Cybersecurity

Anonymous Hackers Continue Attack On Russian Websites, Two More Hacked

Anonymous, the decentralized hacktivist collective that swore to fight Russia on the cyber front following its invasion of Ukraine, on Tuesday announced another series of attacks against Russian websites. In a series of Twitter posts, the hacking collective announced…

EXCLUSIVE: Hacked documents detail Ecuador’s failed effort to take in NSA whistleblower Edward Snowden

Hackers have obtained data from the Ecuadorian Embassy in Moscow, revealing a trove of documents and emails as well as discussions regarding NSA whistleblower Edward Snowden. The more than 53 gigabytes of data, provided to the journalism collective DDoSecrets by…

Chinese hackers target script kiddies with info-stealer trojan

Cybersecurity researchers have discovered a new campaign attributed to the Chinese "Tropic Trooper" hacking group, which employs a novel loader called Nimbda and a new variant of the Yahoyah trojan. The trojan is bundled in a greyware tool named 'SMS Bomber,' which is…

Fresh Magecart Skimmer Attack Infrastructure Flagged by Analysts

Although observed Magecart skimmer attacks have been less frequently reported in recent months, analysts have discovered fresh infrastructure they were able to trace to malicious domains behind an ongoing campaign. The Malwarebytes Labs team connected the…

MEGA fixes critical flaws that allowed the decryption of user data

MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. MEGA is a New Zealand-based cloud storage and file hosting service with over 250 million registered users…

Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign

A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021. To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — "scanalytic[.]org" and…

Meet the Administrators of the RSOCKS Proxy Botnet

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone…

Former Mandiant exec tapped to run CTIIC, ODNI's cyber threat intelligence center

A former executive for the cybersecurity company Mandiant began work last month as the director of the Cyber Threat Intelligence Integration Center at the Office of the Director of National Intelligence, according to her LinkedIn page. Laura Galante is a longtime…

Europol Busts Phishing Gang Responsible for Millions in Losses

Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities. The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, saw the arrests of…

Critical PHP flaw exposes QNAP NAS devices to RCE attacks

QNAP has warned customers today that some of its Network Attached Storage (NAS) devices (with non-default configurations) are vulnerable to attacks that would exploit a three-year-old critical PHP vulnerability allowing remote code execution. "A vulnerability has been…