CyberIntelMag.com is the resource for cybersecurity news for cybersecurity professionals. for cybersecurity professionals.
The goal is to grow CyberIntelMag into the one-stop shop for news, influencers, videos, tutorials, product reviews, etc.
Continuous Flipper Zero Phishing Attacks Aim Infosec Community
A new phishing campaign is taking advantage of the growing interest among security professionals on Flipper Zero to steal their personal information and cryptocurrencies. A portable, multi-purpose cybersecurity gadget, Flipper Zero, is designed for pen testers and hacking enthusiasts. The tool’s s...
Ransomware Gang Offers SickKids Hospital Free Decryptor in Apology
The Hospital for Sick Children (SickKids) has received a free decryptor from the LockBit ransomware gang after one of its members allegedly broke the law by attacking the hospital. SickKids is a Toronto-based teaching and research hospital that specializes in treating unwell children. The hospital f...
Framework For PyTorch Machine Learning Exploited With Malicious Dependency
The PyTorch package maintainers have advised users to remove and download the most recent versions if they installed the library’s nightly releases between December 25, 2022, and December 30, 2022, after a dependency confusion cyberattack. “PyTorch-nightly Linux packages installed via pip during...
Hackers Could Snoop on Conversations Using Google Home Speakers
The Google Home smart speaker could be remotely controlled and turned into an eavesdropping device by installing a backdoor account with access to the microphone feed. Last year, a researcher found the problem and was awarded $107,500 for appropriately alerting Google about it. Earlier this week, th...
270,000 Patients Affected by Louisiana Hospital Ransomware Attack
The Lake Charles Memorial Health System (LCMHS) is notifying thousands of patients who have gotten care at one of its medical facilities of a data breach. With a 314-bed hospital, a 54-bed women’s hospital, a 42-bed mental health hospital, and a primary care clinic for uninsured patients, LCMHS is...
Motion Sensors Being Used in EarSpy Attack to Spy on Android Phones
An eavesdropping attack for Android smartphones has been created by a team of researchers that, to varying degrees, can identify the gender and identity of the caller and even interpret private communication. The side-channel attack, known as EarSpy, intends to investigate new opportunities for list...
Malware GuLoader Uses New Methods to Avoid Security Software
Researchers in cybersecurity have revealed a wide range of strategies used by the sophisticated malware downloader GuLoader to avoid security software. GuLoader, also known as CloudEyE, is a Visual Basic Script (VBS) downloader employed to spread remote access trojans on compromised computers. It wa...
400 Million Twitter Users’ Data Stolen And Available For Sale
A hacker claims to have stolen data on 400,000,000 Twitter users and is trying to sell it. He asserts that the database is confidential, and to support his claims, he gave a sample of 1,000 accounts, some of which contained the private data of well-known individuals like Donald Trump Jr., Brian Kreb...
IoT Botnet Zerobot Develops Exploits And DDoS Abilities
An upgraded version of the recently described Internet of Things (IoT) botnet Zerobot has a more extended set of exploits and DDoS capabilities. It is a self-replicating and self-propagating piece of malware created in the Golang (Go) programming language that can target twelve device architectures....
Two Men Detained For Involvement in Taxi Hacking Scam at John F. Kennedy Airport
The US Justice Department revealed that two individuals had been detained on suspicion of participating in a hacking operation against the John F. Kennedy International Airport’s taxi dispatch system. Authorities claim that the suspects, New Yorkers Daniel Abayev and Peter Leyman, broke into the J...
Data Breach at DraftKings Affects Personal Info of 68,000 Users
Sports betting company DraftKings revealed that a recent data breach exposed the personal information of 68,000 users. The issue, first made public in November, was the product of a credential stuffing attack rather than a system compromise at DraftKings. Credential stuffing is the practice of acces...
Cyberattack on German Hotel Company H-Hotels Claimed by Play Ransomware
Hotels (h-hotels.com) communications have been disrupted due to a cyberattack blamed on the Play ransomware group. The hospitality group H-Hotels operates 60 hotels in 50 different cities in Germany, Austria, and Switzerland, with a total of 9,600 rooms. With 2,500 employees and operating under the....
Google Makes End-to-End Encryption Available For Gmail on Web
End-to-end encryption (E2EE), which Google introduced on Friday, enables enrolled Google Workspace users to send and receive encrypted emails inside and outside their domain. Users of Google Drive, Google Meet, Google Docs, Slides, Sheets, and Google Calendar (beta) already have access to client-sid...
Japanese Politicians Being Targeted by Hackers With Novel MirrorStealer Malware
Before the House of Councilors election in July 2022, a hacker gang known as MirrorFace had been targeting Japanese lawmakers using a previously unknown credentials stealer known as “MirrorStealer.” ESET identified the effort, and its experts claim they were able to put together the data because...
SVG Files Used by Attackers For Smuggling QBot Malware Onto Windows PCs
A novel distribution technique for QBot malware phishing campaigns uses SVG files to smuggle HTML and produce malicious Windows installation locally. This exploit uses embedded JavaScript-enabled SVG files to disassemble a Base64-encoded QBot malware installation that the target’s browser automati...
