cyber security news today

Over 25% Of Tor Exit Relays Spied On Users’ Dark Web Activities

May 10, 2021 by iHash Leave a Comment

An unknown threat actor managed to control more than 27% of the entire Tor network exit capacity in early February 2021, a new study on the dark web infrastructure revealed. "The entity attacking Tor users is actively exploiting tor users since over a year and expanded the scale of their attacks to a new record level," an independent security researcher who goes by the name … [Read more...] about Over 25% Of Tor Exit Relays Spied On Users’ Dark Web Activities

Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down

May 9, 2021 by iHash Leave a Comment

Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyberattacks. "On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack," the company said in a statement posted on its website. "We … [Read more...] about Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down

Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy

May 8, 2021 by iHash Leave a Comment

WhatsApp on Friday disclosed that it won't deactivate accounts of users who don't accept its new privacy policy rolling out on May 15, adding it will continue to keep reminding them to accept the new terms. "No one will have their accounts deleted or lose functionality of WhatsApp on May 15 because of this update," the Facebook-owned messaging service said in a statement. The … [Read more...] about Facebook Will Limit Your WhatsApp Features For Not Accepting Privacy Policy

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

May 7, 2021 by iHash Leave a Comment

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who said, "It's clear that this application is very vulnerable and puts users at risk … [Read more...] about 6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

Check Your Cybersecurity Skills On This New Competition Site

May 6, 2021 by iHash Leave a Comment

InfoSec leaders tend to be a specific type. Their jobs require them to think of possible threats, take actions that may not pay immediate results, plan for unknown security risks, and react quickly when emergencies arise, often before the morning's first coffee. The high-stakes position also means that CISOs need to keep their knowledge and skills sharp – you can never really … [Read more...] about Check Your Cybersecurity Skills On This New Competition Site

New Study Warns of Security Threats Linked to Recycled Phone Numbers

May 5, 2021 by iHash Leave a Comment

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online services. Nearly 66% of the recycled numbers that were sampled were found to be tied … [Read more...] about New Study Warns of Security Threats Linked to Recycled Phone Numbers

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

May 4, 2021 by iHash Leave a Comment

Researchers on Tuesday disclosed a novel malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems. Called 'Pingback,' the Windows malware leverages Internet Control Message Protocol (ICMP) tunneling for covert bot communications, allowing the adversary to utilize ICMP packets … [Read more...] about New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Researchers Uncover Iranian State-Sponsored Ransomware Operation

May 3, 2021 by iHash Leave a Comment

Iran has been linked to yet another state-sponsored ransomware operation through a contracting company based in the country, according to new analysis. "Iran's Islamic Revolutionary Guard Corps (IRGC) was operating a state-sponsored ransomware campaign through an Iranian contracting company called 'Emen Net Pasargard' (ENP)," cybersecurity firm Flashpoint said in its findings … [Read more...] about Researchers Uncover Iranian State-Sponsored Ransomware Operation

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

Apr 30, 2021 by iHash Leave a Comment

An "aggressive" financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an "improper SQL command neutralization" flaw in the SSL-VPN SMA100 product (CVE-2021-20016, CVSS … [Read more...] about Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

A New Slack channel for Cybersecurity Leaders Outside of the Fortune 2000

Apr 30, 2021 by iHash Leave a Comment

Perhaps due to the nature of the position, the InfoSec leadership roles tend to be solitary ones. CISOs, or their equivalent decision-makers in organizations without the role, have so many constant drains on their attention – keeping their knowledge fresh, building plans to secure their organizations further – that they often find themselves on an island. It's even more … [Read more...] about A New Slack channel for Cybersecurity Leaders Outside of the Fortune 2000