🥷 The Ninja Way 🥷
* The Ninja Way * I do share hacking and infosec stuff. // other interesting channels @UmRefugioNoUniverso @DarkArmyChannel @RealYourAnonS0u1 ./END
نمایش بیشتر- مشترکین
- پوشش پست
- ER - نسبت تعامل
در حال بارگیری داده...
در حال بارگیری داده...
The network systems of one of the biggest pharmaceutical companies in the US, called PharMerica, were breached by hackers a couple of months ago. The cybercriminals managed to steal the
personal information of nearly 6 million people. The information stolen by the bad actors includes extremely sensitive information. PharMerica has thousands of locations across the US, and the breach affects approximately 2% of the US population.
In a recently issued statement, the pharma company said that in March 2023, they experienced a cyber accident and hired a cyber forensic company to investigate further. The cyber experts determined that the hackers had access to medical and personal information containing millions of Americans’ names, DOB, SSNs, and health insurance. Part of the people affected are already deceased, but this would not stop criminals from committing fraud.
https://www.pandasecurity.com/en/mediacenter/security/hackers-ssn-6-million/From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.”
Ask Western cybersecurity intelligence analysts who their "favorite" group of foreign state-sponsored hackers is—the adversary they can't help but grudgingly admire and obsessively study—and most won't name any of the multitudes of hacking groups working on behalf of China or North Korea. Not China's APT41, with its brazen sprees of supply chain attacks, nor the North Korean Lazarus hackers who pull off massive cryptocurrency heists. Most won't even point to Russia's notorious Sandworm hacker group, despite the military unit's unprecedented blackout cyberattacks against power grids or destructive self-replicating code.
https://www.wired.com/story/turla-history-russia-fsb-hackersFrom USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.”
Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks.
The findings were
presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week.
The 11 vulnerabilities allow "remote code execution and full control over hundreds of thousands of devices and OT networks - in some cases, even those not actively configured to use the cloud."
https://thehackernews.com/thn/2023/05/industrial-cellular-routers-at-risk-11.htmlLinux distributions have gained significant popularity among cybersecurity professionals due to their customizable and open-source nature. These distributions, commonly known as “distros,” come packaged with other components that allow users to tailor them to their specific needs. For cybersecurity professionals, Linux distros are particularly useful for ethical hacking and penetration testing. With numerous free options available for digital forensics and penetration testing, advanced Linux users have access to a variety of tools to enhance their skills. This article will explore seven of the most popular Linux distros used for penetration testing and ethical hacking.
https://cloud7.news/linux/best-hacking-pentesting-linux-distros/Linux distributions have gained significant popularity among cybersecurity professionals due to their customizable and open-source nature. These distributions, commonly known as “distros,” come packaged with other components that allow users to tailor them to their specific needs. For cybersecurity professionals, Linux distros are particularly useful for ethical hacking and penetration testing. With numerous free options […]
The US Cybersecurity and Infrastructure Security Agency (CISA) has added several Linux and Linux-related flaws to its known exploited vulnerabilities (KEV) catalog.
The agency
added seven new vulnerabilities
to its KEV catalog on Friday: Ruckus AP remote code execution (CVE-2023-25717), Red Hat Polkit privilege escalation (CVE-2021-3560), Linux kernel privilege escalations (CVE-2014-0196 and CVE-2010-3904), Jenkins UI information disclosure (CVE-2015-5317), Apache Tomcat remote code execution (CVE-2016-8735), and an Oracle Java SE and JRockit issue (CVE-2016-3427).
https://www.securityweek.com/cisa-several-old-linux-vulnerabilities-exploited-in-attacks/Several old Linux vulnerabilities for which there are no public reports of malicious exploitation have been added to CISA’s KEV catalog.
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution.
"Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz
said
in a report.
https://thehackernews.com/thn/2023/05/netgear-routers-flaws-expose-users-to.htmlCybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks.
"Once inside the network, CACTUS actors attempt to enumerate local and network user accounts in addition to reachable endpoints before creating new user accounts and leveraging custom scripts to automate the deployment and detonation of the ransomware encryptor via scheduled tasks," Kroll said in a report shared with The Hacker News.
https://thehackernews.com/thn/2023/05/new-ransomware-strain-cactus-exploits.html