RSS ze světa hackingu

Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered a new flaw in the company's EMV enabled cards that enable cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly. The research, published by a group of academics from the ETH Zurich, is a PIN bypass attack that allows the adversaries to…

Cyberattacks on small to medium-sized businesses (SMBs) are continuing at a relentless pace, with the vast majority of data breaches coming from outside the organization. Some believe hackers are aggressively targeting these smaller firms because they believe SMBs lack adequate resources and enterprise-grade security tools, making them easier prey than larger businesses. A new report from…

An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan (RAT) that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereason researchers yesterday, the Evilnum group has not only tweaked its infection chain but has…

Anyone paying attention to the cybersecurity technology market has heard the term XDR - Extended Detection and Response. XDR is a new technology approach that combines multiple protection technologies into a single platform. All the analyst firms are writing about it, and many of the top cybersecurity companies are actively moving into this space. Why is XDR receiving all the buzz? Combining…

Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities—which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code. The flaws, which were uncovered by Norwegian cybersecurity firm Watchcom during a pentest, affect all currently supported…

Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's the latest tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers. "For threat actors,…

Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days). In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates in their respective web browsers that expire more than 13 months (or 398 days) from their…

Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend. "A successful…

An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware. Detailing the new tactics of the "Charming Kitten" APT group, Israeli firm Clearsky said, "starting July 2020, we have identified a new TTP of the group,…

A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of…