveals Guidance For Implementation of Encrypted DNS Protocols
“Encrypted DNS Implementation Guidance,” a detailed document from the Cybersecurity and Infrastructure Security Agency (CISA), tells government agencies how to improve their cybersecurity by using encrypted Domain Name System (DNS) protocols. This advice is in line with Memorandum M-22-09 from the Office of Management and Budget (OMB), which lays out a “zero trust” cybersecurity plan […]
Earth Hundun Hacker Group Employs Advanced Tactics to Evade Detection
Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear. We first encountered Deuterbear in Earth Hundun’s arsenal in October 2022, signaling its implementation. This report describes the ultimate Remote Access Trojan (RAT) we recovered from a C&C server from an Earth Hundun campaign in 2024. We examined the Waterbear downloader’s network actions at the beginning. […]