SK Telecom's malware breach hit 29M subscribers—imagine your digital key falling into the wrong hands. How safe is our telecom network if USIM data is this vulnerable? Dive into the full story.
#sktelecom
#malwareattack
#telecomsecurity
#usimdata
#cybersecurity
In this episode of DollyWay, we uncover the details of an 8-year-long WordPress malware campaign that has infected over 20,000 websites. We delve into how the hackers executed this sophisticated attack, and what website owners can do to protect their sites from similar threats. Tune in for expert insights and practical tips to secure your WordPress site.
#WordPressSecurity #CyberSecurity #MalwareAttack #DollyWayPodcast #WebSecurity #HackerThreats #CyberThreats
Most Trojan attacks don’t look scary at first. But the consequences are massive. Discover the true stories behind the most damaging cases.
#MalwareAttack #OnlineSecurity
https://www.appanatomy.com/post/trojan-attacks
Thousands of websites hit by malware injecting gambling redirects. #WebsiteSecurity #Cybersecurity #MalwareAttack
More details: https://www.the420.in/seo-manipulation-alert-chinese-hackers-exploit-iis-vulnerabilities-with-badiis-malware - https://www.flagthis.com/news/10350
Hackers hijacking WordPress sites to spread malware! Update your plugins now.
Find the full article at this link https://codelabsacademy.com/en/news/hacking-alert-outdated-wordpress-sites-targeted-for-malware-distribution-by-cybercriminals-2025-1-30?source=mastodon
5,000 WordPress Sites Hacked in New WP3.XYZ Malware Attack
https://gbhackers.com/5000-wordpress-sites-hacked/
#Infosec #Security #Cybersecurity #CeptBiro #WordPressSites #WP3.XYZ #MalwareAttack
Ransomware Gang Strikes With Stolen Microsoft Entra ID Credentials
In a recent cyber attack that has sent shockwaves through the tech world, a ransomware gang has struck with stolen Microsoft Entra ID credentials.
#Ransomware #CyberSecurity #DataBreach #MicrosoftEntra #IdentityTheft #HackerAlert #CyberAttack #ITSecurity #CredentialTheft #MalwareAttack #news #tech #hackers
https://cloudhosting.evostrix.eu/ransomware-gang-strikes-with-stolen-microsoft-entra-id-credentials/
Of course, now we know who was behind #Stuxnet -- #Israel and the #CIA -- thanks!
Why the #StuxnetWorm is like nothing seen before
By Paul Marks
27 September 2010
"Stuxnet is the first worm of its type capable of attacking #CriticalInfrastructure like #PowerStations and #ElectricityGrids: those in the know have been expecting it for years. On 26 September, #Iran’s state news agency reported that computers at its #Bushehr #NuclearPowerPlant had been infected.
Why the fuss over Stuxnet?
"#ComputerViruses, worms and #trojans have until now mainly infected PCs or the servers that keep e-businesses running. They may delete key system files or documents, or perhaps prevent website access, but they do not threaten life and limb.
"The Stuxnet worm is different. It is the first piece of #malware so far able to break into the types of computer that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like #pumps, #motors, #alarms and #valves in an industrial plant.
"In the worst case scenarios, safety systems could be switched off at a nuclear power plant; fresh water #contaminated with effluent at a #SewageTreatmentPlant, or the valves in an #OilPipeline opened, contaminating the land or sea.
“'Giving an attacker control of industrial systems like a #dam, a sewage plant or a power station is extremely unusual and makes this a serious threat with huge real world implications,' says Patrick Fitzgerald, senior threat intelligence officer with Symantec. 'It has changed everything.'
Why is a different type of worm needed to attack an industrial plant?
"Industrial machinery is not controlled directly by the kind of computers we all use. Instead, the equipment used in an industrial process is controlled by a separate, dedicated system called a programmable logic controller (#PLC) which runs supervisory control and data acquisition software (#SCADA).
"Running the SCADA software, the PLC controls the process at hand within strict safety limits, switching motors on and off, say, and emptying vessels, and feeding back data which may safely modify the process without the need for human intervention – the whole point of industrial automation.
So how does a worm get into the system?
"It is not easy because they do not run regular PC, Mac or Linux software. Instead, the firms who sell PLCs each have their own programming language – and that has made it tricky for hackers to break it.
"However there is a way in via the Windows PC that oversees the PLC’s operations. Stuxnet exploited four vulnerabilities in Microsoft Windows to give a remote hacker the ability to inject malicious code into a market-leading PLC made by German electronics conglomerate Siemens.
"That’s possible because PLCs are not well-defended devices. They operate for many years in situ and electronic access to them is granted via well-known passwords that are rarely changed. Even when Stuxnet was identified, Siemens opposed password changes on the grounds that it could cause chaos as older systems tried to communicate using old passwords.
Where did the initial Stuxnet infection come from?
"It appears to have first arrived in Iran on a simple #USBMemoryStick, says Fitzgerald. His team in Dublin, Ireland has been analysing Stuxnet since it was first identified by a security team in Belarus in June.
"The first of the four Windows vulnerabilities allowed executable code on a USB stick to spread to a PC. The USB may have been given to an Iranian plant operative – or simply left somewhere for an inquisitive person to insert into their terminal.
"Says Fitzgerald: 'It then spreads from machine to machine on the network, exploiting a second vulnerability to do so, and reports back to the attacker on the internet when it finds a PC that’s running Siemens SCADA software. The attacker can then download a diagram of the industrial system set-up the SCADA controls.'
