BOCRA website




Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw

                                                     LATEST CYBER HACKS 


Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS)."The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million," the company said calling it a "hyper-volumetric" DDoS attack.


Iranian State TV Hacked During President’s Speech on Revolution Day

On February 11th, 2023, the President of Iran, Ebrahim Raisi, was delivering a speech at Azadi Square in Tehran, where a massive crowd had gathered to mark the country’s 44th anniversary. It was an opportunity for the government to show its popularity, but its efforts were sabotaged by the hacktivist collective Ali’s Justice (Edalat-e Ali).


Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter

A previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to steal confidential information. Enterprise security company Proofpoint, which is tracking the activity cluster under the name Screentime, said the group, dubbed TA866, is likely financially motivated.



Vulnerabilities open Korenix JetWave industrial networking devices to attack

Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use them as a foothold for further attacks, CyberDanube researchers have found.


Vulnerability Allows Hackers to Remotely Tamper With Dahua Security Cameras

The flaw, tracked as CVE-2022-30564, was discovered last year by India-based CCTV and IoT cybersecurity company Redinent Innovations. Advisories describing the vulnerability were published on Wednesday by both Dahua and Redinent.



Enigma InfoStealer Steals Sensitive Data From Crypto Firms

Suspected Russian hackers are using an information stealer named Enigma to target Eastern Europeans with fake cryptocurrency job offers. Additionally, the attackers are using a set of heavily obfuscated loaders that exploit an Intel driver vulnerability to load a malicious driver


Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages

Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file.


Dota 2 Under Attack: Threat Actors Exploit a Chrome Flaw to Infect Gamers

Beware gamers! There’s a new attack targeting the Dota 2 multiplayer online battle arena (MOBA) video game. Threat actors are leveraging the popularity of the game to backdoor the players’ systems.

                               GENERAL NEWS


Romance scammers' favorite lies cost victims $1.3B last year

As Valentine's Day approaches, if your offshore oil rig worker "boyfriend" – who looks like Bradley Cooper in his online pics and has hinted at proposing to you for months, but you've never met in real life – suddenly needs money for "hospital bills" … Just. Don't. Do. It.


Four ways cyber leaders can take a page from football playbooks

The myth of the solo hacker and cybersecurity professional has been thoroughly debunked. So why do organizations still manage the people side of cybersecurity as if it’s a collection of individuals? Cybersecurity runs as a team sport and we have much to learn from the people who do that best.