Here is the latest news on cyber security.
- There was a cyberattack on TATA Power.
The IT system at Tata Powers was the target of a cyberattack on Friday. They have taken action to get the threat actors’ data back.
According to Tata Power, all essential operational systems are operating.
- By using Ducktail Malware, Facebook business accounts were taken over.
A PHP variant known as Ducktail Malware has been found to steal data. An early version of this is employed as command and control on Telegram.
According to the experts, the fundamental objective of threat actors is to constantly vary how malware is delivered to collect information.
They distribute this malware together with pirated copies of Microsoft Office, video games, and pornographic materials.
- The Wynncraft Minecraft server is subjected to a DDOS attack by the Mirai Botnet.
Threat actors launched a 2.5 Tbps DDOS attempt against Cloudflare, a provider of web infrastructure and security.
It took this attack two minutes to complete. According to the researcher, it is a multi-vector assault that floods with TCP and UDP traffic.
- Linux, Windows, and macOS PCs are the targets of a new malware attack framework.
Targeting macOS, Windows, and Linux require the use of a new command and control infrastructure. This malware can build a configured payload, execute code remotely, and take screenshots.
The Alchimist malware attack framework is a well-known one. The code for this alchemist was created in Go. To run the virus, the attackers employ insekt RAT on Windows and Linux.
- A data leak revealed the records of Australian secret agents.
Threat actors have disclosed the identities of secret operatives who work for the Australian Federal Police. More than 5 gigabytes of data were exposed by the hacktivist collective Guacamaya.
Documents, emails, and AFP drug cartel trading techniques are all included in this data.
This was revealed by AFP operations, some of which are now in progress. Oil firms, military, and law enforcement systems are the hackers’ primary
- Threat actors operating out of China are focusing on telecom and IT service providers.
The WIP19 cyberespionage organization from China targets telecom and IT service providers.
This gang steals digital certificates to sign harmful software like credential dumpers and SQLMaggie.
- Female classmates’ email and Snapchat accounts were hijacked by students.
A former University of Puerto Rico student was given a 2-year prison term for hacking the email and Snapchat accounts of a female classmate. This teen hacked them using spoofing and phishing methods. He harassed them and obtained their naked pictures, which he then publicized for some of them. Along with this, he also gained access to the email accounts of numerous universities and collected their personal data. The accounts of about 15 female students were compromised.
- Deadbolt was duped by a cybersecurity company into providing the decryption key.
The Deadbolt ransomware gang distributed over 155 decryption keys using fake ransom methods. After encrypting Autor and QNAP Network Attached Storage, this ransomware gang is well known for demanding 0.03 bitcoin.
The attacker delivers the victim the decryption key after receiving the bitcoins. The files on NAS hard drives will be encrypted if the victims submit the decryption key in the ransom note screen.
The decryption key had been purchased by the police, who also acquired it from the gang and withdrew their payment.
- The Redeye C2 Visualization tool has been released by CISA.
The cybersecurity and infrastructure security organization also launched Redeye c2, an open-source visualization.
Users can access Redeye to facilitate better decision-making, analyze mitigation options, and access information.
Redeye displays the logs it has loaded in a host-based graphical format.
- Vishing attack victims who install Android banking malware.
According to ThreatFabrics, hackers use vishing attacks to lure victims into installing android banking malware. Italian consumers of internet banking were the subject of a phishing website that sought their contact information.
They also target some of the clients of axis banks and banks with headquarters in India.
Attackers called the victims using the data they had obtained from a fake website. In order to convince the victim to install the malicious banking software, the attacker poses as the manager’s employer.
