Uncategorized

$100 Million in Cryptocurrency Gets Stolen by Hackers from Binance Bridge

Leave a Comment / Uncategorized /

An exploit on a cross-chain bridge that stole about $100 million in digital assets was discovered by BNB Chain, a blockchain connected to the Binance cryptocurrency exchange. BSC Token Hub, a native cross-chain bridge connecting BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), was impacted by an exploit, it was reported last […]

$100 Million in Cryptocurrency Gets Stolen by Hackers from Binance Bridge Read More »

Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks

Leave a Comment / Uncategorized /

To protect the ecosystem against supply chain threats, Google on Monday unveiled a new bug bounty program for its open source projects that offers rewards ranging from $100 to $31,337 (a reference to eleet or leet). One of the first open source-specific vulnerability programs is known as the Open Source Software Vulnerability Rewards Program (OSS

Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks Read More »

The Browser-in-the-Browser (BITB) Attack Enabling Easier Phishing Attack

Leave a Comment / Uncategorized /

New phishing technique called browser-in-the-browser (BitB) attack can be xploited to act like a browser window within the browser in order to spoof a legitimate domain, which makes it possible to stage convincing phishing attacks. The method makes use of the third-party single sign-on (SSO) options embedded on websites such as “Sign in with Google”

The Browser-in-the-Browser (BITB) Attack Enabling Easier Phishing Attack Read More »

Garrett Walk-Through Metal Detector Vulnerability Discovered

Leave a Comment / Uncategorized, Vulnerabilities /

Security flaws have been uncovered in a networking component in Garrett Metal Detectors which could allow remote attackers bypass authentication requirements, tamper with metal detector configurations and even execute arbitrary code on the devices. Cisco Talos noted in a disclosure publicized that “An attacker could manipulate this module to remotely monitor statistics on the metal

Garrett Walk-Through Metal Detector Vulnerability Discovered Read More »

Researchers Detail Novel Malicious Frameworks Attacking Air-Gapped Networks

Leave a Comment / Malware, Uncategorized /

Air-gapped networks have been discovered to be attacked by four different malicious frameworks bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information. Researchers have stated that the frameworks were designed to perform some form of espionage and they all used USB drives as

Researchers Detail Novel Malicious Frameworks Attacking Air-Gapped Networks Read More »

Microsoft Windows OS Gets Affected by Unpatched Unauthorized File Read Vulnerability

Leave a Comment / Uncategorized, Vulnerabilities /

The Windows Security Vulnerability (CVE-2021-24084) which allows disclosure and Local Privilege Escalation (LPE) on vulnerable systems has received a follow up patch after the last patch failed to solve the problem. But as observed by Naceri in June 2021, not only could the patch be bypassed to achieve the same objective, the researcher this month

Microsoft Windows OS Gets Affected by Unpatched Unauthorized File Read Vulnerability Read More »

Pegasus-maker NSO Group and 3 Others Sanctioned by the U.S. Department of Commerce

Leave a Comment / Uncategorized /

Four companies as well as the Isreal-based spyware company NSO Group and Candiru have been added to a list of entities engaging in “malicious cyber activities” by the U.S. Commerce Department. This addition is based on evidence that spyware was developed and supplied to foreign governments who in turn used these tools to maliciously target

Pegasus-maker NSO Group and 3 Others Sanctioned by the U.S. Department of Commerce Read More »

Unmasking Of Domain Name Registrants Now Part Of EU Proposals

Leave a Comment / Uncategorized /

The EU in its “NIS2” legislation making its way through the European Parliament has made provisions to ban anonymous registration of domain data in a bid to boost security and anti-piracy efforts. It seeks to ensure the availability of accurate, verified and complete domain name registration data by imposing it on TLD registries and entities

Unmasking Of Domain Name Registrants Now Part Of EU Proposals Read More »

Ukrainian Hacker With Over 100,000 Botnets Arrested

Leave a Comment / Uncategorized /

Ukrainian law enforcement authorities have arrested a hacker who created and managed a “powerful botnet” consisting of nothing less than 100,000 enslaved devices that was used to carry out distributed denial-of-service (DDoS) and spam attacks on behalf of paid customers. The suspect’s residence was raided and computer equipment as evidence of illegal activity was seized.

Ukrainian Hacker With Over 100,000 Botnets Arrested Read More »

Fake Amnesty International Antivirus Hacking Systems Now Currently In Circulation

1 Comment / Uncategorized /

In yet another indicator of how hacking groups are quick to capitalize on world events and improvise their attack campaigns for maximum impact, threat actors have been discovered impersonating Amnesty International to distribute malware that purports to be a security software designed to safeguard against NSO Group’s Pegasus surveillanceware. Hacking groups have never failed at

Fake Amnesty International Antivirus Hacking Systems Now Currently In Circulation Read More »