We offer the latest hacking news and cyber security News for ethical hackers, penetration testers, IT security experts.

 

Find Hacking Latest News, Videos & Pictures on Hacking and see latest updates, news.Special Reports, Videos & Photos of Cyber Security Hacking.

cyber-security
Stack-Overflow

A new ransomware family named ‘Buran’ a stable offline cryptolocker, with flexible functionality and support 24/7 is taking on competitors through discounted rates.

According to McAfee researchers, Buran was first detected in May  2019, by Alexandre Mundo and Marc Rivero Lopez.

Buran appears to be focusing on establishing personal relationships with criminal customers. Buran works as Raas model like other ransomware families such as REVil, GandCrab, Phobos etc.

Buran originates from VegaLocker and Jumper and is believed to be the next stage in evolution due to similar behaviours, artefacts and tactics techniques and procedures (TTPs) found within its code. These include registry changes, the types of files stored in temporary folders extension overlapping, and the creation of shadow copies.

The 25% income earned by affiliates instead of the 30% – 40% numbers from notorious malware families like GandCrab, and they are willing to negotiate that rate with anyone who can guarantee an impressive level of infection with Buran. They announced in their ads that all affiliates would have a personal arrangement with them.

The features of malware;

  • Scan all local drives and network paths
  • Contains optional features including the encryption of files without changing extensions
  • Removing recovery points and cleaning  logs on a dedicated server
  • Backup catalogue deletion
  • Standard options: tapping, startup, self-deletion.

Two Massachusetts men charged in connection with a two-year-old scheme of allegedly sim swapping attacks targeting ‘high-value’ social media accounts and stealing cryptocurrency.

According to the announcement on November 14, two Massachusetts men Eric Meiggs, 21 and Declan Harrington, 20 were arrested on Thursday and charged in U.S district court in Boston accused in an 11-count indictment, charging with one count of conspiracy, eight counts of wire fraud, one count of computer fraud and abuse and one count of aggravated identity theft.

What is SIM-swapping?

The scam begins with the attacker collecting the personal details of the victim by launching a phishing campaign or buying them from an underground market or by directly socially engineering the victim.

Once the attackers obtain these details, they impersonate them in front of the victim’s telecom operator. The attacker convinces the telephone company using social engineering techniques to provide a new sim or port the victim’s phone number to the fraudster sim.

Breaking news
Malware-Attack

Kudankulam power plant hit by a cyber attack but did not cause any critical damage.

Does this say that the power stations in India are vulnerable to the cyber threat?

Kudankulam Nuclear Power Plant

KKNP is the biggest power plant in India located 650km south of Chennai, in Tirunelveli district of Tamil Nadu.

The KKNP is an Indo-Russian joint venture with pressurised water reactors of units I and II operating with 1000 MWe (megawatts electric) capacity each. Both the reactor units feed India’s southern power grid. The plant is adding four more reactor units of the same size.

What happened in the Kudankulam power plant?

The disclosure regarding the Kudankulam network breach was first triggered by a Twitter post on October 28 from an anonymous account, ‘@a_tweeter_user’ which pointed to a data file uploaded on a cybersecurity firm’s website.

KKNP plant officials initially denied suffering an attack. The DAE said “Identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In (Computer emergency response team) when it was noticed by them on September 4, 2019.”