All posts in Hacks

Saryu Nayyar, CEO at Gurucul, discusses the new Cold War and the potential for a cyberattack to prompt military action. The Cold War concept isn’t outdated. In the decades since the fall of the Soviet Union, the battleground has simply shifted from conflicts between ideological proxy governments to cyberspace. And . . . Read more
A massive operation offers access to hacked camera feeds in bedrooms and at hotels. Stolen videos captured by tens of thousands of security cameras at private properties throughout China are now for sale across social media, marketed as sex tapes. That’s according to the South China Morning Post, which reported . . . Read more
New details of negotiation between attackers and officials from Broward County Public Schools emerge after a ransomware attack early last month. The Conti Gang has demanded a $40 million ransom from a Fort Lauderdale, Fla., school district after a ransomware attack last month. Attackers stole personal information from students and . . . Read more

Researchers said the FoundCore malware represents a big step forward when it comes to evasion. An advanced cyberespionage campaign targeting government and military entities in Vietnam has been discovered that delivered a remote-access tool (RAT) for carrying out espionage operations, researchers said. Further analysis suggested that this campaign was conducted . . . Read more

Aamir Lakhani, cybersecurity researcher for Fortinet’s FortiGuard Labs, discusses criminals flocking to web server and browser attacks, and what to do about it. Smart cybercriminals are going after web servers and browsers, more so than after individuals. Unfortunately, these types of attacks often go ignored, as they’re harder to test . . . Read more

In this roundtable, security experts focus on smaller businesses offer real-world advice for actionable ways to shore up defenses using fewer resources. Small- to medium-sized businesses (SMBs), those with 100 employees or less, are more vulnerable than ever to catastrophic cybersecurity breaches and attacks. The good news is that there . . . Read more

Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. Attackers have targeted customers of stock-trading broker Robinhood with a phishing campaign aimed to steal their credentials and spread malware using fake tax documents, the company has warned. Robinhood, . . . Read more
Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. Two critical zero-day bugs affect legacy QNAP Systems storage hardware, and expose devices to remote unauthenticated attackers. The bugs, tracked as CVE-2020-25099 and CVE-2021-36195, impact QNAP’s model TS-231 network attached . . . Read more

Researchers uncover a credential-stealing campaign targeting genetic, neurology and oncology professionals. Security researchers have linked a late-2020 phishing campaign aimed at stealing credentials from 25 senior professionals at medical research organizations in the United States and Israel to an advanced persistent threat group with links to Iran called Charming Kitten. . . . Read more
Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary’s emails, among others. The SolarWinds cyberattackers compromised the head of the Department of Homeland Security (DHS) under former president Trump and other top-ranking members of the department’s cybersecurity staff, according to a report. . . . Read more