#Cybersecurity consultant for financial securities & banks. Voluntarily write latest cybersecurity stories for some outlets.
Is this you? As a journalist, you can create a free Muck Rack account to customize your profile, list your contact preferences, and upload a portfolio of your best work.
Claim your profile
Articles by Wang Wei
Hackers claim ISIS Militants linked to Paris Attacks had a Bitcoin Wallet worth $3 Million
The world watched in horror as coordinate attacks in Paris Friday night killed more than 130 people and left over 352 injured. Over 20 attackers have so far been part of the terrorist cell that planned the deadly Paris attacks, with seven suicide bombers dead, seven attackers under arrest and a total of six people on the run. Also Read: NO, We Can't Blame Edward Snowden and Encryption for Terror Attacks.
Cisco Issues Patches For 2 High-Severity IOS XR Flaws Under Active Attacks
Cisco yesterday released security patches for two high-severity vulnerabilities affecting its IOS XR software that were found exploited in the wild a month ago. Tracked as CVE-2020-3566 and CVE-2020-3569, details for both zero-day unauthenticated DoS vulnerabilities were made public by Cisco late last month when the company found hackers actively exploiting Cisco IOS XR Software that is installed on a range of Cisco's carrier-grade and data center routers.
Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability
If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller.
U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin and Dmitrii Karasavidi—are accused of stealing $16.8 million worth of cryptocurrencies in a series of phishing attacks throughout 2017 and 2018.
Former Uber Security Chief Charged Over Covering Up 2016 Data Breach
Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016. According to the press release published by the U.S. Department of Justice, Sullivan "took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach" that also involved paying hackers $100,000 ransom to keep the incident secret.
Adobe Issues July 2020 Critical Security Patches for Multiple Software
Out of these 13 vulnerabilities, four have been rated critical, and nine are important in severity.
'Satori' IoT DDoS Botnet Operator Sentenced to 13 Months in Prison
According to court documents, Kenneth Currin Schuchman, a resident of Vancouver, and his criminal associates–Aaron Sterritt and Logan Shwydiuk–created multiple DDoS botnet malware since at least August 2017 and used them to enslave hundreds of thousands of home routers and other Internet-connected devices worldwide.
A Bug in Facebook Messenger for Windows Could've Helped Malware Gain Persistence
Reason Cybersecurity, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows. The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already present on a compromised system in an attempt to help malware gain persistent/extended access.
Indian IT Company Was Hired to Hack Politicians, Investors, Journalists Worldwide
Based in Delhi, BellTroX InfoTech allegedly targeted thousands of high-profile individuals and hundreds of organizations across six continents in the last seven years. Hack-for-hire services do not operate as a state-sponsored group but likely as a hack-for-hire company that conducts commercial cyberespionage against given targets on behalf of private investigators and their clients.
DigitalOcean Data Leak Incident Exposed Some of Its Customers Data
Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email. According to the breach notification email that affected customers [1, 2] today shared online, the leak happened due to negligence where DigitalOcean 'unintentionally' left an internal document accessible to the Internet without requiring any password.
Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks
Dubbed 'SafeBIOS Events & Indicators of Attack' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. BIOS (Basic Input Output System) is a small but highly-privileged program that handles critical operations and starts your computer before handing it over to your operating system.
Unpatched Zoom App Bug Lets Hackers Steal Your Windows Password
Though Zoom is an efficient online video meeting solution, it's still not the best choice in terms of privacy and security. According to the latest finding by cybersecurity expert @_g0dmode and confirmed by researcher Matthew Hickey, the Zoom client for Windows is vulnerable to the 'UNC path injection' vulnerability that could let remote attackers steal login credentials for victims' Windows systems.
Beware of 'Coronavirus Maps' - It's a malware infecting PCs to steal passwords
Even the disastrous spread of SARS-COV-II (the virus), which causes COVID-19 (the disease), is becoming an opportunity for them to likewise spread malware or launch cyber attacks. Reason Labs recently released a threat analysis report detailing a new attack that takes advantage of internet users' increased craving for information about the novel coronavirus that is wreaking havoc worldwide.
