APT-C-27 Hackers Launching njRAT Backdoor via Weaponized Word Documents to Control the Compromised Device

Goldmouse APT group (APT-C-27) now start exploiting the WinRAR vulnerability (CVE-2018-20250[6]) to hide the njRAT backdoor and targeting users reside in the Middle East via decoy Word document to compromise and control the device.

The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library

Source: gbhackers

Continue reading “APT-C-27 Hackers Launching njRAT Backdoor via Weaponized Word Documents to Control the Compromised Device”

Advertisements

Video Sharing Platform DailyMotion Falls Victim To Credential Stuffing Attack

After meddling with a number of social networks, it seems the hackers have moved their focus to video-sharing platforms as well. Reportedly, DailyMotion – a popular platform for videos – has become the recent victim of cyber attack. The firm confirmed that it endured credential stuffing attack that affected some accounts.

Source: latesthackingnews

Continue reading “Video Sharing Platform DailyMotion Falls Victim To Credential Stuffing Attack”

How hackers can exploit devices used at home

How hackers can exploit devices used at home

As Americans increasingly fill their homes with smart technology, the risk of hackers exploiting their devices is growing.

Experts say the expanding ecosystem of internet-connected devices such as smart thermostats, home security systems and electric door locks are increasingly susceptible to hackers, including those trying to leverage voice-command devices.

Source: thehill Continue reading “How hackers can exploit devices used at home”

Massive IoT Exploit: More than 1,700 valid Telnet credentials for IoT devices leaked online

Security researchers are warning of the availability online of a list of IoT devices and associated telnet credentials.

The list has been available on Pastebin since June, but last week it was also shared via Twitter by the researcher Ankit Anubhav becoming rapidly viral.

The original list was posted by someone who has previously published a dump of valid log-in credentials and also the source code of a botnet.

Continue reading “Massive IoT Exploit: More than 1,700 valid Telnet credentials for IoT devices leaked online”

Blog at WordPress.com.

Up ↑