India’s Koo App Found Vulnerable to Critical Worm Attacks
9th August 2021, Kathmandu
India’s Koo app which is a Twitter-like Service was found Vulnerable to critical worm attacks.
A critical security vulnerability that could have been utilized to run arbitrary JavaScript code...
Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks
6th August 2021, Kathmandu
Multiple unpatched security susceptibilities are disclosed in Mitsubishi safety programmable logic controllers (PLCs) that an adversary would exploit to accumulate legitimate utilizer names registered within the module via...
Salesforce Release Updates A Cautionary Tale for Security Teams
6th August 2021, Kathmandu
On the surface, Salesforce seems akin to a classic Software-as-a-Accommodation (SaaS) platform. Someone might even argue that Salesforce invented the SaaS market. However, the more people work with...
A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service
6th August 2021, Kathmandu
Multiple cybercriminal groups are leveraging a malware-as-a-accommodation (MaaS) solution to distribute a wide range of malevolent software distribution campaigns that result in the deployment of payloads such as...
Phishing Attacks Resumed in the Name of Telecom and Ncell
5th August 2021, Kathmandu
Telecommunication service providers Nepal Telecom and Ncell have been found to have another phishing attack.
Phishing attacks are taking place on the social network Facebook with posts including names,...
Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices
5th August 2021, Kathmandu
Cybersecurity researchers on Wednesday disclosed 14 susceptibilities affecting a commonly-used TCP/IP stack utilized in many Operational Technology (OT) contrivances manufactured by no fewer than 200 vendors and deployed in manufacturing...
Chinese Spyware Being Used in Widespread Cyber Espionage Attacks
4th August 2021, Kathmandu
A threat actor surmised to be of Chinese inception has been linked to a series of 10 attacks targeting Mongolia, Russia, Belarus, Canada, and the U.S. from January...
Solarmarker InfoStealer Malware Once Again Making its Way into the Wild
3rd August 2021, Kathmandu
Healthcare and inculcation sectors are the frequent targets of an incipient surge in credential harvesting activity from what's a "highly modular." NET-predicated information purloiner and keylogger, charting the...
Microsoft Warned about an Alert Over Sneaky Phishing Attack
3rd August 2021, Kathmandu
Microsoft has issued an alert about a crafty phishing attack.
Microsoft's Security Intelligence team has issued an alert to Office 365 users and administrators to watch out for a...
PwnedPiper PTS Security Imperfections Threaten 80% of Hospitals in the U.S.
3rd August 2021, Kathmandu
Cybersecurity researchers on Monday disclosed a set of nine susceptibilities kenned as "PwnedPiper" that left a widely-used pneumatic tube system (PTS) vulnerably susceptible to critical attacks, including a...
Experts Unearth Several C&C Servers Linked to WellMess Malware
2nd August 2021, Kathmandu
Cybersecurity researchers on Friday unmasked incipient command-and-control (C2) infrastructure belonging to the Russian threat actor tracked as APT29, aka Cozy Bear, that has been spotted actively accommodating WellMess...
Ethical Hacker Basnet Discovered Facebook’s Security Vulnerabilities With Nearly a Million Dollar in Cash
1st August 2021, Kathmandu
Ethical hacker Akash Jung Basnet of Nepal has discovered the security weakness of Facebook. He has discovered the vulnerability of the chat room of Facebook Messenger.
Under this, the...
Phishing Attacks Carried out using Chipotle’s Marketing Account
1st August 2021, Kathmandu
Customers' payment card data was stolen by hackers using malware planted at the great majority of Chipotle Mexican Grill's more than 2,000 locations, according to the restaurant business.
The...
Eight Malicious URL-Hijacking Python Libraries Discovered on PyPI Repository
1st August 2021, Kathmandu
PyPI gateway has deleted the eight Python packages that were installed more than 30,000 times for having malicious code, which is once again highlighting how software package repositories...
Data of Two Million Users Leaked of Indonesia’s BRI Life
1st August 2021, Kathmandu
Indonesia’s BRI Life, the insurance arm of Indonesia's Bank Rakyat Indonesia (BRI), told that it had been inspecting affirms that the private details of over two million of...
