Lucene search
+L

202 matches found

The Hacker News
The Hacker News
added 2024/05/22 8:57 a.m.45 views

GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack

Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions EDRs and thwart detection in what's called a Bring Your Own Vulnerable Driver BYOVD attack. Elastic Security Labs is tracking the campaign under the name...

10CVSS7.2AI score0.99999EPSS
Exploits355
The Hacker News
The Hacker News
added 2024/05/02 5:4 a.m.26 views

New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials

A new malware called Cuttlefish is targeting small office and home office SOHO routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests. "This malware is modular, designed primarily to steal authentication materi...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/21 8:42 a.m.65 views

New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control C2 server IP...

9.8CVSS6.4AI score0.9466EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/04/19 1:44 p.m.28 views

BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool

Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred t...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/19 6:16 a.m.41 views

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/17 10:23 a.m.61 views

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 CVSS score: 9.3, a critical SQL...

9.8CVSS10AI score0.97591EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/04/13 8:25 a.m.111 views

Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation...

10CVSS9.9AI score0.99999EPSS
Exploits43
The Hacker News
The Hacker News
added 2024/04/05 9:40 a.m.32 views

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/29 12:12 p.m.64 views

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

A botnet previously considered to be rendered inert has been observed enslaving end-of-life EoL small home/small office SOHO routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/21 4:3 p.m.31 views

Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems

The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization NGO in order to deploy a backdoor called TinyTurla-NG TTNG. "The attackers compromised the first system, established persistence and added exclusions to antivirus...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/29 8:19 a.m.20 views

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to co...

7.5AI score
Exploits0
Talos Blog
Talos Blog
added 2024/02/22 1:0 p.m.20 views

TinyTurla-NG in-depth tooling and command and control analysis

Cisco Talos, in cooperation with CERT.NGO, has discovered new malicious components used by the Turla APT. New findings from Talos illustrate the inner workings of the command and control C2 scripts deployed on the compromised WordPress servers utilized in the compromise we previously disclosed...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/31 8:59 p.m.27 views

Nitrogen shelling malware from hacked sites

Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its signature move is using Python and DLL side-loading to connect to the attackers command and control server. In this blog post, we look at a recent Nitrogen campaign and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/30 1:45 p.m.42 views

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/25 2:23 p.m.32 views

SystemBC Malware's C2 Server Analysis Exposes Payload Delivery Tricks

Cybersecurity researchers have shed light on the command-and-control C2 server workings of a known malware family called SystemBC. "SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control C2 server, and a web administration...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/25 11:30 a.m.37 views

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that's distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware "has been updated with new features, as well as changes to the...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/05 5:16 a.m.51 views

New Bandook RAT Variant Resurfaces, Targeting Windows Machines

A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware ...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2023/12/28 11:30 a.m.482 views

Top 20 Most Popular Hacking Tools in 2023

As last year, this year we made a ranking with the most popular tools between January and December 2023. The tools of this year encompass a diverse range of cybersecurity disciplines, including AI-Enhanced Penetration Testing, Advanced Vulnerability Management, Stealth Communication Techniques,...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/29 5:7 a.m.75 views

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve th...

10CVSS8.1AI score0.99654EPSS
Exploits31
GithubExploit
GithubExploit
added 2023/11/14 11:32 a.m.1022 views

Exploit for SQL Injection in Roundcube Webmail

Roundcube CVE-2021-44026, a SQL injection This repository con...

9.8CVSS9AI score0.42751EPSS
Exploits1
Rows per page
Query Builder