Protergo Admin

Twitter Source Code Leaked on Public GitHub Repository

The popular social media platform Twitter is actively searching for the person responsible for a recent data leak and any other individuals who became involved in the incident by downloading the data. A GitHub user publicly exposed a part of the platform’s proprietary source code and internal tools for approximately three months before Twitter issued …

Twitter Source Code Leaked on Public GitHub Repository Read More »

Hacktivism on the Rise: KillNet Anonymous Sudan’s Cyber Campaign Targets Australia

The world of cyberattacks continues to evolve with the emergence of new hacktivist groups that target different countries for various political reasons. One such group that has been making headlines is KillNet Anonymous Sudan, which is affiliated with the pro-Russian hacktivist group KillNet. The dark web team of SOCRadar has discovered alarming posts on the …

Hacktivism on the Rise: KillNet Anonymous Sudan’s Cyber Campaign Targets Australia Read More »

20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison

Conor Brian Fitzpatrick, the 20-year-old founder and the administrator of the now-defunct BreachForums has been formally charged in the U.S. with conspiracy to commit access device fraud. If proven guilty, Fitzpatrick, who went by the online moniker “pompompurin,” faces a maximum penalty of up to five years in prison. He was arrested on March 15, …

20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison Read More »

Emotet malware distributed as fake W-9 tax forms from the IRS

A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue Service and companies you work with. Emotet is a notorious malware infection distributed through phishing emails that in the past contained Microsoft Word and Excel documents with malicious macros that install the malware. However, after Microsoft began …

Emotet malware distributed as fake W-9 tax forms from the IRS Read More »

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident

OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users’ personal information and chat titles in the upstart’s ChatGPT service earlier this week. The glitch, which came to light on March 20, 2023, enabled certain users to view brief descriptions of other users’ conversations from …

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident Read More »

Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack chains mounted by the group commence with a spear-phishing email …

Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies Read More »

2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks

In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication of attacks and the number of cybersecurity solutions introduced into the market. With this rise in threats, budgets, and solutions, how prepared are industries and …

2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks Read More »

Hackers use new PowerMagic and CommonMagic malware to steal data

Security researchers have discovered attacks from an advanced threat actor that used “a previously unseen malicious framework” called CommonMagic and a new backdoor called PowerMagic. Both malware pieces have been used since at least September 2021 in operations that continue to this day and target organizations in the administrative, agriculture, and transportation sectors for espionage …

Hackers use new PowerMagic and CommonMagic malware to steal data Read More »

New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks

A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks. The new botnet was discovered by researchers at Akamai at the start of the year, who caught it on their HTTP and SSH honeypots, …

New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks Read More »

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack

The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. Threat intelligence firm Mandiant, which made the attribution, said the activity cluster is part of a broader campaign designed to deploy backdoors onto Fortinet and VMware solutions and maintain persistent access to victim …

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack Read More »

Emotet malware now distributed in Microsoft OneNote files to evade defenses

The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets. Emotet is a notorious malware botnet historically distributed through Microsoft Word and Excel attachments that contain malicious macros. If a user opens the attachment and enables macros, a DLL will be downloaded and executed …

Emotet malware now distributed in Microsoft OneNote files to evade defenses Read More »

FakeCalls Android malware returns with new ways to hide on phones

Android malware ‘FakeCalls’ is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to fool bankers into giving away their credit card details. The particular malware isn’t new, as Kaspersky published a report about it a year ago. However, Check Point researchers now report that more recent versions have implemented …

FakeCalls Android malware returns with new ways to hide on phones Read More »

BianLian ransomware gang shifts focus to pure data extortion

The BianLian ransomware group has shifted its focus from encrypting its victims’ files to only exfiltrating data found on compromised networks and using them for extortion. This operational development in BianLian was reported by cybersecurity company Redacted, who have seen signs of the threat group attempting to craft their extortion skills and increase the pressure on …

