Passwordstate password manager hacked in supply chain attack

Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app's update mechanism to deliver malware in a supply-chain attack after breaching its networks. Passwordstate is an on-premises password management solution used by over 370,000 security and IT professionals at 29,000 companies worldwide, as the company claims. Its customer … Continue reading Passwordstate password manager hacked in supply chain attack

Evil Maid Attack – Vacuum Hack

Evil Maid Attack – Weaponizing an harmless vacuum cleaner hiding within it a small Rogue Device such as a Raspberry Pi. It is a typical day at the office. You are sitting at your desk, working hard at whatever it is that you do. The cleaning lady is also doing her job nearby, but you … Continue reading Evil Maid Attack – Vacuum Hack

Researchers Find Additional Infrastructure Used By SolarWinds Hackers

The sprawling SolarWinds cyberattack which came to light last December was known for its sophistication in the breadth of tactics used to infiltrate and persist in the target infrastructure, so much so that Microsoft went on to call the threat actor behind the campaign "skillful and methodic operators who follow operations security (OpSec) best practices … Continue reading Researchers Find Additional Infrastructure Used By SolarWinds Hackers

Facebook Busts Palestinian Hackers Operation Spreading Mobile Spyware

Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. The social media giant attributed the attacks to a network connected to the Preventive Security Service (PSS), the security apparatus of the State of Palestine, and another … Continue reading Facebook Busts Palestinian Hackers Operation Spreading Mobile Spyware

Logins for 1.3 million Windows RDP servers collected from hacker market

The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials. With this massive leak of compromised remote access credentials, researchers, for the first time, get a glimpse into a bustling cybercrime economy and can use the … Continue reading Logins for 1.3 million Windows RDP servers collected from hacker market