Unsecured Microsoft Bing Server Exposed Users’ Search Queries and Location

A back-end server associated with Microsoft Bing exposed sensitive data of the search engine’s mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn’t include any personal details such as names or addresses. The data leak, discovered by Ata Hakcil of WizCase on September 12, is a massive 6.5TB cache of log files that was left for anyone to access without any password, potentially allowing cybercriminals to leverage the information for carrying out extortion and phishing scams. According to WizCase, the Elastic server is…

Read More

What’s in Vogue? Experts Point to Ransomware Attacks

The financial impact of ransomware attacks is huge. Since the coronavirus pandemic set in full force, threat actors have been launching brutal ransomware attacks on businesses worldwide.  Some statistics your way Over the first six months of the year, ransomware attacks were at the root of 41% of cyber insurance claims filed, according to a report by Coalition. According to the 2020 Verizon Business Data Breach Investigations Report, among all the malware incidents, ransomware attacks accounted for 27%. Meanwhile, the average cost of a ransomware attack is over $84,000, according to Coveware.…

Read More

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country’s Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target Rana Intelligence Computing Company (or Rana), which the agencies said operated as a front for the threat group APT39 (aka Chafer or Remix Kitten), Iranian cyber espionage hacking collective active since 2014 known for its attacks on companies…

Read More

Iranian Hackers Found Way Into Encrypted Apps, Researchers Say

Reports reveal that hackers have been secretly gathering intelligence on opponents of the Iranian regime, breaking into cellphones and computers and outsmarting apps like Telegram. Iranian hackers, most likely employees or affiliates of the government, have been running a vast cyberespionage operation equipped with surveillance tools that can outsmart encrypted messaging systems — a capability Iran was not previously known to possess, according to two digital security reports released Friday. The operation not only targets domestic dissidents, religious and ethnic minorities and antigovernment activists abroad, but can also be used…

Read More

FBI adds 5 Chinese APT41 hackers to its Cyber’s Most Wanted List

The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as ‘Barium,’ ‘Winnti, ‘Wicked Panda,’ and ‘Wicked Spider,’ the cyber-espionage group has been operating since at least 2012 and is not just involved in strategic intelligence collection from valuable targets in many sectors, but also behind financially motivated attacks against online gaming industry. According to a press release published by the…

Read More

Chinese and Malaysian hackers charged by US over attacks

The US Department of Justice (DoJ) has charged five Chinese and two Malaysian men with hacking more than 100 companies.The two Malaysian businessman “conspired” with two of the Chinese hackers to target the video games industry in particular, the DoJ said.They would obtain in-game items and currencies by fraud, hacking or other means, and sell on the digital items for real money, it added.Both Malaysian men have been arrested.The five Chinese men were “fugitives” in China, the DoJ added. The US does not have an extradition treaty with China.The other…

Read More

CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. “CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People’s Republic of China using commercially available information sources and open-source exploitation tools to target US Government agency networks,” the cybersecurity agency said. Over the past 12 months, the victims were identified through sources such as Shodan, the Common Vulnerabilities and Exposure (CVE) database, and…

Read More

Hackers Stole $5.4 Million From Eterbase Cryptocurrency Exchange

Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered maintenance mode until the security issue is resolved, described itself as Europe’s Premier Digital Asset Exchange. Based in Bratislava, Slovakia, and launched in 2019, Eterbase is a small cryptocurrency exchange platform that focuses on crypto to SEPA integration (via individual IBAN accounts), multi-asset support, and regulatory compliance. On Monday night, malicious threat…

Read More

New Linux Malware Steals Call Details from VoIP Softswitch Systems

Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed “CDRThief” that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata. “The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR),” ESET researchers said in a Thursday analysis. “To steal this metadata, the malware queries internal MySQL databases used by the softswitch. Thus, attackers demonstrate a good understanding of the internal architecture of the targeted platform.” Softswitches (short for software switches) are…

Read More

New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices

Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) of devices supporting both — Basic Rate/Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (BLE) standard. Cross-Transport Key Derivation (CTKD) is a Bluetooth component responsible for negotiating the authenticate keys when pairing two Bluetooth devices together, also known as “dual-mode”…

Read More