
Pwn2Own Toronto 2022 has ended with competitors earning $989,750 for 63 zero-day exploits (and multiple bug collisions) targeting consumer products between December 6th and December 9th.
During this hacking competition , 26 teams and security researchers have targeted devices in the mobile phones, home automation hubs, printers, wireless routers, network-attached storage, and smart speakers categories, all up-to-date and in their default configuration.
MuddyWater Hackers Target Asian and Middle East Countries with Updated Tactics

"The campaign has been observed targeting Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar, Tajikistan, and the United Arab Emirates," Deep Instinct researcher Simon Kenin said in a technical write-up.
MuddyWater , also called Boggy Serpens, Cobalt Ulster, Earth Vetala, Mercury, Seedworm, Static Kitten, and TEMP.Zagros, is said to be a subordinate element within Iran's Ministry of Intelligence and Security (MOIS).
Chinese Hackers' Covid-Relief Fraud Expands Cyber Threats to US

The US Secret Service allegation that a Chinese hacking organization stole tens of millions of dollars in US Covid-19 relief funds broadens the threats the nation and its citizens face from the cybercriminals, according to cybersecurity professionals and attorneys.
State-sponsored cyber threat group APT41 fraudulently obtained $20 million that was distributed as pandemic relief, the Secret Service told Bloomberg Law on Tuesday, confirming a report first published by NBC News.
North Korean hackers exploited Internet Explorer zero-day to spread malware • TechCrunch

North Korean state-sponsored hackers exploited a previously unknown zero-day vulnerability in Internet Explorer to target South Korean users with malware, according to Google's Threat Analysis Group.
Google researchers first discovered the zero-day flaw on October 31 when multiple individuals uploaded a malicious Microsoft Office document to the company's VirusTotal tool.
Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps

The ERMAC infections commence with a fraudulent website that claims to offer Wi-Fi authorization software for Android and Windows that, when installed, comes with features to steal seed phrases from crypto wallets and other sensitive data.
ThreatFabric said it also found a number of malicious apps that were trojanized versions of legitimate apps like Instagram, with the operators using them as droppers to deliver the obfuscated malicious payload.
Prince Harry conned into revealing call with Russian hackers: DETAILS

Prince Harry was reportedly once conned into some revealing phone calls with a pair of Russian hackers who he assumed to be Swedish activist Greta Thunberg; insiders have revealed.
"There is a lot of caution, of course, and there are two words to explain that: Greta Thunberg," an insider shared, as per The Daily Mail .
Apple's new Advanced Data Protection brings more security and encryption to iCloud - Vox
![]()
Apple, the company whose CEO is fond of calling privacy a human right , has added a few new privacy features to its devices. One of them, Advanced Data Protection, is adding end-to-end encryption to almost every iCloud service out there.
The company announced the update on Wednesday , although the upgraded encryption won't be available until the end of this year for US users and early next year for everyone else. When it does roll out, you'll have to choose to enable it in your iCloud settings.
The Grid Is Under Attack From Snipers, Hackers and Hurricanes - The Washington Post

We don't yet know who attacked an electricity substation in North Carolina, blacking out 45,000 customers, or why they did it. Whatever their motivation, they shot a few holes in the very idea of the grid.
Our electricity grids are founded on two basic principles. First, networks provide resiliency because if one part hits trouble, other parts can pick up the slack — up to a point.
How to Prevent Against Increasingly Personalized Attacks From Hackers
"I put myself in the shoes of someone I want to hack and try to craft something specific to them," Snow said.
With the rapid migration to the cloud and increase in hybrid and remote work, we're seeing that greater flexibility also presents new vulnerabilities. According to the Cost of a Data Breach Report 2022, by Ponemon Institute and sponsored by IBM, 45% of data breaches occurred in the cloud.
Four hackers indicted for hacking businesses, filing falsified tax returns with IRS

Driving the news: The U.S.
https://sypuber.page.link/reddcct
REDACTED ID. Click here.
No comments:
Post a Comment