Search results for Argentina | Breaking Cybersecurity News | The Hacker News

Interpol  #TangoDown , Suspected 25 Anonymous arrested Interpol's Web site (www.interpol.int) went down Tuesday just hours after the international police agency announced the arrest of 25 suspected members of the hacking collective Anonymous in Argentina, Chile, Colombia and Spain. The authorities in Argentina, Chile, Colombia and Spain carried out the arrests and seized 250 items of IT equipment and mobile phones, Interpol says.Those arrested are aged between 17 and 40. A National Police statement said two servers used by the group in Bulgaria and the Czech Republic had been blocked.It said the four included the alleged manager of Anonymous' computer operations in Spain and Latin America, who was identified only by his initials and the aliases " Thunder " and " Pacotron ". Authorities in Europe, North America and elsewhere have made dozens of arrests, and Anonymous has increasingly attacked law enforcement, military and intelligence-linked targets in retal...

While tracking botnet activity on their honeypot traffic, security researchers at Chinese IT security firm Qihoo 360 Netlab discovered a new variant of Mirai —the well known IoT botnet malware that wreaked havoc last year. Last week, researchers noticed an increase in traffic scanning ports 2323 and 23 from hundreds of thousands of unique IP addresses from Argentina in less than a day. The targeted port scans are actively looking for vulnerable internet-connected devices manufactured by ZyXEL Communications using two default telnet credential combinations— admin/CentryL1nk and admin/QwestM0dem —to gain root privileges on the targeted devices. Researchers believe (instead "quite confident") this ongoing campaign is part of a new Mirai variant that has been upgraded to exploit a newly released vulnerability (identified as CVE-2016-10401 ) in ZyXEL PK5001Z modems. "ZyXEL PK5001Z devices have zyad5001 as the su (superuser) password, which makes it easier for rem...

  10 Argentina WebSite HaCkeD By The 077 ( Hamdi HaCker ) Tunisian HaCker Hacked Sites :  https://pastebin.com/2eGKSAiD

Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction. Discovered by Alfredo Ortega, a software security consultant from Argentina, the vulnerability was announced on Twitter just a few hours ago with a proof-of-concept video, demonstrating how a javascript payload sent over Signal for desktop app successfully got executed on the recipient's system. Although technical details of the vulnerability have not been revealed as of now, the issue appears to be a remote code execution vulnerability in Signal or at least something very close to persistent cross-site scripting (XSS) which eventually could allow attackers to inject malicious code onto targeted Windows and Linux systems. "For the time being, we can only confirm the execution ...

Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain (30,000), and Argentina (29,000). "The victims are mainly Spanish-speaking nationals from European, North American and South American countries," Europol said in a press statement. The action, dubbed Operation Kaerb, involved the participation of law enforcement and judicial agencies from Spain, Argentina, Chile, Colombia, Ecuador, and Peru. Pursuant to the joint exercise that took place between September 10 and 17, an Argentinian national responsible for developing and running the PhaaS service since 2018 has been arrested. In total, the operation led to 17 arrests, 28 searches, and the seizure of 92...

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called  GhostLocker . "TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries," Cisco Talos researcher Chetan Raghuprasad  said  in a report shared with The Hacker News. "GhostLocker and Stormous ransomware have started a new ransomware-as-a-service (RaaS) program STMX_GhostLocker, providing various options for their affiliates." Attacks mounted by the group have targeted victims in Cuba, Argentina, Poland, China, Lebanon, Israel, Uzbekistan, India, South Africa, Brazil, Morocco, Qatar, Turkiye, Egypt, Vietnam, Thailand, and Indonesia. Some of the most impacted business verticals include technology, education, manufacturing, government, transportation, energy, medicolegal, real estate, and telecom. GhostSec – not to be confused with  Ghost Security Group  (which i...

A previously unknown hacking and cyber-espionage group that has been in operation since at least 2015 have conducted a series of highly targeted attacks against a host of government organizations in South America and Southeast Asia to steal their sensitive data. Codenamed Sowbug , the hacking group has been exposed by Symantec security researchers, who spotted the group conducting clandestine attacks against foreign policy institutions, government bodies and diplomatic targets in countries, including Argentina, Brazil, Ecuador, Peru and Malaysia. Symantec analysis found that the Sowbug hacking group uses a piece of malware dubbed "Felismus" to launch its attacks and infiltrate their targets. First identified in late March of this year, Felismus is a sophisticated, well-written piece of remote access Trojan (RAT) with a modular construction that allows the backdoor trojan to hide and or extend its capabilities. The malware allows malicious actors to take complete ...

