Hacking

Subscribe to Hacking

According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices.

The exploit (CVE-2022-27518) affects Citrix ADC, an application delivery controller, and Citrix Gateway, a remote access tool. Both devices are standard in mid-to-large enterprise networks. Analysts at the National

Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new, unique phishing scam that has been successful. The scam is believed to have been carried out by the Luna Moth/Silent Ransom Group and is targeting businesses in the legal and retail sectors. Unit 42 predicts that the scam is “expanding in scope.”

Killnet, a Russian-speaking hacking group that emerged shortly after Russia invaded Ukraine, took responsibility last week for deploying a denial-of-service attack that temporarily took several U.S. states’ websites offline.

Although reported as unsophisticated, the attacks managed to affect the websites of Colorado, Connecticut, Kentucky, and Mississippi. The group’s goal is reportedly to disrupt U.S. state

It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money.

The newest trend for hackers is to develop and launch cyber-attacks that deploy destructive malware. This means that when a threat actor infiltrates a business’

Hackers caused a massive traffic jam in Moscow by exploiting the ride-sharing app Yandex Taxi and using it to summon dozens of taxis to a single location. While Yandex has not confirmed the attacker’s identity, the hacktivist group Anonymous claimed responsibility on Twitter. The group has been actively taking aim at Russian targets in response

Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of users were compromised in the incident, unfortunately, its source code was stolen.

 According to LastPass

“We have determined that an unauthorized party gained access to portions of the LastPass development

The U.S. Department of Justice (DOJ) unsealed indictments against four Russian government officials on March 24, 2022, alleging that they hacked into networks that controlled energy systems in the U.S. 

According to the DOJ, the attacks took place between 2012 and 2018, and included physical damage to infrastructure, as well as embedding malware for later

The Federal Trade Commission (FTC) issued a press release on March 15, 2022, stating that it was taking action against CafePress “over allegations that it failed to secure consumers’ sensitive personal data and covered up a major breach” by filing a complaint against Residual Pumpkin Entity, LLC formerly d/b/a/ CafePress and PlanetArt, LLC d/b/a CafePress.