Ειδοποιήσεις

North Korean hackers tracked as the Lazarus Group have been observed while using LinkedIn lures in an ongoing spear-phishing campaign targeting the cryptocurrency vertical in the United States, the United Kingdom, Germany, Singapore, the Netherlands, Japan, and other countries.

This is not the first time the Lazarus hackers (also tracked as HIDDEN COBRA by the United States Intelligence Community and Zinc by Microsoft) have targeted cryptocurrency organizations.

United Nations (UN) Security Council experts say that the North Koreans were behind cryptocurrency heists that led to losses of $571 million between 2017 and 2018, with the U.S. Treasury later sanctioning three DPRK-sponsored and financially motivated hacking groups (Lazarus, Andarial, and Bluenoroff).

Read more »

If your web-server runs on Apache, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it.

Apache recently fixed multiple vulnerabilities in its web server software that could have potentially led to the execution of arbitrary code and, in specific scenarios, even could allow attackers to cause a crash and denial of service.

The flaws, tracked as CVE-2020-9490, CVE-2020-11984, CVE-2020-11993, were uncovered by Felix Wilhelm of Google Project Zero, and have since been addressed by the Apache Foundation in the latest version of the software (2.4.46).

Read more »

Google addressed a use-after-free bug in the WebGL (Web Graphics Library) component of the Google Chrome web browser that could lead to arbitrary code execution in the context of the browser’s process following successful exploitation.

WebGL is a JavaScript API used by compatible browsers to render interactive 2D and 3D graphics without using plug-ins.

A fix for this code execution vulnerability is already included in Google Chrome’s Beta release channel and it will also come to the Stable channel with the release of Google Chrome 85.0.4149.0 that will roll out tomorrow according to Chrome’s release timeline.

Read more »

Freepik says that hackers were able to steal emails and password hashes for 8.3M Freepik and Flaticon users in an SQL injection attack against the company’s Flaticon website.

Freepik is the company behind Freepik (one of the largest online graphic resources sites in the world) and  Flaticon (an icon database platform) totaling 18 million monthly unique users, 50 million monthly views, and 100 million monthly downloads

The threat actors behind the Freepik security breach were able to steal the oldest 8.3M users’ emails and password hashes, where available.

“To clarify, the hash of the password is not the password, and can not be used to log into your account,” Freepik added.

Read more »

Low-skilled hackers likely from Iran have joined the ransomware business targeting companies in Russia, India, China, and Japan. They are going after easy hits, using publicly available tools in their activity.

The new group is deploying Dharma ransomware. Based on forensic artifacts, this is a non-sophisticated, financially-motivated gang that is new to cybercrime.

Read more »