Chinese hackers hijacked thousands of TP-Link WiFi routers for covert Cyberattacks

Microsoft observed that a covert Chinese botnet, relying on compromised TP-Link routers, commits stealthy password-spraying attacks, only attempting to access accounts once per day. This malicious operation was discovered in August 2023 and employed an average of 8,000 compromised devices at any given time, according to a new report by Microsoft Threat Intelligence. The botnet…

Read More

India’s Cyber Defenses Under Siege: The Rising Threat of Ransomware; Jim Walter, Senior Threat Researcher, SentinelOne

With its rapidly expanding digital infrastructure and increasing dependence on technology, India has become a prime target for ransomware attacks. As the world’s fifth-largest economy, India faces a unique ransomware threat that arises from the widespread adoption of technologies that lack proper security—and cybercriminals have taken notice. The result? Organised ransomware groups have shifted their…

Read More

North Korean hackers stealing military secrets, say US & allies

North Korean hackers have conducted a global cyber espionage campaign in efforts to steal classified military secrets to support Pyongyang’s banned nuclear weapons programme, the United States, Britain and South Korea said in a joint advisory on Thursday. The hackers, dubbed Anadriel or APT45 by cybersecurity researchers, are believed to be part of North Korea’s…

Read More

Hackers Leaks with 1,000 Crore Passwords Online in Biggest Cyber Security Breach

Passwords Leaked: A file with around 10 billion (1,000 crore) passwords was leaked via an online hacking forum, according to a report by Semafor. The compilation, which included old and new password breaches, was posted online on July 4, and is the largest such leak yet, it added. The report noted the risk of credential-stuffing attacks being…

Read More

Cisco Warns of regreSSHion RCE Impacting Multiple Products

Cisco has issued a security advisory regarding a critical remote code execution (RCE) vulnerability, dubbed “regreSSHion,” that affects multiple products. The vulnerability tracked as CVE-2024-6387, was disclosed by the Qualys Threat Research Unit on July 1, 2024. It impacts the OpenSSH server (sshd) in glibc-based Linux systems and has the potential to allow unauthenticated attackers…

Read More

Dark Web offers Botnets for as low as $99, fuelling Cyberattacks

Hackers add more devices to the network of slave digital devices, which would do what hackers want them to do. These networks, called botnets, launch large-scale cyberattacks, including the dreaded Distributed Denial of Services (DDoS). Now Dark web peers are selling botnets at throw-away prices ranging from $99 on the Dark Web, according to cybersecurity…

Read More

Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack

Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…

Read More

Deepfakes, Fraudsters and Hackers Are Coming for Cybersecurity Jobs

Companies in the market for cybersecurity professionals could face a new method of attack, made harder to spot because of artificial intelligence: Hackers posing as job applicants. As cyber threats targeting U.S. companies multiply, some security leaders have increased scrutiny during hiring to weed out bad actors—or simply applicants with over-embellished resumes. Globally, the cyber…

Read More

Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks

The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. Key findings:…

Read More

Microsoft says it Caught Hackers from China, Russia & Iran using its AI tools

Hackers  from Russia, China, and Iran have been using tools from Microsoft-backed OpenAI to hone their skills and trick their targets, according to a report published on Wednesday. Microsoft MSFT.O, opens new tab said in its report it had tracked hacking groups affiliated with Russian military intelligence, Iran’s Revolutionary Guard, and the Chinese and North…

Read More