The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis

Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks

Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks

January 15, 2022Ravie Lakshmanan
In an unprecedented move, Russia's Federal Security Service (FSB), the country's principal security agency, on Friday disclosed that it arrested several members belonging to the notorious REvil ransomware gang and neutralized its operations. The surprise takedown, which it said was carried out at the request of the U.S. authorities, saw the law enforcement agency conduct raids at 25 addresses in the cities of Moscow, St. Petersburg, Moscow, Leningrad and Lipetsk regions that belonged to 14 suspected members of the organized cybercrime syndicate. "In order to implement the criminal plan, these persons developed malicious software, organized the theft of funds from the bank accounts of foreign citizens and their cashing, including through the purchase of expensive goods on the Internet," the FSB  said  in a statement. In addition, the FSB seized over 426 million rubles, including in cryptocurrency, $600,000, €500,000, as well as computer equipment, crypto wallets u
Get Lifetime Access to Cybersecurity Certification Prep Courses

Get Lifetime Access to Cybersecurity Certification Prep Courses

January 15, 2022The Hacker News
You can't go far in professional IT without being asked for some key certifications. In particular, most  large companies  today require new hires to be well versed in the fundamentals of cybersecurity. Adding the likes of CISSP, CISM, and CompTIA CASP+ to your résumé can open the door to many opportunities — including six-figure roles. There is just a small matter of some exams to pass. To help you fly through the tests, we have teamed up with iCollege to bring you  The 2022 Ultimate Advanced CyberSec Professional Certification Bundle . This collection of five courses helps you work towards top certifications, with over 147 hours of content from expert instructors. The training would normally set you back a total of $1,475. But thanks to a special deal for readers of The Hacker News, you can get the bundle today for only $69. What's Included: NIST Cybersecurity & Risk Management Frameworks (ISC) CISSP - 2021 ISACA Certified Information Security Manager (CISM) Co
Massive Cyber Attack Knocks Down Ukrainian Government Websites

Massive Cyber Attack Knocks Down Ukrainian Government Websites

January 14, 2022Ravie Lakshmanan
No fewer than 70 websites operated by the Ukrainian government went offline on Friday for hours in what appears to be a coordinated cyber attack amid heightened tensions with Russia. "As a result of a massive cyber attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down," Oleg Nikolenko, MFA spokesperson,  tweeted . The Security Service of Ukraine, the country's law-enforcement authority,  alluded  to a possible Russian involvement, pointing fingers at the hacker groups associated with the Russian secret services while branding the intrusions as a supply chain attack that involved hacking the "infrastructure of a commercial company that had access to the rights to administer the web resources affected by the attack." Prior to the update from the SSU, the Ukrainian CERT claimed that the attacks may have exploited a security vulnerability in Laravel-based October CMS ( CVE-2021-32648 ), which cou
North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide

North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide

January 14, 2022Ravie Lakshmanan
Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor. Russian cybersecurity company Kaspersky, which is tracking the intrusions under the name " SnatchCrypto ," noted that the campaign has been running since at 2017, adding the attacks are aimed at startups in the FinTech sector located in China, Hong Kong, India, Poland, Russia, Singapore, Slovenia, the Czech Republic, the U.A.E., the U.S., Ukraine, and Vietnam. "The attackers have been subtly abusing the trust of the employees working at targeted companies by sending them a full-featured Windows backdoor with surveillance functions, disguised as a contract or another business file," the researchers  said . "In order to eventually empty the v
U.K. Hacker Jailed for Spying on Children and Downloading Indecent Images

U.K. Hacker Jailed for Spying on Children and Downloading Indecent Images

January 14, 2022Ravie Lakshmanan
A man from the U.K. city of Nottingham has been sentenced to more than two years in prison for illegally breaking into the phones and computers of a number of victims, including women and children, to spy on them and amass a collection of indecent images. Robert Davies, 32, is said to have purchased an arsenal of cyber crime tools in 2019, including crypters and remote administration tools (RATs), which can be used as a backdoor to steal personal information and conduct surveillance through microphones and cameras, catching the attention of the U.K. National Crime Agency (NCA). The cyber voyeur's modus operandi involved catfishing potential targets by using fake profiles on different messaging apps such as Skype, leveraging the online encounters to send rogue links hosting the malware through the chats. "Davies was infecting his victims' phones or computers with malicious software by disguising it with the crypters so their antivirus protection would not detect it,&qu
Husband-Wife Arrested in Ukraine for Ransomware Attacks on Foreign Companies

Husband-Wife Arrested in Ukraine for Ransomware Attacks on Foreign Companies

January 14, 2022Ravie Lakshmanan
Ukrainian police authorities have nabbed five members of a gang that's believed to have helped orchestrate attacks against more than 50 companies across Europe and the U.S and caused losses to the tune of more than $1 million. The  special operation , which was carried out in assistance with law enforcement officials from the U.K. and U.S., saw the arrest of an unnamed 36-year-old individual from the capital city of Kyiv, along with his wife and three other accomplices. A total of nine searches across the suspects' homes were carried out, resulting in the seizure of computer equipment, mobile phones, bank cards, flash drives, three cars, and other items with evidence of illegal activity. The Cyber Police of the National Police of Ukraine said the group offered a "hacker service" that enabled financially motivated crime syndicates to send phishing emails containing file-encrypted malware to lock confidential data pertaining to its victims, demanding that the target
Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM

Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM

January 13, 2022Ravie Lakshmanan
Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited by a remote attacker to take control of an affected system. Tracked as  CVE-2022-20658 , the vulnerability has been rated 9.6 in severity on the CVSS scoring system, and concerns a privilege escalation flaw arising out of a lack of server-side validation of user permissions that could be weaponized to create rogue Administrator accounts by submitting a crafted HTTP request. "With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP," Cisco  noted  in an advisory published this week. " To successfully exploit this vulnerability, an attacker would need valid Advanced User credentials." Unified CCMP and Unified CCDM pro
GootLoader Hackers Targeting Employees of Law and Accounting Firms

GootLoader Hackers Targeting Employees of Law and Accounting Firms

January 13, 2022Ravie Lakshmanan
Operators of the GootLoader campaign are setting their sights on employees of accounting and law firms as part of a fresh onslaught of widespread cyberattacks to deploy malware on infected systems, an indication that the adversary is expanding its focus to other high-value targets. "GootLoader is a stealthy initial access malware, which after getting a foothold into the victim's computer system, infects the system with ransomware or other lethal malware," researchers from eSentire  said  in a report shared with The Hacker News. The cybersecurity services provider said it intercepted and dismantled intrusions aimed at three law firms and an accounting enterprise. The names of the victims were not disclosed. Malware can be delivered on targets' systems via many methods, including poisoned search results, fake updates, and trojanized applications downloaded from sites linking to pirated software. GootLoader resorts to the first technique. In March 2021,  details em
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.