Elastic Stack API Security Vulnerability Exposes Customer and System Data – E Hacking News

  The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics capabilities, has resulted in severe vulnerabilities, according to a new analysis. Researchers from Salt Security uncovered flaws that allowed them to not only conduct attacks in which any user could extract critical customer and […]

Analysts Warn of Telegram Powered Bots Stealing Bank OTPs – E Hacking News

  In the past few years, two-factor verification is one of the simplest ways for users to safeguard their accounts. It has now become a major target for threat actors. As per Intel 471, a cybersecurity firm, it has observed a rise in services that allow threat actors to hack OTP (one time password) tokens. […]

Newly Discovered ‘Tomiris’ Backdoor Linked to SolarWinds Attack Malware – E Hacking News

Kaspersky security researchers have unearthed a new backdoor likely designed by the Nobelium advanced persistent threat (APT) behind last year’s SolarWinds supply chain attack.  The new malware, dubbed Tomiris, was first identified in June 2021 from samples dating back to February, a month before the “sophisticated second stage backdoor” Sunshuttle was spotted by FireEye and […]

Turkish National Charged for DDoS Attack on U.S. Company – E Hacking News

  Authorities in the United States charged a Turkish national for launching distributed denial-of-service (DDoS) assaults against a Chicago-based multinational hospitality company using a now-defunct malware botnet.  Izzet Mert Ozek, 32, is accused of launching attacks against the Chicago multinational in August 2017 using WireX, a botnet developed using Android malware.  According to authorities, Ozek’s […]

RansomEXX Comes into Action Encrypting Files Using AES-CBC – E Hacking News

  In the latest Profero report – Senior Incident Responder Brenton Morris states that RansomeXX decryptors have failed to encrypt different files for the victims that have paid for the ransom demanded by the Linux Vmware ESXI malicious attacker. Profero has found that this RansomExx organization does not lock Linux files appropriately, which might contribute […]

Ransomware Attack On Major European Bookseller – E Hacking News

  Recently a ransomware attack targeted a leading book supplier software, the attack interrupted regular functions of thousands of bookstores in Europe including France, Belgium, and the Netherlands. The data stolen may have included not only personally identifiable information but also payment details.  The ransomware group targeted TiteLive, a French company that provides cloud-based software […]

GriftHorse Malware has Infected More than 10 Million Android Devices – E Hacking News

  A new malware named GriftHorse is said to have infected over 10 million Android cell phones. According to the research at mobile security firm Zimperium, the threat group has been executing the campaign since November 2020. The GriftHorse malware was propagated through both Google Play and third-party application stores, according to the research group, […]

Cybersecurity experts have discovered a new hacker group – E Hacking News

Cybersecurity experts have discovered a new hacker group ChamelGang, which attacks institutions in ten countries around the world, including Russia. Since March, Russian companies in the fuel and energy sector and the aviation industry have been targeted, at least two attacks have been successful. Experts believe that pro-government groups may be behind the attacks. According […]

Scammers are Using Twitter Bots for PayPal and Venmo Scams – E Hacking News

  Internet scammers are using Twitter bots to trick users into making PayPal and Venmo payments to accounts under their possession. Venmo and PayPal are the popular online payment services for users to pay for things such as charity donations or for goods such as the resale of event tickets. This latest campaign, however, is […]