Latest Cybersecurity News and Articles

Backdoor Credentials found in ZyXEL Router.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 27 December 2022, 1435 UTC.  Content provided by ""


Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts ( and

Latest Cybersecurity News And Articles

Backdoor Credential Found in ZyXEL Router

Backdoor Credential Found in ZyXEL Router - Cybersecurity news
Cybersecurity researcher RE-Solver claimed to have found hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. The bug he exploited is a Telnet backdoor in D-Link DWR-921 that is also present in the ZyXEL LTE3301-M209.
December 27, 2022

BlueNoroff Introduces New Methods Bypassing MoTW

BlueNoroff group introduced new file types to evade Mark-of-the-Web (MOTW) security measures. It expanded file types and tweaked infection methods and, created numerous fake domains impersonating venture capital companies and banks.

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

The data harvesting scandal, which came to light in March 2018, involved a personality quiz app called "thisisyourdigitallife" that allowed users' public profiles, page likes, dates of birth, genders, locations, and even messages to be collected.

North Korean Hackers Steal NFTs via Phishing Websites

The attackers set up nearly 500 decoy sites, including that of a project associated with the World Cup, and NFT marketplaces OpenSea, X2Y2 and Rarible. They made off with $365,000 by stealing 1,055 NFTs with just one of those phishing addresses.

GuLoader Malware Utilizing New Techniques to Evade Security Software

GuLoader, also called CloudEyE, is a Visual Basic Script (VBS) downloader that's used to distribute remote access trojans such as Remcos on infected machines. It was first detected in the wild in 2019.

Modern technology and cyber recovery will intersect in the next generation of attacks

While embarking on a virtual life journey is appealing to many, it has vulnerabilities. As the metaverse continues to gain momentum, phishing attempts, NFT-related scams and malware attacks have already begun.

XLL Files Increasingly Getting Abused by Attackers

XLL Files Increasingly Getting Abused by Attackers - Cybersecurity news
In the wake of Microsoft's effort to phase out support for VBA macros in Office docs, cybercriminals have now turned to use XLL files to embed malicious code in docs. FIN7, an infamous cybercrime threat actor, started using XLL files as attachments in email campaigns early this year. Additiona ... Read More

Hackers Drain $8M in Assets from Bitkeep Wallets in Latest DeFi Exploit

One suspected hacker wallet address already has more than $5 million in digital assets. While the amount exploited is still not final and the attackers are still currently transferring funds to multiple wallet addresses.

PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware

RisePro is no different from other stealers in that it's capable of stealing a range of data from as many as 36 web browsers, including cookies, passwords, credit cards, crypto wallets, as well as gathering other files of interest.

Cincinnati State Data Breach Possibly Exposed Social Security Numbers, Other Information

The data included full names, addresses, dates of birth, Social Security numbers, driver’s licenses or state identification numbers, health insurance information, and financial account information, the notice states.


Popular posts from this blog

SecurityWeek Briefing.

SecurityWeek Briefing.

Cyber War News Wire.