Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

Top 10 Cybersecurity News – 11/10/22

thumbnail-cybersecurity-news

Introduction:

Welcome back! Today’s top 10 cybersecurity news includes $100 million loot by cyber-attackers, Creditcards leak from the dark web, Toyota’s customer details disclosure, and much more. Read the news and share your thoughts in the comment section.

Top 10 cybersecurity News:

1. The Toyota Access key was found in GitHub.
  • Toyota disclosed that the access key was mistakenly exposed in GitHub. It includes customer management numbers and email addresses.
  • Nearly 296,019 customer details were disclosed between December 2017 to September 2022 almost 5 years. The access key was changed on September 17.
  • Manufacturer from the Japanese has told that no data were misused and also, and they told the customers to be aware of a phishing attack.
2. BidenCash leaked 1.2Million Credit cards for free.
  • BidenCash, a dark web carding market has released 1.2 million credit cards as a promotion of their market. This will allow anyone to download and use the credit card for financial fraud.
  • The researchers told that 70% of the details required for the credit card fraudulent were available. This marketplace was launched in June 2022.
  • The released cards are set to be 30% fresh and half of them were already blocked.
3. ADATA denies the cyberattack done by Ransomhouse.
  • Adata technology, Taiwanese memory, storage, and computer case manufacturer denies its data breach which was claimed by the ransomhouse group.
  • The group claims that they had released 1 Tb of files through a cyber-attack done in 2022.
  • Adata says that they did not suffer any data breach the released data were from the cyber-attack done in 2021. They also say that they haven’t received any ransom notes.
4. A zero-day vulnerability was found in the Zimbra collaboration.
  • Researchers found that remote code execution flaws were found in the Zimbra collaboration suite, which allows threat actors to inject malicious code and get access to users’ accounts.
  • This Vulnerability came to light in September 2022. The severity score was given as 9.8 which is said to be critical.
  • They use .cpio, .rpm pr .tar file formats to launch this vulnerability. Zimbra is actively working to fix the patch and asked users to download the pax package which is not vulnerable to this exploitation.
5. Polonium hacking group targeting Israel organization
  • The researchers reveal that the polonium hacking group targeted Israel using malware. This malware was exploited in marketing places, law, communication, IT, and insurance firm.
  • They found that the hackers used a minimum of 7 variants of malware backdoors including FlipCreep, MegaCreep, PapaCreep, and TechnoCreep.
  • Some of the backdoors have the ability to abuse Dropbox, and one drive while others take screenshots, take photos and install malware.  
6. The caffeine toolkit is used by the threat attackers to launch attacks.
  • Anyone can start their own phishing campaign using caffeine, phishing as a service platform. This platform doesn’t require approval from anyone.
  • Caffeine phishing templates target mostly Russian and Chinese platforms. The users have to create an account and buy a subscription to avail of its features.
  • Some of the features include generating URLs with payload, managing redirecting pages, and a customized phishing kit.
7. Intel claims that the Alder Lake BIOS source code was leaked.
  • 6GB of Intel’s Alder Lake source code was leaked on GitHub. Alder Lake was a newly 12th-generation core processor. It includes source code, changelogs, private keys, and build tools.
  • It is not sure who leaked the source code. Researchers warned that the leaked content would be easier to find vulnerabilities in the source code.
8. Hackers steal $100million dollars from Binance.
  • Hackers have stolen more than $100million dollars from Cryptocurrency exchange Binance. After finding out about the vulnerability it suspended fund transfers.
  • The team said that initially 2million was withdrawn by the hacker. The company announced that whoever founds the hacker will be rewarded with 10% of the recovered funds.
  • Also, the company said that it will reward 1million dollars if anyone found the bug.
9. KillNet hackers shut down U.S Airport
  • The Russian hacking group called KillNet shut down the U.S airport through a DDOS attack. it took place on October 10.
  • The following Airports’ website was under attack: Orlando international airport, Los Angels International Airport, Denver international airport, and other airports in Kentucky, Hawaii, and Mississippi.
  • It did not impact the operations in the Airports.
10. Thermal attack reads passwords by the fingerprint heat.
  • Researchers have developed an AI-driven system that can read passwords by the heat of fingerprints on keyboards and smartphones screen.
  • By using this technique two-thirds of the passwords could be cracked up to 16 characters. 93% of the passwords were cracked if it is 8 characters.
  • So, using this technique the attackers could steal credentials from the victims.

Conclusion:

cyber-criminals are increasing enormously day by day and so does cyber attacks. Only if we are aware, we can prevent ourselves from those cyber attacks. These scams are never-ending stories so keep yourself updated through our cybersecurity news articles. Come back again for more news, facts, and information. Thank you!

Share this post
WhatsApp
Telegram
Facebook
Twitter
LinkedIn
Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.

Leave a Reply

Your email address will not be published. Required fields are marked *

Join Our Community
Telegram
Youtube
Twitter
Instagram
Facebook

Table of Contents

weekly trending

SUBSCRIBE VIA EMAIL

Post Tags
Related Articles