New Backdoor in Python Found, Targets VMware ESXi Servers
According to Juniper Networks’ Threat Labs security experts, a new Python-based backdoor that targets VMware ESXi virtualization servers has been discovered. Although the targeted servers were affected by well-known security flaws (including CVE-2019-5544 and CVE-2020-3992) that were probably abus...
Ransomware And Phishing Attacks Strike Rackspace
Established in 1998, Rackspace is a well-known supplier of managed hosting and cloud computing services. The company helps businesses of all sizes develop, maintain, and grow their IT infrastructure by providing various services, such as managed hosting, private clouds, and public cloud environments...
TrueBot Malware Employed by Clop Ransomware For Accessing Networks
Security experts have observed an increase in the number of computers with the TrueBot malware downloader, developed by the Silence hacking gang that speaks Russian. This group, renowned for its large-scale financial institution heists, has started to move away from using phishing as a first point o...
Iranian Hackers Using Supply Chain Attack to Distribute New “Fantasy” Wiper in Diamond Industry
Cybersecurity company ESET has reported that Agrius, an advanced persistent threat (APT) actor with connections to Iran, is employing a new wiper in operations against targets in South Africa, Hong Kong, and Israel. Agrius is a threat actor operating since at least 2020, concentrating mostly on vict...
Cyberattack on IT Service Provider Affects New Zealand Government
This week, the New Zealand government acknowledged that companies and public bodies in the nation had been affected by a ransomware attack on the managed service provider (MSP) Mercury IT. This small company, with only 25 employees, offers cybersecurity, IT, telecom, and support services to several....
VTB, Second-Largest Bank of Russia, Taken Down by Significant DDoS Attack
The second-largest bank in Russia, VTB Bank, claims to be dealing with the worst hack in its history after a DDoS (distributed denial of service) attack forced the closure of both its website and mobile apps. “At present, the VTB technological infrastructure is under unprecedented cyberattack from...
SiriusXM Weakness Allows Cybercriminals to Unlock and Start Connected Cars Remotely
Researchers in the field of cybersecurity have identified a security flaw that makes vehicles made by Honda, Nissan, Infiniti, and Acura vulnerable to remote cyberattacks via a connected vehicle service offered by SiriusXM. Last week, researcher Sam Curry mentioned on Twitter that the flaw could be....
Two Million Android Malware Apps Discovered on Google Play
Over two million individuals have been duped into installing new Android malware, phishing, and adware applications that have penetrated the Google Play store. The applications found by Dr Web antivirus seem to be helpful utilities and system optimizers but are actually the causes of performance gli...
Malware Signed Using Hacked OEM Android Platform Certificates
Threat actors exploited many platform certificates used by Android OEM device suppliers to sign core system applications to sign apps that contained malware. The core ROM images of Android devices containing the Android operating system and related apps are signed by OEM Android device makers using....
African Law Enforcement Disrupts $800K Fraud Schemes
Following a four-month investigation, Interpol announced that police in Africa had detained 10 suspects in connection with a global fraud scheme worth an estimated $800,000. The Africa Cyber Surge Operation, which took place from July to November, included 27 nations, according to the international....
Attack From Keralty Ransomware Affects Colombia’s Healthcare System
The websites and business activities of the international healthcare group Keralty and its subsidiaries were affected by a RansomHouse ransomware attack on Sunday. The Colombian healthcare company Keralty has a global network of 12 hospitals and 371 medical facilities across Latin America, Spain, th...
TikTok’s Trending “Invisible Challenge” Being Used by Hackers to Spread Malware
According to new data from Checkmarx, threat actors are taking advantage of a well-known TikTok challenge to lure users into installing malware that steals information. The Invisible Challenge fad is using a filter called Invisible Body that only leaves a silhouette of the user’s body behind. Howe...
Ransomware Group Targeted Belgian Municipality, But Attacked Police
The Zwijndrecht police, a local police unit in Antwerp, Belgium, was the source of the data that the Ragnar Locker ransomware group publicized as having been taken from what they believed to be the municipality of Zwijndrecht. Thousands of automobile license plates, penalties, criminal report files,...
Famous OpenVPN Android App Modified by Hackers to Incorporate Spyware
Since at least 2017, a threat actor involved in cyberespionage activities has been enticing victims with phony VPN software for Android that is a trojanized version of reliable products, SoftVPN and OpenVPN. Researchers said that the effort was “highly targeted” and was designed to gather contac...
More Than 50 Million Passwords Stolen by 34 Russian Cybercrime Groups Using Stealer Malware
Nearly 34 Russian-speaking gangs using the stealer-as-a-service business model to distribute information-stealing software obtained no less than 50 million credentials during the first seven months of 2022. The hackers stole not only passwords but also 2.11 billion cookie data, 113,204 crypto wallet...
Be the first to know and let us send you an email when Cyberintelmag.com posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.
Want your business to be the top-listed Media Company?
