Hacking

Kali Linux 2021.3 released with new pentest tools

Kali Linux 2021.3 released with new pentest tools

​Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface. Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits. With this release, the Kali Linux …

Kali Linux 2021.3 released with new pentest tools Read More »

T-Mobile data breach just got worse – now at 54 million customers

T-Mobile data breach just got worse - now at 54 million customers

The T-Mobile data breach keeps getting worse as an update to their investigation now reveals that cyberattack exposed over 54 million individuals’ data. Last weekend, a threat actor began selling the personal information of 100 million T-Mobile customers on a hacking forum for six bitcoin (~$280K), and they starting Investigating Claims of Massive Data Breach. …

T-Mobile data breach just got worse – now at 54 million customers Read More »

T-Mobile Investigating Claims of Massive Data Breach

T-Mobile Investigating Claims of Massive Data Breach

Communications giant T-Mobile said today it is investigating the extent of a breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer’s mobile device. On Sunday, Vice.com broke the …

T-Mobile Investigating Claims of Massive Data Breach Read More »

1M Stolen Credit Cards Hit Dark Web for Free

1M Stolen Credit Cards Hit Dark Web for Free

Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials. Researchers from threat intelligence firm Cyble noticed the leak of the payment-card data during a “routine monitoring of cybercrime and Dark Web marketplaces,” researchers said in …

1M Stolen Credit Cards Hit Dark Web for Free Read More »

Actively exploited bug bypasses authentication on millions of routers

Actively exploited bug bypasses authentication on millions of routers

Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication. The ongoing attacks were …

Actively exploited bug bypasses authentication on millions of routers Read More »

Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

Cisco Issues Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition. The issues tracked as CVE-2021-1609 (CVSS score: 9.8) and CVE-2021-1610 (CVSS score: 7.2), reside in the …

Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs Read More »

Chinese Hackers Target Major Southeast Asian Telecom Companies

Chinese Hackers Target Major Southeast Asian Telecom Companies

Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. “The goal of the attackers behind these intrusions was to gain and maintain continuous access to telecommunication providers …

Chinese Hackers Target Major Southeast Asian Telecom Companies Read More »

Google is going to block logins on old Android devices starting September

Google is going to block logins on old Android devices starting September

Google is emailing Android users to let them know that, starting late September, they will no longer be able to log in to their Google accounts on devices running Android 2.3.7 (Gingerbread) and lower. “As part of our ongoing efforts to keep our users safe, Google will no longer allow sign-in on Android devices that run …

Google is going to block logins on old Android devices starting September Read More »

Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs

Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs

An unidentified threat actor has been exploiting a now-patched zero-day flaw VBA Malware in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an “unusual” campaign. The backdoor is distributed via a decoy document …

Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs Read More »