"The next two Windows vulnerabilities lets the worm escalate its privilege levels to allow the attacker to inject Siemens PLC format computer code – written in a language called STL – into the PLC. It’s that code which is capable of performing the skulduggery: perhaps turning off alarms, or resetting safe temperature levels.
How do we know where Stuxnet is active?
"Symantec monitored communications with the two internet domains that the worm swaps data with. By geotagging the IP addresses of Stuxnet-infected computers in communication with the attacker, Fitzgerald’s team found that 58.8 per cent of infections were in Iran, 18.2 per cent in #Indonesia, 8.3 per cent in #India, 2.6 per cent in #Azerbaijan and 1.6 per cent in the US.
Who is behind the worm?
"No one knows. It is however very professionally written, requiring what Fitzgerald calls 'a broad spectrum of skills' to exploit four new vulnerabilities and develop their own SCADA/PLC set-up to test it on.
"This has some commentators suggesting that a #NationState with plenty of technical resources may have been behind Stuxnet. But computer crime is a billion dollar business so such an effort is not beyond extortionists.
"Stuxnet comprises a 600-kilobyte file and it has not yet been fully analysed."
Read more:
https://www.newscientist.com/article/dn19504-why-the-stuxnet-worm-is-like-nothing-seen-before/
Cybercriminals Spread FakeBat Malware Through Popular Software Searches
It's time to buckle up and stay alert because cybercriminals are on the prowl, spreading FakeBat malware through popular software searches. Yes, you heard it right – your favorite software could be a potential gateway for these sneaky hackers to infiltrate your devices.
#Cybercrime #FakeBatMalware #Cybersecurity #MalwareAttack #SoftwareSecurity #PopularSoftwareSearches #CyberCriminals #FakeBat
https://cloudhosting.evostrix.eu/cybercriminals-spread-fakebat-malware-through-popular-software-searches/
✔Global SMS Stealer Campaign Exploits Android Devices via Telegram Bots
A massive global SMS Stealer Campaign targeting Android devices through a sophisticated network of Telegram bots has recently been uncovered.
For more information
📕Read - https://cybrpro.com/global-sms-stealer-campaign/
and get insights
#GlobalSMSStealer #SMSStealerCampaign #ExploitsAndroid #AndroidSecurity #TelegramBots #Cyberpromagazine #CyberSecurity #MalwareAttack #PhoneSecurity #MobileThreats #DataProtection #InformationStealing
🤖 Mystery malware destroys 600,000 routers! 🔥
An unknown threat actor forces ISP to replace routers in 72 hours. 🕰️
What could be the motive behind this massive attack? 🤔
#MalwareAttack #RouterDestruction #CyberSecurity #ISPIncident
A new scam that takes over existing Facebook accounts is doing the rounds. It turns the profiles into AI-themed accounts and offers free trials of popular AI apps, which turn out to be malware. Warn your team
#MalwareAttack #Facebook #CyberSecurity https://www.tomsguide.com/computing/malware-adware/12-million-people-fooled-by-fake-midjourney-facebook-page-used-to-spread-malware-dont-fall-for-this
Facebook Shutters Accounts Used in APT32 Cyberattacks - Facebook shut down accounts and Pages used by two separate threat groups to spread malware and con... https://threatpost.com/facebook-accounts-apt32-cyberattacks/162186/ #phishingattack #malwareattack #wateringhole #cyberattack #bangladesh #googleapps #googleplay #facebook #phishing #malware #hacks #apt32
#ActuLibre WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers -> http://feedproxy.google.com/~r/TheHackersNews/~3/AaO1rKvJ0qM/backdoor-.html #databasesecurity #databasehacking #cryptocurrency #windowsmalware #Malwareattack #MSSQLhacking #CyberAttack #hackingnews #MySQL
WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers https://thehackernews.com/2020/04/backdoor-.html #databasesecurity #databasehacking #cryptocurrency #windowsmalware #Malwareattack #MSSQLhacking #CyberAttack #hackingnews #MySQL
#ActuLibre Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems -> http://feedproxy.google.com/~r/TheHackersNews/~3/TrfteovCQsw/ddos-botnets-lilin-dvr.html #surveillanceprogram #Malwareattack #Botnetattack #Malware #botnet
Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems https://thehackernews.com/2020/03/ddos-botnets-lilin-dvr.html #surveillanceprogram #Malwareattack #Botnetattack #Malware #botnet
#ActuLibre Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices -> http://feedproxy.google.com/~r/TheHackersNews/~3/HrG2O-6pj04/zyxel-mukashi-mirai-iot-botnet.html #bruteforceattack #Malwareattack #Vulnerability #CyberAttack #miraibotnet #NASdevices #Firewall #botnet #mirai
Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices https://thehackernews.com/2020/03/zyxel-mukashi-mirai-iot-botnet.html #bruteforceattack #Malwareattack #Vulnerability #CyberAttack #miraibotnet #NASdevices #Firewall #botnet #mirai
#ActuLibre How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats -> http://feedproxy.google.com/~r/TheHackersNews/~3/8ub8woGLdps/coronavirus-cybersecurity-ciso.html #phishingattack #cybersecurity #Malwareattack #Coronavirus #databreach #healthcare #datatheft #COVID-19