BianLian ransomware gang shifts focus to pure data extortion Read More »

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets

Project Zero, Google’s zero-day bug-hunting team, discovered and reported 18 zero-day vulnerabilities in Samsung’s Exynos chipsets used in mobile devices, wearables, and cars. The Exynos modem security flaws were reported between late 2022 and early 2023. Four of the eighteen zero-days were identified as the most serious, enabling remote code execution from the Internet to the baseband. …

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets Read More »

Mental health provider Cerebral alerts 3.1M people of data breach

Healthcare platform Cerebral is sending data breach notices to 3.18 million people who have interacted with its websites, applications, and telehealth services. Cerebral is a remote telehealth company that provides online therapy and medication management for various mental health conditions, including anxiety, depression, ADHD, Bipolar Disorder, and substance abuse. In a ‘Notice of HIPAA Privacy …

Mental health provider Cerebral alerts 3.1M people of data breach Read More »

Major Cyberattacks in Review: February 2023

As we enter March 2023, the world continues to face a surge in cyberattacks that threaten individuals, businesses, and government agencies. The last month has already witnessed some of the most significant cyber incidents, including data breaches and ransomware attacks that have impacted millions of people and organizations worldwide. As the threat landscape continues to …

Major Cyberattacks in Review: February 2023 Read More »

Acer Breached, Hacker Selling Access to 160GB of Stolen Data

Acer has been breached by a hacker who claims to have stolen confidential data from the PC maker, including files on the company’s products.  The culprit is now selling access to the stolen files on a forum frequented by hackers. “The leak contains a total 160GB of 655 directories, and 2,869 files,” the attacker wrote …

Acer Breached, Hacker Selling Access to 160GB of Stolen Data Read More »

New TPM 2.0 flaws could let hackers steal cryptographic keys

The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access or overwrite sensitive data, such as cryptographic keys. TPM is a hardware-based technology that provides operating systems with tamper-resistant secure cryptographic functions. It can be used to store cryptographic keys, passwords, and other critical data, …

New TPM 2.0 flaws could let hackers steal cryptographic keys Read More »

Bing Chat has a secret ‘Celebrity’ mode to impersonate celebrities

A secret Bing Chat ‘Celebrity’ mode allows users to instruct the AI to impersonate celebrities, answering questions and talking like the person it imitates. Microsoft is constantly testing new, hidden features in Bing Chat that allow you to turn it into different chat modes, such as gaming, personal assistant, or a friend who can help you …

Bing Chat has a secret ‘Celebrity’ mode to impersonate celebrities Read More »

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity …

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics Read More »

BidenCash market leaks over 2 million stolen credit cards for free

A carding marketplace known as BidenCash has leaked online a free database of 2,165,700 debit and credit cards in celebration of its first anniversary. Rather than keeping it under wraps, the threat actors advertised this massive leak on an underground cybercrime forum for more extensive reach and to attract as much attention as possible. According …

BidenCash market leaks over 2 million stolen credit cards for free Read More »

Hackers Exploit Containerized Environments to Steals Proprietary Data and Software

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. “The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials,” Sysdig said in a new report. The advanced cloud attack also entailed the deployment of …

Hackers Exploit Containerized Environments to Steals Proprietary Data and Software Read More »

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers

Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. “Underpinning this campaign was the use of transfer[.]sh,” Cado Security said in a report shared with The Hacker News. “It’s possible that it’s an attempt at evading detections based on …

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers Read More »

Hackers use fake ChatGPT apps to push Windows, Android malware

Threat actors are exploiting the popularity of OpenAI’s ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting vitims to phishing pages. ChatGPT gained immense traction since its launch in November 2022, becoming the most rapidly growing consumer application in modern history with more then100 million users by January 2023. This massive popularity and …

Hackers use fake ChatGPT apps to push Windows, Android malware Read More »