Creator of Malware Using “Exotic” Programming Language
30th July 2021, Kathmandu
Threat actors are increasingly turning to "exotic" programming languages, such as Go, Rust, Nim, and Dlang, which can better circumvent traditional security protections, evade analysis, and hamper reverse...
New Ransomeware Gangs Appear on Cybercrime Forums
30th July 2021, Kathmandu
This month, two new ransomware service (RaaS) programs appeared on the threat radar. One of them claimed to be the successor of DarkSide and Ravil. These two notorious...
Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers
30th July 2021, Kathmandu
A Chinese cyberespionage group kenned for targeting Southeast Asia leveraged imperfections within the Microsoft Exchange Server that came to light earlier this March to deploy an anteriorly undocumented variant of a foreign access trojan...
Ransomware Attackers Bypass Security Detection Using VMs
30th July 2021, Kathmandu
Some ransomware attackers have used virtual machines to evade security detection, yet acquisition is slow-going for the complicated technique.
Another ransomware group using Virtual machines (VMs) to evade defensive...
Threat Actor Put 3.8 B Phone Numbers on Sale from Clubhouse Database on the...
29th July 2021, Kathmandu
Threat actor put 3.8 B phone numbers on sale from clubhouse database on the darknet. On a cyber site, a threat actor has been selling Clubhouse's sensitive database...
Employees Notified Data Breach at Mobile County Commission
29th July 2021, Kathmandu
A computer system breach has been officially notified by The Mobile County Commission to the county employees where team member data and sensitive information were at risk.
Following is...
Dutch Police Apprehend Two Hackers Tied to “Fraud Family” Cybercrime Ring
29th July 2021, Kathmandu
Law enforcement ascendant entities within the Netherlands have apprehended two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to...
UBEL is the New Oscorp – Android Credential Stealing Malware Active in the Wild
29th July 2021, Kathmandu
An Android malware that was visually examined abusing accessibility accommodations in the contrivance to hijack utilizer credentials from European banking applications has morphed into an entirely incipient botnet...
Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
29th July 2021, Kathmandu
A malware kenned for targeting macOS OS has been updated once more to integrate more features to its toolset that sanctions it to amass and exfiltrate sensitive data stored during a sort of apps, including...
Babuk Ransomware Gang Ransomed, Incipient Forum Stuffed With Porn
29th July 2021, Kathmandu
A comment spammer flooded Babuk’s incipient ransomware forum with gay orgy porn GIFs and injunctively authorized $5K in bitcoin.
The Babuk ransomware gang’s incipient rebrand isn’t going so well....
Hackers from China implanted PlugX Variant on MS Exchange Servers
29th July 2021, Kathmandu
Hackers from China implanted PlugX Variant on MS Exchange Servers after Compromise. A Chinese cyberespionage organization targeting Southeast Asia took advantage of a vulnerability in the Microsoft Exchange...
Fraud Family Phishing-as-a-Service Disrupted
28th July 2021, Kathmandu
Two people have been detained in the Netherlands for their alleged involvement in a phishing fraud-as-a-service operation, one of who is 15 years old and the other is...
How Microsoft Windows 10, 11 Serious SAM Vulnerability can be Mitigated?
28th July 2021, Kathmandu
Microsoft Windows 10 and Windows 11 users are at risk of new unpatched vulnerabilities that have recently been publicly disclosed.
As we reported last week, the vulnerability SeriousSAM allows...
Japanese PCs Found Targeted by a Wiper Malware before Tokyo Olympics Opening
28th July 2021, Kathmandu
Wiper: An Olympics-themed malware sample that accommodates functionality to wipe files on infected systems and happens to be targeted at Japanese PCs has been discovered by a Japanese...
FIN7’s Liquor Lure Compromises Law Firm with Backdoor
27th July 2021, Kathmandu
Utilizing a lure concerning a lawsuit against the owner of Jack Daniels whiskey, the cybergang launched a campaign that will be bent ransomware deployment.
Financial cybercrime gang FIN7 has...