Massive attacks on vulnerable routers are now a matter of time.
SSD Secure Disclosure discovered vulnerabilities in the D-Link EXO AX4800 router (DIR-X4860) that allow you to take full control of the device.
Flaws were found in DIR-X4860 routers with the latest firmware version...
3 months without updates is a great opportunity for cybercriminals.
The world's largest vulnerability database, NVD, managed by the US National Institute of Standards and Technology (NIST), recently experienced a major outage that resulted in a significant increase in the number of unpublished...
Rust-based software, fake signatures, and communication with OceanLotus. What else will surprise the group?
In the period from 2022 to 2023, the Timitator group of cyber criminals actively attacked Chinese energy, scientific and military institutions. The attacks were carried out using phishing...
The simulation environment will allow you to create invulnerable devices that do not need additional protection.
MITRE Corporation has introduced a new threat modeling framework, EMB3D, designed for manufacturers of embedded devices used in mission-critical infrastructures. The model provides a...
How did an ordinary network tool gradually turn into a powerful cyber weapon?
Recently, hackers are increasingly using the DNS tunneling method to track when victims open phishing emails and click on malicious links, as well as to scan networks for vulnerabilities.
DNS tunneling consists of...
Update as soon as possible to protect vulnerable servers.
The developers of Cacti, an open source network monitoring and management system, have fixed 12 vulnerabilities, including two critical ones that lead to arbitrary code execution.
Here are the most serious of the patched...
Some companies don't even know who is actually flooding them with emails.
The researchers found an actively developing social engineering campaign aimed at obtaining initial access to corporate IT systems for their further operation. Attackers bombard businesses with spam mailings to capture...
The popular "requests" package has been maliciously modified.
Security researchers from Phylum discovered a malicious package in the popular PyPI repository that disguises itself as the popular "requests" library, but in reality poses a significant threat to the entire developer community.
The...
A daring cyberattack exposed the vulnerabilities of dozens of government resources.
Researchers of the TechCrunch identified about four dozen advertising links with the domain "gov.in" owned by the governments of various Indian states such as Bihar, Goa, Karnataka, Kerala, Mizoram and...
The crime was solved by specialists of the regional Federal Security Service of Russia. This was reported in the press service of the ministry.
The Federal Security Service of Russia for the Stavropol Territory has documented the illegal activities of local residents involved in the use of...
The attack makes a loss of $46,000 daily.
Sysdig discovered a new attack scheme in which stolen credentials for cloud services are used to access the services of cloud LLM models in order to sell access to other cybercriminals. The detected attack was directed at the Claude (v2/v3) model from...
A new malicious campaign leaves no chance for South Korean civil servants.
North Korean hacker group Kimsuky uses advanced cyber espionage techniques, including the use of social networks and system management tools. This is reported by a recent report of the South Korean company Genians...
More frequent attacks call into question the privacy of thousands of doctors and millions of patients.
Ascension, one of the largest private healthcare systems in the United States, has been forced to shut down some of its systems to investigate what the organization describes as a...
Hundreds of thousands of people lost money by trusting the wrong online stores.
An international investigation conducted by The Guardian, Die Zeit and Le Monde has uncovered one of the largest Internet fraud schemes in history. Hundreds of thousands of people in Europe and the United States...
The high-profile hack of MOVEit Transfer still reminds us of itself with sudden information security discoveries.
A year after a high-profile cyber attack by the Clop group, during which hundreds of companies were compromised with confidential data, the University system of Georgia (USG), which...
Wichita demonstrates the dangers of cybercrime in the digital age.
In Wichita, the largest city in the state of Kansas with a population of 400,000 people, a cyberattack occurred on May 5, as a result of which the information systems of the authorities were encrypted using a ransomware program...
Hackers, as well as the malware they create and use, have shown rapid growth over the past couple of decades. When computers were big, colorful boxes, modern hackers were just learning how to walk, and their pranks were not serious - perhaps they would have created a bit of stupid malware that...
What if you could spend your time trying to access other people's networks and computer systems without getting into trouble? Of course, this is the dream of any spy and cybercriminal, but only ethical hackers, also known as" white hat hackers " or penetration testers (pentesters), can be sure...
Every day, most of us leave behind traces on the Internet, including disparate pieces of data that can later be used to learn about a person's activities and break through the veil of anonymity, writes CSO. The fight to prevent attackers from putting these pieces of the puzzle together is known...
Table of contents
How to become an Ethical Hacker
How is hacker ethics measured?
Current situation with Bug Bounty in Russia
Conclusion
Hacking is a kind of flagship of media information security. Cult films are made about hackers. Many teenagers and aspiring IT professionals are eager to...