Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike Researchers have disclosed a new offensive framework called Manjusaka that they call is a “Chinese sibling of Sliver and Cobalt Strike.” “A fully functional version of the command-and-control (C2), written in Golang with a User Interface in Simplified Chinese, ... Read More The post Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike appeared first on Hacking Blogs ..read more

Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers As many as 29 different router models from DrayTek have been identified as affected by a new critical, unauthenticated, remote code execution vulnerability that, if successfully exploited, could lead to full compromise of the device and unauthorized access ... Read More The post Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers appeared first on Hacking Blogs ..read more

Cisco Business Routers Found Vulnerable to Critical Remote Hacking Flaws Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution (RCE) or cause a denial-of-service (DoS) condition on affected devices. The most critical of the ... Read More The post Cisco Business Routers Found Vulnerable to Critical Remote Hacking Flaws appeared first on Hacking Blogs ..read more

CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added the recently disclosed Atlassian security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-26138, concerns the use of hard-coded credentials when the ... Read More The post CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks appeared first on Hacking Blogs ..read more

Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices Details have been shared about a security vulnerability in Dahua’s Open Network Video Interface Forum (ONVIF) standard implementation, which, when exploited, can lead to seizing control of IP cameras. Tracked as CVE-2022-30563 (CVSS score: 7.4), the “vulnerability could ... Read More The post Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices appeared first on Hacking Blogs ..read more

Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network The decentralized file system solution known as IPFS is becoming the new “hotbed” for hosting phishing sites, researchers have warned. Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the spam campaigns, said it identified no less than 3,000 emails ... Read More The post Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network appeared first on Hacking Blogs ..read more

Spanish Police Arrest 2 Nuclear Power Workers for Cyberattacking the Radiation Alert System Spanish law enforcement officials have announced the arrest of two individuals in connection with a cyberattack on the country’s radioactivity alert network (RAR), which took place between March and June 2021. The act of sabotage is said ... Read More The post Spanish Police Arrest 2 Nuclear Power Workers for Cyberattacking the Radiation Alert System appeared first on Hacking Blogs ..read more

Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation A week after Atlassian rolled out patches to contain a critical flaw in its Questions For Confluence app for Confluence Server and Confluence Data Center, the shortcoming has now come under active exploitation in the wild. The bug in question is CVE-2022-26138, which ... Read More The post Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation appeared first on Hacking Blogs ..read more

Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits   A cyber mercenary that “ostensibly sells general security and information analysis services to commercial customers” used several Windows and Adobe zero-day exploits in limited and highly-targeted attacks against European and Central American entities. The company, which Microsoft describes as ... Read More The post Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits appeared first on Hacking Blogs ..read more

The U.S. Offers $10 Million Reward for Information on North Korean Hackers The U.S. State Department has announced rewards of up to $10 million for any information that could help disrupt North Korea’s cryptocurrency theft, cyber-espionage, and other illicit state-backed activities. “If you have information on any individuals associated with ... Read More The post U.S. Offers $10 Million Reward for Information on North Korean Hackers appeared first on Hacking Blogs ..read more