Top News

• Leaked Documents Detail Russia’s Cyberwarfare Tools, Including for OT Attacks

"Documents leaked from Russian IT contractor NTC Vulkan show the company’s possible involvement in the development of offensive hacking tools, including for the advanced persistent threat (APT) actor known as Sandworm, Mandiant reports.
Based in Moscow, NTC Vulkan advertises its collaboration with Russian organizations and government agencies, without mentioning any involvement in the operations of state-sponsored groups or intelligence services.

Top News

• Hackers compromise 3CX desktop app in a supply chain attack

"A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack.
3CX is a VoIP IPBX software development company whose 3CX Phone System is used by more than 600,000 companies worldwide and has over 12 million daily users.

Top News

• Trojanized Tor browsers target Russians with crypto-stealing malware

"A surge of trojanized Tor Browser installers targets Russians and Eastern Europeans with clipboard-hijacking malware that steals infected users' cryptocurrency transactions.
Kaspersky analysts warn that while this attack is not new or particularly creative, it's still effective and prevalent, infecting many users worldwide.
While these malicious Tor installers target countries worldwide, Kaspersky says that most are targeting Russia and Eastern Europe.

Top News

• President Biden Signs Executive Order Restricting Use of Commercial Spyware

"U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies.
The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person."

Top News

• New Dark Power ransomware claims 10 victims in its first month

"A new ransomware operation named 'Dark Power' has appeared, and it has already listed its first victims on a dark web data leak site, threatening to publish the data if a ransom is not paid.
The ransomware gang's encryptor has a compilation date of January 29, 2023, when the attacks started.
Furthermore, the operation has not been promoted on any hacker forums or dark web spaces yet; hence it's likely a private project.

Top News

• GitHub.com rotates its exposed private SSH key

"GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository.
The software development and version control service says, the private RSA key was only "briefly" exposed, but that it took action out of "an abundance of caution.""

Link

Top News

• Facebook accounts hijacked by new malicious ChatGPT Chrome extension

"A trojanized version of the legitimate ChatGPT extension for Chrome is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts.
The extension is a copy of the legitimate popular add-on for Chrome named "ChatGPT for Google" that offers ChatGPT integration on search results. However, this malicious version includes additional code that attempts to steal Facebook session cookies.

Top News

• Breached hacking forum shuts down, fears it's not 'safe' from FBI

"The notorious Breached hacking forum has shut down after the remaining administrator, Baphomet, disclosed that they believe law enforcement has access to the site's servers.
Breached was a popular hacking and data leak forum notorious for hosting, leaking, and selling data obtained from breached companies, governments, and various organizations. 

Top News

• File-sharing site Zippyshare shutting down after 17 years

"File-sharing site Zippyshare has announced they are shutting down the site by the end of March 2023 after announcing they can no longer afford to keep the service running.
Zippyshare is a free file-sharing website launched in 2006 that generates revenue through advertisements. The site is one of the largest on the web, receiving over 43 million visits per month, according to Similarweb.

Top News

• New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks

"A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks.
The new botnet was discovered by researchers at Akamai at the start of the year, who caught it on their HTTP and SSH honeypots, seen exploiting old flaws such as CVE-2014-8361 and CVE-2017-17215.