U.S. Charges Six Russian Intelligence Officers With Hacking

WASHINGTON—Federal prosecutors unsealed charges against six Russian intelligence officers accused of engaging in some of the most destructive cyberattacks of recent years, including operations that knocked out Ukraine’s energy grid, exposed emails from the French president’s party and damaged global systems in the costly 2017 NotPetya attack. The prolific hacking unit within Russia’s military intelligence service, known as the GRU, has previously been linked by U.S. authorities to the cyber interference operations during the 2016 election, and one of the accused has already been indicted by the U.S. in connection…

Read More

Twitter Hackers #Anonymous wey support #EndSARS claim hacking all Nigeria goment official Twitter account

Hackers say dem don take over all Nigeria goment official Twitter account to support #EndSARS Di hackers wey call demsef Anonymous on Friday hack di Twitter account of di National Broadcasting Commission wia dem post dia claim. Dem do dis in support for di ongoing #EndSARS protests against police brutality for Nigeria, according to wetin BBC find out. Protests dey don dey happun for more than a week across Nigeria to demand for police reforms and end to police brutality inside di west African kontri. Di hackers collective Anonymous Wednesday…

Read More

How To Hack Twitter Account 2020

How To Hack Twitter Account 2020 – Twitter tops the most popular Internet resources for online communication and information sharing for a long time. If you have a young kid, then you understand the constant worry about what they’re up to on social media. “Hack Twitter” is one of the most searched and hot topics around the Internet, like Gmail hacker. We have prepared a detailed list of how hackers can hack someone’s Twitter account easily in just a few minutes and how can we prevent the same. Also Read This How…

Read More

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices. The first and the most severe is a heap-based type confusion (CVE-2020-12351,…

Read More

As Twitter and Facebook Clamp Down, Republicans Claim ‘Election Interference’

SAN FRANCISCO — President Trump called Facebook and Twitter “terrible” and “a monster” and said he would go after them. Senators Ted Cruz and Marsha Blackburn said they would subpoena the chief executives of the companies for their actions. And on Fox News, prominent conservative hosts blasted the social media platforms as “monopolies” and accused them of “censorship” and election interference. On Thursday, simmering discontent among Republicans over the power that Facebook and Twitter wield over public discourse erupted into open acrimony. Republicans slammed the companies and baited them a…

Read More

Local File Inclusion

Local File Inclusion – File inclusions can be discovered in the same way as directory traversals. We must locate parameters we can manipulate and attempt to use them to load arbitrary files. However, a file inclusion takes this one step further, as we attempt execute the contents of the file within the application. We should also check these parameters to see if they are vulnerable to remote inclusion (RFI) by changing their values to a URL instead of a local path. We are less likely to find RFI vulnerabilities since…

Read More

Microsoft and Other Tech Companies Take Down TrickBot Botnet

Days after the US Government took steps to disrupt the notorious TrickBot botnet, a group of cybersecurity and tech companies has detailed a separate coordinated effort to take down the malware’s back-end infrastructure. The joint collaboration, which involved Microsoft’s Digital Crimes Unit, Lumen’s Black Lotus Labs, ESET, Financial Services Information Sharing and Analysis Center (FS-ISAC), NTT, and Broadcom’s Symantec, was undertaken after their request to halt TrickBot’s operations was granted by the US District Court for the Eastern District of Virginia. The development comes after the US Cyber Command mounted…

Read More

P2P Botnets are all the Rage

Peer-to-peer botnets have become the latest threat, and boy, oh boy, they are spreading fast. What’s going on? The vicious HEH botnet has surfaced that is capable of wiping every piece of data from infected systems. This P2P botnet, written in GoLang, has been observed targeting a variety of IoT devices with weakly protected or exposed telnet services. What does this imply? This new botnet is part of SSH-targeting malware tools written in GoLang. As the Go programming language offers a wide array of community-supported modules, its increasing use points…

Read More

What is Netcat?

What is Netcat? – Netcat, first released in 1995(!) by Hobbit is one of the “original” network penetration testing tools and is so versatile that it lives up to the author’s designation as a hacker’s “Swiss army knife”. The clearest definition of Netcat is from Hobbit himself: a simple “utility which reads and writes data across network connections, using TCP or UDP protocols. What is Netcat? Connecting to a TCP/UDP Port As suggested by the description, Netcat can run in either client or server mode. To begin, let’s look at…

Read More

Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. Now according to the latest research, two security flaws in Microsoft’s Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or execute arbitrary code and take over the administration server. “This enables an attacker to quietly take over the App Service’s git server, or implant malicious phishing pages accessible through Azure Portal to target system administrators,” cybersecurity firm Intezer said in a report published today and…

Read More