GoDaddy Hackers Stole Source Code, Customer Details

GoDaddy, a web hosting behemoth, said the company suffered from a multi-year breach with attackers installing malware on its servers. Unknown attackers accessed GoDaddy’s servers via cPanel shared hosting environment and installed malware, in an attack spanning several years. According to the company, the breach was discovered in December 2022, after investigating customer complaints about …

GoDaddy Hackers Stole Source Code, Customer Details Read More »

Activision Hackers Exposed Employee and Game Info

Activision has suffered a data breach, with threat actors accessing the game publisher’s corporate Slack environment and game release calendar. Activision confirmed it was breached. Researchers at VX-Underground first announced the breach, adding that Activision decided to keep the security incident under wraps. “They [the attackers] exfiltrated sensitive workplace documents, as well as content scheduled …

Activision Hackers Exposed Employee and Game Info Read More »

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 …

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software Read More »

Experts Warn of RambleOn Android Malware Targeting South Korean Journalists

Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the “ability to read and leak target’s contact list, SMS, voice call content, location and …

Experts Warn of RambleOn Android Malware Targeting South Korean Journalists Read More »

Scandinavian Airlines says cyberattack caused passenger data leak

Scandinavian Airlines (SAS) has posted a notice warning passengers that a recent multi-hour outage of its website and mobile app was caused by a cyberattack that also exposed customer data. The cyberattack caused some form of a malfunction on the airline’s online system, causing passenger data to become visible to other passengers. This data includes …

Scandinavian Airlines says cyberattack caused passenger data leak Read More »

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy

Fortinet has released security updates to address 40 vulnerabilities in its software lineup, including FortiWeb, FortiOS, FortiNAC, and FortiProxy, among others. Two of the 40 flaws are rated Critical, 15 are rated High, 22 are rated Medium, and one is rated Low in severity. Top of the list is a severe bug residing in the FortiNAC network …

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy Read More »

Mobile game with 10m+ downloads spills source code, endangers user data

The source code of Escalators, a mobile game available on Google Play Store and Apple’s App Store, was allegedly posted on several popular hacker forums. The threat actor posted a dataset of nearly 600 MB of likely stolen information. Source code leaks pose a significant security threat to developers as their intellectual property can be …

Mobile game with 10m+ downloads spills source code, endangers user data Read More »

AI-based visual editing service leaks user images and customer data

Cutout.pro, an AI media manipulation service, leaked nine gigabytes of data, including usernames and images it created using specific queries. Artificial intelligence-based tools such as ChatGPT or DALL-E have caught the attention of swaths of internet users. However, few have likely considered the security implications of uploading text or images to such tools, and a recent Cybernews discovery is …

AI-based visual editing service leaks user images and customer data Read More »

San Diego healthcare provider admits breach involving patient data

Sharp HealthCare, a San Diego-based group with ten healthcare institutions and over 18,000 employees, said certain patient information was compromised in a January breach. The company detected suspicious activity on a server that runs the Sharp.com website on January 12. An unauthorized party gained access to the server for a few hours and was able …

San Diego healthcare provider admits breach involving patient data Read More »

Researcher Successfully Hacked Toyota’s Global Network

A Florida-based cybersecurity researcher had a slow week in late October 2022 and decided to inspect the systems of various major companies for exploits. In a week, he detected four different security issues at Toyota, all of which he deemed critical. Eaton Zveare, Director of Technology at Grape Intentions, an online wine store, has a …

Researcher Successfully Hacked Toyota’s Global Network Read More »

Hackers Use Fake Crypto Job Offers to Push info-Stealing Malware

A campaign operated by Russian threat actors uses fake job offers to target Eastern Europeans working in the cryptocurrency industry, aiming to infect them with a modified version of the Stealerium malware named ‘Enigma.’ According to Trend Micro, which has been tracking the malicious activity, the threat actors use a set of heavily obfuscated loaders that …

Hackers Use Fake Crypto Job Offers to Push info-Stealing Malware Read More »

Hackers Breach Reddit to Steal Source Code and Internal Data

Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code. The company says the hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site. This site attempted to steal employees’ credentials and two-factor authentication tokens. After one employee fell …

