Cyber Security News

Marcus Hutchins, who goes by the pseudonym MalwareTech, is a popular name in the security community. Hutchins was first arrested on August 2, 2017, while returning to the UK after attending the Black Hat and DEFCON conferences. Security researcher Marcus Hutchins aka “MalwareTech” filed a plea deal on Friday, pleading guilty to creating and distributing malware before his career as ...

In an email notification to some affected users on Saturday, Microsoft said it became aware of an issue involving unauthorised access to some customers’ web-based email accounts by cybercriminals. Microsoft has alerted some of its webmail users of possible hacker attacks that could access their email accounts illegally, media reports said. In an email notification to some affected users on ...

The third-party Facebook app developers exposed data in the public domain in two large datasets that contained 540 million users’ records. SAN FRANCISCO:  In yet another shocking revelation, US-based cyber security firm UpGuard has found that Facebook app developers left millions of user records, including comments, likes and reactions, exposed on the Amazon Cloud servers. The third-party Facebook app developers ...

The leaky database that exposed records on the internet, contained two sets of invoice collections. The information leaked in the incident included drivers’ first and last names, Iranian ID numbers, phone numbers, and invoice dates. An Iran-based ride-hailing firm has exposed over 6.7 million records due to an unprotected MongoDB database. The leaky database named ‘doroshke-invoice-production’ was discovered using BinaryEdge ...

Drupal this week issued a series of security releases to fix four “moderately critical” vulnerabilities, three related to the content management system’s Symfony PHP web application framework and a fourth involving the jQuery project JavaScript library. The three Symfony issues consist of: A cross-site scripting bug caused by the failure of validation messages in the PHP templating engine to escape (CVE-2019-10909) A ...

Municipalities took a beating this week with at least four reporting being shut down from new ransomware attacks or struggling to recover from an older incident. Augusta, Maine; Imperial County, Calif.; Stuart, Fla.; and Greenville, N.C. were all in different stages of recovering from ransomware attacks over the last seven days. Augusta City Center operations were shuttered after being hit ...

The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services. This variant was first reported in a topic in our forums where a victim stated that they were infected by the attackers hacking ...

The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said. Cisco has rushed out patches for a critical vulnerability in its ASR 9000 routers that could give remote, unauthenticated attackers access to the devices – as well as the power to launch denial-of-service (DoS) attacks against them. The flaw is specifically in Cisco Aggregation Services Routers ...

HawkEye Reborn v9 is currently marketed as an ‘Advance Monitoring Solution’ and is currently being sold using a licensing model. HawkEye Reborn v9 also includes a ‘Terms of Service agreement’ which forbids buyers from using the software on systems without permission and from scanning its executables using antivirus software. A new variant of Hawkeye dubbed ‘Reborn v9’ has emerged. HawkEye ...

In the last week, the hacker group who goes by the name of ‘PokemonGo Team’ had uploaded the personal information of several Federal agents. The hackers could have exploited a flaw in the third-party software used by the websites associated with the FBINAA in order to steal the data. The hacker group, who previously had exposed the personal information FBI ...