Month: September 2023

A new proposal has been approved by the Internet Engineering Task Force (IETF) which , if passed as a standard, could put an end to the snooping of web browsing activity. TLS Encrypted Client Hello (ECH) would complete the list of technologies which help to secure the web browsing activities […]

A joint security advisory released on the 27th September by the US and Japan outlines APT activity which has been generating backdoor capabilities against router firmware to facilitate long-term network access. The advisory has been published by The United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation […]

A fairly new hacking gang has emerged on the scene with a claim to have stolen 27Tb of sensitive data from one of the worlds largest building automation companies – Johnson controls. The gang go by the name of the Dark Angels Team and are currently demanding a ransom of […]

Throughout this year, I’ve posted numerous times about ransomware attacks – stories about the Internets biggest threat, the criminal gangs behind the attacks, and some of the companies affected by such attacks. In the majority of cases, the companies hit by these gangs are in the category of small to […]

As the title of this post states, another crypto-currency exchange has been hacked, this time with the loss of approximately $200M USD. Early yesterday morning (25th), The Mixin exchange posted on twitter that in the early hours of the 23rd, the cloud provider used by the exchange was breached with […]

Most people are aware of the various tactics employed by many cyber criminals that attempt to get a victim to divulge sensitive data – Phishing, SMSishing, and Vishing. Well there’s a new approach that is gaining popularity – Quishing – the use of QR-Codes to attack a would-be victim. Before […]

In a statement on Thursday (21st), the Government of the British overseas territory of Bermuda said that they had suffered a cyber attack which has affected all departments. In a press conference, David Burt, the Premier of Bermuda, also said that the investigation is yet to find evidence the attackers have stolen […]

A hacker using the name whalersplonk is spreading a fake Proof-of-Concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect those who download it VenomRAT malware. The fake PoC exploit was identified by researchers from Palo Alto Networks’ Unit 42 team who reported that the user uploaded […]

A team of researchers from Microsoft’s AI division published a bucket of open-source training data on GitHub, accidentally exposed 38 terabytes of additional private data – including a disk backup of two employees’ workstations.  The backup includes secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.  The researchers […]

Researchers from Trend Micro have discovered a new backdoor for Linux which they have named SprySOCKS. The origins of this new malware come from a 2015 Windows backdoor named Trochilus which executes and runs only in memory. The threat actor who is believed to be behind Trochilus is tracked by […]