Hackers Breach Reddit to Steal Source Code and Internal Data Read More »

Ransomware Attack on ION Group Impacts Derivatives Trading Market

The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks, and corporations for trading, investment management, and market analytics. On January 31, 2023, the firm disclosed the incident in a short statement saying that it impacted ION Cleared Derivatives, a …

Ransomware Attack on ION Group Impacts Derivatives Trading Market Read More »

Florida hospital takes IT systems offline after cyberattack

Tallahassee Memorial HealthCare (TMH) has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack. While all its network systems were taken online, TMH says this attack only impacted some of them. Patients who require emergency medical services (EMS) will also be diverted to other hospitals, as TMH will only accept …

Florida hospital takes IT systems offline after cyberattack Read More »

TruthFinder, Instant Checkmate confirm data breach affecting 20M customers

PeopleConnect, the owners of the TruthFinder and Instant Checkmate background check services, confirmed they suffered a data breach after hackers leaked a 2019 backup database containing the info of millions of customers. TruthFinder and Instant Checkmate are subscription-based services allowing customers to perform background checks on other people. When conducting background checks, the sites will …

TruthFinder, Instant Checkmate confirm data breach affecting 20M customers Read More »

The Week in Ransomware – February 3rd 2023 – Ending with a mess

While the week started slowly, it turned into a big ransomware mess, with attacks striking a big blow at businesses running VMware ESXi servers. The attacks started Friday morning, with threat actors targeting unpatched VMware ESXi servers with a new ransomware variant dubbed ESXiArgs. The attacks were fast and widespread, with admins worldwide soon reporting that they were …

The Week in Ransomware – February 3rd 2023 – Ending with a mess Read More »

Digital taxi service offline after cyberattack

A taxi-booking service in Australia has been forced to shut down after a cyberattack, leaving disabled and child passengers temporarily stranded. Frustrated users have vented their displeasure on Twitter following the announcement on the social media platform. Another day, another business compromised by threat actors. The latest victim is Black and White Cabs, a digital …

Digital taxi service offline after cyberattack Read More »

GitHub breach: attackers cloned code signing certificates

GitHub claims unknown attackers accessed its code repositories and stole certificates for GitHub Desktop and Atom applications. GitHub, a popular hosting service for software development, notified users of an “unauthorized access” the company detected on December 7, 2022. According to GitHub, the attack only affected repositories used in the planning and development of GitHub Desktop …

GitHub breach: attackers cloned code signing certificates Read More »

Latest crypto hack sees $12.7m ‘wrapped’ bitcoin stolen from pNetwork

A hacker has stolen $12.7m (£9.3m) in bitcoin from crypto transfer platform pNetwork.  pNetwork said in a tweet late on Sunday: “We’re sorry to inform the community that an attacker was able to leverage a bug in our codebase and attack pBTC on BSC, stealing 277 BTC (most of its collateral).” It said that all …

Latest crypto hack sees $12.7m ‘wrapped’ bitcoin stolen from pNetwork Read More »

Pair of Google Chrome Zero-Day Bugs Actively Exploited

The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year. Google has addressed two zero-day security bugs that are being actively exploited in the wild. As part of the internet giant’s latest stable channel release (version 93.0.4577.82 for Windows, Mac and Linux), it fixed 11 total vulnerabilities, all …

Pair of Google Chrome Zero-Day Bugs Actively Exploited Read More »

Cyber arms dealer exploits new Apple iPhone software vulnerability that affects most versions, watchdog group says

A cyber surveillance company based in Israel developed a tool to break into Apple iPhones with a never-before-seen technique that has been in use since at least February, internet security watchdog group Citizen Lab said on Monday. The discovery is important because of the critical nature of the vulnerability, which requires no user interaction and affects all …

Cyber arms dealer exploits new Apple iPhone software vulnerability that affects most versions, watchdog group says Read More »