Microsoft Hijacks Necurs Botnet that Infected 9 Million PCs Worldwide
The latest botnet takedown was the result of a coordinated operation involving international police and private tech companies across 35 countries. The operation was conducted successfully after researchers successfully break the Domain generation algorithm (DGA) implemented by Necurs malware that helped it remain resilient for a long time.
This Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years
The vulnerability, tracked as CVE-2019-0090, resides in the hard-coded firmware running on the ROM ("read-only memory") of the Intel's Converged Security and Management Engine (CSME), which can't be patched without replacing the silicon. Intel CSME is a separate security micro-controller incorporated into the processors that provides an isolated execution environment protected from the host opening system running on the main CPU.
Self-Service Bank Passbook Printing Machines Leak Customers Financial Details
Gone are the days when you had to wait in a queue to get your Bank passbook updated. With the implementation of automated machines in Banks, it's now a game of seconds to update your passbook yourself. Bank Passbook is a copy of the customer's account in the books of the bank which includes client's current account balance and transaction details (deposits and withdrawals). But, Are these Automated Machines holding your Financial Information Hack-Proof?
Researchers Claim CIA Was Behind 11-Year-Long Hacking Attacks Against China
The targeted industry sectors include aviation organizations, scientific research institutions, petroleum, and Internet companies—which, if true, gives the CIA the ability to do "unexpected things." According to the researchers, these cyberattacks were carried out between September 2008 and June 2019, and most of the targets were located in Beijing, Guangdong, and Zhejiang.
Adobe Patches Critical Bugs Affecting Media Encoder and After Effects
Both critical vulnerabilities exist due to out-of-bounds write memory corruption issues and can be exploited to execute arbitrary code on targeted systems by tricking victims into opening a specially crafted file using the affected software. The bug (CVE-2020-3765) in Adobe After Effects, an application for creating motion graphics and special effects used in the video, was discovered by security researcher Matt Powell and reported to Adobe via Trend Micro Zero Day Initiative project.
A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices
SweynTooth,' affecting millions of Bluetooth-enabled wireless smart devices worldwide—and worryingly, a few of which haven't yet been patched. All SweynTooth flaws basically reside in the way software development kits (SDKs) used by multiple system-on-a-chip (SoC) have implemented Bluetooth Low Energy (BLE) wireless communication technology—powering at least 480 distinct products from several vendors including Samsung, FitBit and Xiaomi.
Google Accidentally Shared Private Videos of Some Users With Others
The latest privacy mishap is the result of a "technical issue" in Google's Takeout, a service that backs up all your Google account data into a single file and then lets you download it straight away.
Hackers Exploited Twitter Bug to Find Linked Phone Numbers of Users
According to Twitter, the vulnerability resided in one of the APIs that has been designed to make it easier for users to find people they may already know on Twitter by matching phone numbers saved in their contacts with twitter accounts.
Wawa Breach: Hackers Put 30 Million Stolen Payment Card Details for Sale
breach at Wawa convenience stores? If you're among those millions of customers who shopped at any of 850 Wawa stores last year but haven't yet hotlisted your cards, it's high time to take immediate action. That's because hackers have finally put up payment card details of more than 30 million Wawa breach victims on sale at Joker's Stash, one of the largest dark web marketplaces where cybercriminals buy and sell stolen payment card data.
Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers
CVE-2020-7247) in the OpenSMTPD email server that could allow remote attackers to take complete control over BSD and many Linux based servers. OpenSMTPD is an open-source implementation of the server-side SMTP protocol that was initially developed as part of the OpenBSD project but now comes pre-installed on many UNIX-based systems.
250 Million Microsoft Customer Support Records Exposed Online
Microsoft today admitted a security incident that exposed nearly 250 million "Customer Service and Support" (CSS) records on the Internet due to a misconfigured server containing logs of conversations between its support team and customers. According to Bob Diachenko, a cybersecurity researcher who spotted the unprotected database and reported to Microsoft, the logs contained records spanning from 2005 right through to December 2019.
PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability
Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC and Gateway products that could allow anyone to leverage them to take full control over potential enterprise targets.
