Bandwidth Suffers Outages Caused by DDoS Attack – E Hacking News

  Within the last couple of days, Bandwidth.com has been the latest target of distributed denial of service attacks targeting VoIP companies.  Bandwidth, a firm providing Voice over Internet Protocol (VoIP), services to companies and resellers, revealed that it suffered a failure after reporting on the DDoS attack on the 27th of September, Monday night.  […]

Threat Actors from China Infiltrated a Major Afghan Telecom Provider – E Hacking News

  Just as the US was completing its withdrawal from Afghanistan, several China-linked cyberespionage groups were seen intensifying attacks on a major telecom corporation. Recorded Future, a threat intelligence firm, reported on Tuesday that it has witnessed four different Chinese threat groups target a mail server belonging to Roshan, a large telecom provider in Afghanistan […]

Nobelium APT Group Uses Custom Backdoor to Target Windows Domains – E Hacking News

  Researchers from Microsoft Threat Intelligence Center (MSTIC) identified FoggyWeb, a new custom malware utilized by the Nobelium APT group to distribute further payloads and steal critical information from Active Directory Federation Services (AD FS) servers.  FoggyWeb is a post-exploitation backdoor utilized by the APT group to remotely exfiltrate the setup databases of affected Active […]

Japan mentioned Russia in its new cybersecurity strategy – E Hacking News

The Japanese government on Tuesday officially approved a new three-year cybersecurity strategy, where Russia, China and North Korea are mentioned for the first time as potential sources of hacker attacks. The document is published on the website of the Cyber Strategic Headquarters of Japan. Japanese Foreign Minister Toshimitsu Motegi said at a press conference in […]

Kids Fairy Tale App Farfaria Exposed Data of 2.9 Million Users – E Hacking News

Cybersecurity researcher at Comparitech has identified a misconfigured MongoDB database containing a treasure trove of data left uncovered to the public without any password or security authentication. The exposed data belongs to FarFaria, a San Francisco, CA-based company that offers fairytales for kid’s service through Android and iOS apps.  According to Bob Diachenko, the head […]

Working Exploit Is Out for VMware vCenter CVE-2021-22005 Flaw – E Hacking News

  A fully working exploit for the remote code execution vulnerability in VMware vCenter labelled as CVE-2021-22005 is now publicly accessible, and is being exploited in the wild. In contrast to the version that began to circulate at the end of last week, this variation can be used to open a reverse shell on a […]

Latest Microsoft Exchange Server Feature Mitigates High-Risk Bugs – E Hacking News

  One of the prominent targets for hackers is Microsoft Exchange, and the attack vector typically involves a popular vulnerability which the organization hasn’t recently patched. A new solution by Microsoft aims at providing urgent protection after several attacks over the last year that used zero-days against on-site versions of Microsoft Exchange servers.  Microsoft has […]

Spoofed Zix Encrypted Email is Used in Credential Spear-Phishing – E Hacking News

  Hackers have used a credential phishing attack to steal data from Office 365, Google Workspace, and Microsoft Exchange by spoofing an encrypted mail notification from Zix. According to Armorblox security researchers, the assault impacted around 75,000 users, with small groups of cross-departmental staff being targeted in each customer environment.  Social engineering, brand impersonation, replicating […]

Russia will develop a new cyber security standard – E Hacking News

Positive Technologies is developing a new concept of cyber security standard. The document should become an open knowledge base, which will be exchanged between specialists to improve their qualification. Today, each company sets up its own information security parameters; when a single standard appears, organizations will be able to develop the most effective solutions together. […]

Hackers Steal $17,000 in ‘Double Your Cash’ Fraud on Bitcoin.org – E Hacking News

  Bitcoin.org, the authentic website of the Bitcoin project was hacked by criminals who advertised a double your money scam and unfortunately, many people fell into the trap.   On September 23, visitors to bitcoin.org were welcomed with a popup instructing them to send cryptocurrency to a Bitcoin wallet using a QR code and earn twice […]