The Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich Ermakov, a Russian national connected to the 2022 Medibank hack and the REvil ransomware group. According to a report by Intel471, Ermakov was very involved in cybercrime, working as a ransomware operator and affiliate. It is also thought that …
Read More »
Pwn2Own
$1.3M for 49 zero-days, Tesla hacked twice
In the Pwn2Own Automotive first edition, competitors earned $1,323,750 by hacking Tesla twice and demonstrating 49 zero-day bugs in various electric car systems from January 24 to January 26. Hackers targeted electric vehicle chargers, infotainment systems, and car operating systems during a contest organized by Trend Micro’s Zero Day Initiative …
Read More »Critical RCE flaw detected in Cisco’s communication software
Cisco warns that some Unified Communications Manager and Contact Center Solutions products have a critical remote code execution security vulnerability. Cisco’s Unified Communications and Contact Center Solutions offer voice, video, and messaging services, as well as customer engagement and management. The company issued a security bulletin about a vulnerability (CVE-2024-20253) …
Read More »
Pwn2Own Contest Tokyo
Hackers Unearths Dozens of Zero-Day Vulnerabilities
Top ethical hackers are currently competing in Tokyo. They have discovered nearly 40 zero-day vulnerabilities in Tesla and other products. The first car-focused Zero Day Initiative (ZDI) Pwn2Own contest takes place from January 24-26. ZDI is the world’s largest bug bounty program, encouraging ethical hackers to find and report vulnerabilities …
Read More »Bulletproof Hosting: A Critical Cybercriminal Service
Cybercriminals now offer services and products to other cybercriminals is a significant development in the last two decades. Cybercrime-as-a-service has made it easier for criminals to get into cybercrime, allowing them to specialize and commit crimes on a larger scale. For instance, instead of coding malware, a criminal can buy …
Read More »CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability CVE-2023-22527 Detail: A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE …
Read More »Bangladeshi hospital to wear heart ring through Robot
On Sunday (January 21) Bangladesh’s only specialized institution, National Institute of Cardiovascular Diseases, entered the era of robotic services by fitting free robotic rings in the main arteries of two heart patients. The work was completed very efficiently by the associate professor Dr. Pradeep Kumar Karmakar and his specialized team …
Read More »
Cybernews report
‘Mother of all Breaches’ sees 26billion records leaked online
A database of 26 billion leaked records has been discovered called the “Mother of all Breaches.” Cybersecurity researcher Bob Dyachenko and the team at Cybernews found a huge 12-terabyte leak. The database contains both credentials and sensitive data, but it’s not clear who is responsible for it. Having your personal …
Read More »CISA Releases Six Industrial Control Systems Advisories
CISA released 6 advisories for Industrial Control Systems (ICS) on January 23, 2024. These advisories share important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-023-01 APsystems Energy Communication Unit (ECU-C) Power Control Software ICSA-24-023-02 Crestron AM-300 ICSA-24-023-03 Voltronic Power ViewPower Pro ICSA-23-023-04 Westermo Lynx 206-F2G ICSA-24-023-05 Lantronix …
Read More »
Medibank breach
Australia imposes sanctions on Russian hacker
Australia has imposed cyber sanctions on a Russian hacker for his alleged role in a 2022 ransomware attack. This is the country’s first use of this penalty. A cyberattack stole personal data from 9.7 million Medibank customers in Australia. The data includes names, birth dates, medical information, and Medicare numbers. …
Read More »