Xiaomi Cameras Connected to Google Nest Expose Video Feeds From Others
In one such recent privacy mishap, smart IP cameras manufactured by Chinese smartphone maker Xiaomi found mistakenly sharing surveillance footage of Xiaomi users with other random users without any permission. The issue appears to affect Xiaomi IP cameras only when streamed through connected Google's Nest Hub, which came into light when a Reddit user claimed that his Google Nest Hub is apparently pulling random feeds from other users instead of his own Xiaomi Mijia cameras.
Hacker Who Tried to Blackmail Apple for $100,000 Sentenced in London
access to over 300 million iCloud accounts and threatened to factory reset all accounts unless Apple pays ransom has pleaded guilty in London for trying to blackmail Apple. In March 2017, Kerem Albayrak from North London claimed to be a spokesman for a hacking group called the "Turkish Crime Family" and in possession of 319 million iCloud accounts.
14 Ways to Evade Botnet Malware Attacks On Your Computers
Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity. Solutions span a broad spectrum, from training email users to ensuring a VPN kill switch is in place, to adding extensive advanced layers of network protection.
Europol Shuts Down Over 30,500 Piracy Websites in Global Operation
Among other things, the seized domains reportedly offered various counterfeit goods and pirated products and services, including pirated movies, illegal television streaming, music, electronics, cracked software downloads, counterfeit pharmaceuticals, and other illicit products. However, it should be noted that the seized web domains do not include any major pirate websites on the Internet.
Over 12,000 Google Users Hit by Government Hackers in 3rd Quarter of 2019
According to a report published by Google's Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with "credential phishing emails" that tried to trick victims into handing over access to their Google account.
Latest Kali Linux OS Added Windows-Style Undercover Theme for Hackers
While working on my laptop, I usually prefer sitting at a corner in the room from where no one should be able to easily stare at my screen, and if you're a hacker, you must have more reasons to be paranoid. Let's go undercover: If you're in love with the Kali Linux operating system for hacking and penetration testing, here we have pretty awesome news for you.
Google offers up to $1.5 million bounty for remotely hacking Titan M chip
Starting today, Google will pay $1 million for a "full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices," the tech giant said in a blog post published on Thursday. Moreover, if someone manages to achieve the same in the developer preview versions of Android, Google will pay an additional $500,000, making the total to $1.5 million—that's 7.5 times more than the previous top Android reward.
Louisiana State Government Hit by Ransomware Attack Forcing Server Shutdowns
Targeted ransomware attacks on banking and finance, government, healthcare, and critical infrastructure are on the rise, with the latest victim being the state government of Louisiana. The state government of Louisiana was hit by a large-scale coordinated ransomware attack yesterday, which forced the state to take several state agency servers offline, including government websites, email systems, and other internal applications, to mitigate the risk of the malware's infection from spreading.
Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage
What could be even worse than getting hacked? It's the "failure to detect intrusions" that always results in huge losses to the organizations. Utah-based technology company InfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 2014 until March 2016.
Is Facebook Secretly Accessing Your iPhone's Camera? Some Users Claimed
Reportedly, multiple iPhone users have come forward on social media complaining that the Facebook app secretly activates their smartphone's camera in the background while they scroll through their Facebook feeds or looking at the photos on the social network. As shown in the Twitter videos below, when users click on an image or video on the social media to full screen and then return it back to normal, an issue with the Facebook app for iOS slightly shifts the app to the right.
Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers
While companies do much to protect themselves from external threats, insiders always pose the highest risk to a company's data. Unfortunately, when we say companies can't eliminate insider threat completely, cybersecurity firms, who are meant to protect others, are not an exception.
The Pirate Bay was recently down for over a week due to a DDoS attack
For those unaware, The Pirate Bay was down for more than a week with most visitors displayed a Cloudflare error mentioning that a "bad gateway" is causing problems, while others served with a "database maintenance" message prompting users to check back in 10 minutes.
Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild
Dubbed Skip-2.0, the backdoor malware is a post-exploitation tool that runs in the memory and lets remote attackers connect to any account on the server running MSSQL version 11 and version 12 by using a "magic password." What's more? The malware manages to remain undetected on the victim's MSSQL Server by disabling the compromised machine's logging functions, event publishing, and audit mechanisms every time the "magic password" is used.
vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities
zero-day remote code execution vulnerability late last month, vBulletin has recently published a new security patch update that addresses 3 more high-severity vulnerabilities in its forum software. If left unpatched, the reported security vulnerabilities, which affect vBulletin 5.5.4 and prior versions, could eventually allow remote attackers to take complete control over targeted web servers and steal sensitive user information.
