Cyber Security News | Exploit One

HOW TO TAKE CONTROL OF A HOST WITH AZURE DEVOPS. HACKING WITH AZURE

Sticky

On: March 15, 2021

Tagged: Azure DevOps, cybersecurity, ethical hacking, Hacking, International Institute of Cyber Security (IICS), Microsoft, tutorial, Web Security

Azure DevOps Serve is a comprehensive solution developed by Microsoft for versioning, report collection, and tracking for collaboration on software development projects. The product is available as a standalone application,Read More →

TP-Link TL-WR840N EU routers can be hacked. Critical vulnerability discovered

On: May 27, 2022

In: Vulnerabilities

Tagged: arbitrary code execution, Common Vulnerability Scoring System (CVSS), Cyberattack, cybercrime, cybersecurity, Hacking, Information Security, Internet of Things (IoT), Routers, security flaws, technology, TP-Link, WiFi

Information security specialists report the detection of a severe vulnerability in the TP-Link TL-WR840N EU routers. According to the report, successful exploitation of this flaw would allow threat actors toRead More →

New WhatsApp scam allows hackers to steal your account

On: May 26, 2022

In: Vulnerabilities

Tagged: Cyberattack, cybercrime, cybersecurity, electronic fraud, hackers, Hacking, incidents, Information Security, messaging apps, Mobile Security, security flaws, whatsapp

WhatsApp is one of the most attractive targets for hackers looking to deploy electronic fraud campaigns, as it represents a point of access to a large amount of confidential information.Read More →

Twitter sold users’ phone numbers to advertising companies without their consent

On: May 26, 2022

In: Cyber Security

Tagged: Cyberattack, cybercrime, cybersecurity, emil addresses, facebook, Federal Trade Commission (FTC), Hacking, incidents, Information Security, multi factor authentication, phone numbers, security flaws, social media, Twitter, US Department of Justice (DOJ)

The U.S. Federal Trade Commission (FTC) announced a $150 million fine against Twitter after discovering that the company used the phone numbers and email addresses used for multi-factor authentication ofRead More →

Predator: The new competitor for Pegasus spyware can hack anyone using Android phones and Chrome browser

On: May 25, 2022

In: Mobile Security

Tagged: Android, Chrome, Common Vulnerability Scoring System (CVSS), cyber spying, Cyberattack, cybercrime, cybersecurity, Google Threat Analysis Group (TAG), Hacking, Information Security, malware, Mobile Security, Pegasus, Predator spyware, security flaws, Spyware

Researchers from Google Threat Analysis Group (TAG) report that in 2021, software development firm Cytrox sold Predator spyware to various hacking groups backed by state actors. These attacks are basedRead More →

GoodWill computer virus forces victims to do to charity and help poor people in place of demanding a ransom

On: May 25, 2022

In: Virus

Tagged: Cyberattack, cybercrime, cybersecurity, GoodWill ransomware, hackers, Hacking, incidents, India, Information Security, malware, ransomware, security flaws, technology

A couple of months ago, CloudSEK researchers identified a new and unusual strain of ransomware. Dubbed GoodWill, this new variant of encryption malware appears to pursue very different targets thanRead More →

Hackers use image files with malicious PHP scripts to steal credit card data on e-commerce websites

On: May 24, 2022

In: Virus

Tagged: Cyberattack, cybercrime, cybersecurity, data theft, e-commerce, Hacking, Information Security, JavaScript, Magecart, malware, Microsoft, payment cards, PHP scripts, Security breach, security flaws, skimming

Microsoft published a report detailing its researchers’ findings on payment card stealing malware, mentioning that threat actors increasingly use malicious PHP scripts to manipulate payment systems and bypass online securityRead More →

Critical vulnerability in Argo CD, a Kubernetes tool, allows attackers to spoof JSON web tokens and become administrators

On: May 24, 2022

In: Vulnerabilities

Tagged: Argo CD, Common Vulnerability Scoring System (CVSS), Cyberattack, cybercrime, cybersecurity, GitOps, Hacking, incidents, Information Security, Kubernetes, privilege escalation, Security breach, security flaws, vulnerability

Maintainers of Argo CD, the continuous delivery (CD) tool for Kubernetes, announced the fix of a vulnerability that would have allowed threat actors to spoof JSON Web Tokens (JWTs) andRead More →

Ransomware attack exposes information of hundreds of thousands of students and employees in Chicago Public Schools

On: May 23, 2022

In: Cyber Security

Tagged: Chicago, Cyberattack, cybercrime, cybersecurity, Federal Bureau of Investigation (FBI), Hacking, incidents, Information Security, malware, National Homeland Security (NHS), ransomware, United States

More than half a million Chicago Public Schools (CPS) students and employees have had their sensitive information compromised due to a ransomware attack, which occurred in late 2021 but wasRead More →

Zero-day vulnerability in Cisco IOS XR router software allows unauthenticated hackers to access these devices remotely

On: May 23, 2022

In: Vulnerabilities

Tagged: Cisco, Cyberattack, cybercrime, cybersecurity, Hacking, Information Security, infosec, Internet of Things (IoT), NOSi Docker, Redis, Routers, sandbox, security flaws, technology, vulnerability, XR IOS routers

Cisco announced the fixing of a zero-day vulnerability in the software of its XR IOS routers whose exploitation would have allowed unauthenticated threat actors to remotely access Redis instances runningRead More →