Tag Archives: Cyber news

SolarWinds Hack: Hackers last year conducted a ‘dry run’ of SolarWinds breach

Abstract

Hackers who breached federal agency networks through software made by a company called SolarWinds appear to have conducted a test run of their broad espionage campaign last year, according to sources with knowledge of the operation.

—-

Five months later, the hackers added new malicious files to the SolarWinds software update servers that got distributed and installed on the networks of federal government agencies and other customers. These new files installed a backdoor on victim networks that allowed the hackers to directly access them. Once inside an infected network, the attackers could have used the SolarWinds software to learn about the structure of the network or alter the configuration of network systems.

Read more in Yahoo News

https://news.yahoo.com/hackers-last-year-conducted-a-dry-run-of-solar-winds-breach-215232815.html

Everything we know about the Solarwinds Hack! in simple screenshots

How was Solarwinds hacked and created a big mess?

Solarwinds hack has put 18000 organizations including US Nuclear security administration into a sinking boat. We are in total disaster. As per Microsoft, 44% IT companies are infected. Many organizations are still in discover mode and they do not know if they have hacked or not.

Major List of Organizations including Banks in India:

You would be surprise to know that Solarwinds update service was used because of their awesome password.

How did every security software miss this?

Top News: Major leak ‘exposes’ members and ‘lifts the lid’ on the Chinese Communist Party

A major leak containing a register with the details of nearly two million CCP members has occurred – exposing members who are now working all over the world, while also lifting the lid on how the party operates under Xi Jinping, says Sharri Markson.

Ms Markson said the leak is a register with the details of Communist Party members, including their names, party position, birthday, national ID number and ethnicity. “It is believed to be the first leak of its kind in the world,” the Sky News host said. “What’s amazing about this database is not just that it exposes people who are members of the communist party, and who are now living and working all over the world, from Australia to the US to the UK,” Ms Markson said.

Read more in

Foxconn hit with record-breaking $34 million ransom demand after cyber attack

Abstract

  • Electronics manufacturer Foxconn was infected with the DoppelPaymer ransomware last month
  • Hacking group has begun to publish files stolen from company’s servers during the attack

The world’s largest electronics manufacturer, Foxconn, has suffered a cyber attack and extortionists are reportedly demanding a $34 million ransom be paid for the recovery of its data.

As Bleeping Computer reports, a Foxconn’s facility located in Ciudad Juárez, Mexico, was hit over the US Thanksgiving holiday period by hackers who stole data from the company’s servers before encrypting systems.

The DoppelPaymer gang has claimed responsibility for the ransomware attack, and begun to publish stolen data on a website it created earlier this year to coerce companies into paying huge ransom demands. Foxconn, like other victims before it, will have been told by the criminals that it risks facing difficult questions by partners, customers, and the press if sensitive data is shared online.

Read more in

CyberNews: Top Vulnerabilities this week

Following Vulnerabilities: 

CVE-2020-16898 — There’s an RCE in the Windows TCP/IP stack related to the handling of ICMPv6 Router Advertisements More 

CVE-2020-16898 Highlights

  • Do not disable IPv6 entirely unless you want to break Windows in interesting ways.
  • This can only be exploited from the local subnet.
  • But it may lead to remote code execution / BSOD
  • PoC exploit is easy, but actual RCE is hard.
  • Patch

Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday. 800,000 SonicWall VPNs are vulnerable to an RCE.

Discord Desktop app RCE

A few months ago, I discovered a remote code execution issue in the Discord desktop application and I reported it via their Bug Bounty Program.

The RCE I found was an interesting one because it is achieved by combining multiple bugs. In this article, I’d like to share the details.. More

Multiple vulnerabilities have been discovered in #Magento CMS, the most severe of which could allow for arbitrary code execution. More