Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

167,00 credit cards were stolen – Top 10 Cybersecurity news 25/10/22

Credit card were stolen cybersecurity news - thumbnail

Introduction:

The world has gone digital, and it is becoming even more vulnerable. Cybersecurity news is important to stay current in the industry, especially when it comes to protecting your business. To help you get educated on the latest news and updates, we’ve rounded up our favorite cybersecurity news stories from across the web. Whether you’re planning to invest in cybersecurity, or just want to be able to spot potential threats on your own computers and networks, this list will give you a great start. So, Today’s cybersecurity news includes information about the 9th zero-day vulnerability of apple, 167,000 Credit card stolen, and malware-affected GitHub repositories.

1. Threat actors use the typosquatting method to trick visitors.

  • Hackers use 200 typosquatting domains to trick visitors into downloading android and windows malware.
  • Typosquatting is a method of URL hijacking, registering a fake domain similar to the original. Users can be redirected to these fake domains by mistyping or through email phishing.
  • Malware is sent to the users are downloaded in APK format. This malware impersonates 27 popular brands for the distribution of windows malware.

 2. The attack against Tata power was claimed by Hive ransomware.

  • This group claimed that they had attacked tata power on October 3rd.
  • Hive ransomware group releasing data stolen from Tata power, saying that their ransom demand has failed.
  • The leak contains National ID card numbers, PII, salary information, financial records, and client information.  

ALSO READ: Phishing attacks and their prevention

 3. GitHub repositories are affected by malware.

  • Researchers found out that GitHub repositories offer fake proofs-of-concept for various vulnerabilities some of which include malware.
  • GitHub offered exploits for 47,300 repositories of various vulnerabilities between 2017- 2021. They focused on IP address, Binary analysis, and hexadecimal base 64 parsings.
  • Researchers said that some of the Poc are fake and do not come from trustworthy sources.

 4. Chrome is about to drop support for windows version 7 and 8.1.

  • Google Chrome announced that in 2023 February google chrome web browsers were likely to drop support for windows 7 and 8.1 after releasing chrome 110.
  • They asked users to make sure that their device is running at least windows version 10.
  • Currently, about 2.7% of the worldwide are using windows version 8.1 whereas 10% of them are using windows 7.

 5. The ninth zero-day vulnerability found in ‘apple’ was fixed.

  • 9th zero-day vulnerability used in attacks was fixed by the security update released on Monday.
  • The vulnerability named CVE-2022-428727 is reported to apple by an anonymous person. It is caused by software writing data outside the current memory buffer.
  • This can lead to data corruption, application crashes, or code execution.

 6. Malicious google chrome extensions target browsers.

  • Researchers had found a new google chrome extension that hijacks and insert the link into web pages.
  • Analysts found out that in mid-October 2022, 30 variants of the extension were available at the edge and browser web stores.
  • When users visit this web page, they receive an advertisement or redirect to the video or downloading page. So, when you’re attempting to download this extension, you are required to download the extension.

 7. Daixin team targets health organizations.

  • Cybersecurity agencies warn of ransomware attacks against healthcare organizations.
  • Daixin Group is a ransomware team targeting the HPH sector with ransomware since June of 2022.
  • Over the past few months this group encrypting electronic health records, imaging, intranet service, and, diagnostics.

8. Credit card details were stolen by two POS malware.

  • More than 167,00 credit card details were stolen by threat actors using two Point-of-sale malware variants.
  • The stolen data dumps could net the operators $3.34 million by selling them in underground forums.

ALSO READ: How to Report Email Phishing

9. Threat actors targeting Pakistan military entities.

  • A newly discovered backdoor named Warhawk is used in targeting the Pakistan website National Electric Power Regulatory Authority.
  • This malicious module delivers Cobalt strike, incorporating new TTP and Pakistan Standard Time zone check.  
  • Indian hackers are suspected to be behind this attack.

10. Adobe’s home security system was found with a bug.

  • A vulnerability found in adobes home security system will allow hackers to switch off the security cameras.
  • Researchers had disclosed that several vulnerabilities were found in adobe’s security system including a critical-related authentication bypass that could allow anyone to access the system without a password.
  • This Flaw was named CVE-2022-27805 with a severity rating of 9.8 out of 10. Patches are made for this flaw and users are requested to update it to the latest version.

Conclusion:

Cybersecurity is an issue that’s never going away, and it’s vitally important for us to all be aware of what’s happening every day. The News we’ve covered in this article will get you up to speed on some of the big issues today; a few are especially worth noting because they’re likely to continue being important for quite some time. Stay tuned for more cybersecurity news, on our next Cybersecurity Update! Subscribe to our newsletter to get notified regularly. Thank you!

Share this post
WhatsApp
Telegram
Facebook
Twitter
LinkedIn
Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.

Leave a Reply

Your email address will not be published. Required fields are marked *

Join Our Community
Telegram
Youtube
Twitter
Instagram
Facebook

Table of Contents

weekly trending

SUBSCRIBE VIA EMAIL

Post Tags
Related Articles