This story was sent to us by email from Luca Fenochietto himself, in which he tries to get his side of the story out there which may well be the truth. The full story goes like this: The Last Friday 21st January, Christian Russo and his partner Luca Fenochietto discovered a vulnerability in  PlentyOfFish  exposing users details, including usernames, addresses, phone numbers, real names, email addresses, passwords in plain text, and in most of cases, paypal accounts, of more than 28,000,000 (twenty eight million users). This vulnerability was under active exploitation by hackers. Their team decided to notify Mr. Markus Frind (founder and CEO of PlentyOfFish Inc.) about these circumstances as soon as possible in order to stop any potential damage which could be done, by the exploitation of this vulnerability. The flaw was reported the same night to Annie Kanciar, his wife, who was very thankful with us, and contacted one of their developers in order to infor...

Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, called LLMjacking, has targeted various AI offerings, including Microsoft's Azure OpenAI Service. The tech giant is tracking the cybercrime network as Storm-2139. The individuals named are - Arian Yadegarnia aka "Fiz" of Iran, Alan Krysiak aka "Drago" of United Kingdom, Ricky Yuen aka "cg-dot" of Hong Kong, China, and Phát Phùng Tấn aka "Asakuri" of Vietnam "Members of Storm-2139 exploited exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services," Steven Masada, assistant general counsel for Microsoft's Digital Crimes Unit (DCU), said . "They then altered the capabilities of ...

Two Argentina-based cyber security experts -   Chris Russo  and Fernando Viacanel , who claimed to have cracked the security code of IT systems involved in the discovery of 'God Particle', today conducted training sessions for Indian government officials. Both the hackers are partners of IT security firm E2 Labs and their company in arrangement with industry chamber Assocham has plans to conduct series of technology exchange programmes on cyber security. Russo said that three times he has been able to find vulnerability in IT system of European Organisation for Nuclear Research (CERN) that has been involved in discovery of 'God Particle' or Higgs Boson. Programme was attended by officials from Cabinet secretariat, National Technical Research Organisation, Airforce, C-DAC, Income Tax Department, Assam's AMTRON along with representatives from private sector entities, Aircel and Cisco. "Talents required to be cyber security experts are mostly available in peo...

The infamous Zeus malware has once again resurfaced as per Symantec and is capable of draining your bank accounts. Zeus propagates through phishing messages that originate from an account that has been phished. Such a phished account will then start automatically sending messages to friends with links to ads telling them to check out a video or product.  Of course, you should not click as doing so will get your account phished as well. The program is sophisticated enough that it can replace a bank's Web site with a mimicked page of its very own. The fake page can then ask for social security number information and other data that is then sold on the black market.  According to Trend Micro the pages are being hosted by the Russian criminal gang known as the Russian Business Network. Zeus was first detected in 2007 and it is spreading online. If you click on the Zeus virus, it is designed to steal your password and drain your bank account. Facebook is aware o...

Botnets, like Mirai , that are capable of infecting Linux-based internet-of-things (IoT) devices are constantly increasing and are mainly designed to conduct Distributed Denial of Service (DDoS) attacks, but researchers have discovered that cybercriminals are using botnets for mass spam mailings. New research conducted by Russian security firm Doctor Web has revealed that a Linux Trojan, dubbed Linux.ProxyM that cybercriminals use to ensure their online anonymity has recently been updated to add mas spam sending capabilities to earn money. The Linux.ProxyM Linux Trojan, initially discovered by the security firm in February this year, runs a SOCKS proxy server on an infected IoT device and is capable of detecting honeypots in order to hide from malware researchers. Linux.ProxyM can operate on almost all Linux device, including routers, set-top boxes, and other equipment having the following architectures: x86, MIPS, PowerPC, MIPSEL, ARM, Motorola 68000, Superh and SPARC. ...

A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the  Grandoreiro  malware. The Federal Police of Brazil  said  it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional assistance in the effort, said it uncovered a design flaw in Grandoreiro's network protocol that helped it to identify the victimology patterns. Grandoreiro  is one of the many Latin American banking trojans such as Javali, Melcoz, Casabeniero, Mekotio, and Vadokrist, primarily targeting countries like Spain, Mexico, Brazil, and Argentina. It's known to be active since 2017. In late October 2023, Proofpoint  revealed  details of a phishing campaign that distributed an updated version of the malware to targets in Mexico and Spain. The banking trojan has capabilities to both stea...