Another Mumbai-Like Blackout? Telangana Power Utilities Dodge Chinese Hacking Attempt After Alert

An alert by Computer Emergency Response Team of India has averted a hacking attempt of the power systems in Telangana’s TS Transco and TS Genco by a China-based group. TS Transco and TS Genco are power utilities of the state. The hackers were reportedly trying to steal data and disrupt power supply. GENCO has blocked suspected IP addresses and changed the user credentials of officials operating remote sites and sophisticated power grids. “China-based threat actor group command and control servers were trying to communicate with systems belonging to Telangana SLDC…

Read More

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Cybercriminals are now deploying remote access Trojans (RATs) under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Talos reveals a new malware campaign targeting organizations in South Asia that utilize malicious Microsoft Office documents forged with macros to spread a RAT that goes by the name of ObliqueRAT. First documented in February 2020, the malware has been linked to a threat actor tracked as Transparent…

Read More

No data breach in Chinese hacking attempt at power grid system, says govt

The Centre on Monday denied any data breach in the attempt made by Chinese hackers to target the country’s power grid system. In a statement, the power ministry said, “An email was received from CERT-In on 19th November, 2020 on the threat of malware called Shadow Pad at some control centres of POSOCO. Accordingly, action has been taken to address these threats.” “NCIIPC informed through mail on Feb 12 about threat by Red Echo through malware Shadow Pad that ‘Chinese state-sponsored threat Actor group known as Red Echo is targeting…

Read More

North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

A prolific North Korean state-sponsored hacking group has been tied to a new ongoing espionage campaign aimed at exfiltrating sensitive information from organizations in the defense industry. Attributing the attacks with high confidence to the Lazarus Group, the new findings from Kaspersky signal an expansion of the APT actor’s tactics by going beyond the usual gamut of financially-motivated crimes to fund the cash-strapped regime. This broadening of its strategic interests happened in early 2020 by leveraging a tool called ThreatNeedle, researchers Vyacheslav Kopeytsev and Seongsu Park said in a Thursday…

Read More

H2C smuggling named top web hacking technique of 2020

A novel alternative to traditional HTTP request smuggling that spotlighted an obsolete, hitherto obscure protocol has been recognized as 2020’s top web hacking technique. Unveiled by Bishop Fox researchers in September, HTTP/2 cleartext (H2C) smuggling “abuses H2C-unware front-ends to create a tunnel to backend systems, enabling attackers to bypass frontend rewrite rules and exploit internal HTTP headers,” explains James Kettle, head of research at PortSwigger Web Security*, in the company’s rundown of 2020’s most impressive web hacking techniques. “Conceptually similar” to, but “significantly more practical” than, last year’s WebSocket smuggling,…

Read More

Twitter’s new hacking label has already been hacked

Twitter has started to label some tweets with a warning about materials “obtained through hacking.” This new label is appearing on some news stories that Twitter believes are based on hacks and leaked documents, but Twitter users have found an easy way to hack a URL together to make it appear on any tweet. The new label appeared on a story from independent outlet The Grayzone this week. If you share the URL of this particular story, it will generate the warning. But Twitter also displays the warning if you…

Read More

First Malware Designed for Apple M1 Chip Discovered in the Wild

One of the first malware samples tailored to run natively on Apple’s M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company’s latest generation of Macs powered by its own processors. While the transition to Apple silicon has necessitated developers to build new versions of their apps to ensure better performance and compatibility, malware authors are now undertaking similar steps to build malware that are capable of executing natively on Apple’s new M1 systems, according to macOS…

Read More

Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users

Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users’ visits to dark web websites. The bug was addressed in a hotfix release (V1.20.108) made available yesterday. Brave ships with a built-in feature called “Private Window with Tor” that integrates the Tor anonymity network into the browser, allowing users to access .onion websites, which are hosted on the darknet, without revealing the IP address information to internet service providers (ISPs),…

Read More

Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the attacks aimed specifically at energy and construction companies, said researchers from Check Point Research today in a joint analysis in partnership with industrial cybersecurity firm Otorio. Although phishing campaigns engineered for credential theft are among the most prevalent reasons for data breaches, what makes this operation…

Read More

Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps

In January 2019, a critical flaw was reported in Apple’s FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group chats feature altogether before the issue was resolved in a subsequent iOS update. Since then, a number of similar shortcomings have…

Read More