Comodo Forums Hack Exposes 245,000 Users' Data - Recent vBulletin 0-day Used
Cybersecurity company Comodo has become one of the major victims of a recently disclosed vBulletin 0-day vulnerability, exposing login account information of over nearly 245,000 users registered with the Comodo Forums websites. In a brief security notice published earlier today, Comodo admitted the data breach, revealing that an unknown attacker exploited the vBulletin vulnerability (CVE-2019-16759) and potentially gained access to Comodo Forums database.
[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn't require authentication. Written in PHP, vBulletin is a widely used proprietary Internet forum software package that powers more than 100,000 websites on the Internet, including Fortune 500 and Alexa Top 1 million companies websites and forums.
Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples
In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace, producing highly specialized hacking techniques and toolkits for cyber espionage.
Update Google Chrome Browser to Patch New Critical Security Flaws
Started rolling out to users worldwide this Wednesday, the Chrome 77.0.3865.90 version contains security patches for 1 critical and 3 high-risk security vulnerabilities, the most severe of which could allow remote hackers to take control of an affected system. Google has decided to keep details of all four vulnerabilities secret for a few more days in order to prevent hackers from exploiting them and give users enough time to install the Chrome update.
Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions
phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's widely used to manage the database for websites created with WordPress, Joomla, and many other content management platforms. Discovered by security researcher and pentester Manuel Garcia Cardenas, the vulnerability claims to be a cross-site request forgery (CSRF) flaw, also known as XSRF, a well-known attack wherein attackers trick authenticated users into executing an unwanted action.
Adobe Releases Security Patches For Critical Flash Player Vulnerabilities
Adobe has just released its monthly security updates to address a total of 3 security vulnerabilities in only two of its products this time—Adobe Flash Player and Adobe Application Manager (AAM). None of the security vulnerabilities patched this month in Adobe products is being exploited in the wild.
Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers
The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for executing programs written in PHP and Hack programming languages. HHVM uses a just-in-time (JIT) compilation approach to achieve superior performance of your Hack and PHP code while maintaining the development flexibility that the PHP language provides.
Multiple Code Execution Flaws Found In PHP Programming Language
Hypertext Preprocessor, commonly known as PHP, is the most popular server-side web programming language that powers over 78 percent of the Internet today. The latest releases under several maintained branches include PHP version 7.3.9, 7.2.22 and 7.1.32, addressing multiple security vulnerabilities.
Google Fined $170 Million For Violating Kids' Privacy On YouTube
The settlement requires Google to pay $136 million to the FTC and an additional $34 million fine to New York state for allegedly violating the Children's Online Privacy Protection Act (COPPA) Rule. The COPPA rule requires child-directed websites and online services to explicitly obtain parental consent before collecting personal information from children under the age of 13 and then using it for targeted advertising.
Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days
The zero-day buying and selling industry has recently taken a shift towards Android operating system, offering up to $2.5 million payouts to anyone who sells 'full chain, zero-click, with persistence' Android zero-days. Just like other traditional markets, the zero-day market is also a game of supply, demand, and strategy, which suggests either the demand of Android zero-days has significantly increased or somehow Android OS is getting tougher to hack remotely, which is unlikely.
Ransomware Hits Dental Data Backup Service Offering Ransomware Protection
DDS Safe, an online cloud-based data backup system that hundreds of dental practice offices across the United States are using to safeguard medical records and other information of their patients from ransomware attacks has been hit with ransomware. Provided by two Wisconsin-based companies, Digital Dental Record and PerCSoft, the backend system of affected medical records retention and backup solutions has probably been hit by Sodinokibi ransomware, also known as Sodin or REvil malware.
Show More
loading
Actions
Is this you?
As a journalist, you can create a free Muck Rack account to customize your profile, list your contact preferences, and upload a portfolio of your best work.Get in touch with Wang
Contact Wang, search articles and posts on X, monitor coverage, and track replies from one place.
Learn more about Muck Rack