Lucene search
+L

881 matches found

The Hacker News
The Hacker News
added 2025/01/29 5:52 a.m.14 views

UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents

The advanced persistent threat APT group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE. "This research focuses on completing the picture of UAC-0063's...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/28 10:16 a.m.14 views

E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia's Key Ministries

The Council of the European Union has sanctioned three individuals for allegedly carrying out "malicious cyber activities" against Estonia. The three Russian nationals – Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov – are officers of the General Staff of the Arm...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/21 5:45 a.m.7 views

PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload,...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/20 2:53 p.m.6 views

DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection

The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem meaning "organization" in Urdu and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps ...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/01/15 11:53 p.m.16 views

GSocket Gambling Scavenger – How Hackers Use PHP Backdoors and GSocket to Facilitate Illegal Gambling in Indonesia

Since 1974, gambling has been officially illegal in Indonesia. However, the digital revolution of the 2000s introduced a new challenge: the rapid growth of online gambling platforms. This technological shift has created enforcement gaps, compelling the Indonesian government to intensify its effor...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/04 7:30 a.m.7 views

U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns

The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims. These attacks have been publicly attributed...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/27 11:10 a.m.23 views

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in...

7.8CVSS8AI score0.99945EPSS
Exploits36
The Hacker News
The Hacker News
added 2024/12/25 10:24 a.m.7 views

Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP , said it discovered the artifact as part of a "recent" investigation into ...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 11:15 a.m.10 views

APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol RDP configuration files. The activity, which has targeted governments and armed forces, think tanks, academic...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/16 9:9 a.m.6 views

New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP

Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 11:0 a.m.7 views

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 12:43 p.m.22 views

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs. "Earth Minotaur uses MOONSHINE to delive...

8.8CVSS7.6AI score0.78808EPSS
Exploits6
The Hacker News
The Hacker News
added 2024/11/27 11:30 a.m.5 views

Latest Multi-Stage Attack Scenarios with Real-World Examples

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/23 12:10 p.m.8 views

Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites

Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base DIB,...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 4:22 p.m.18 views

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared by the Shadowserver Foundation, a majority of the infections hav...

5.9CVSS10AI score0.99698EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/11/21 3:50 p.m.53 views

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

The China-aligned advanced persistent threat APT actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia. That's according to findings from cybersecurity firm ESET based on multiple Linux samples...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/19 11:30 a.m.7 views

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of Privileged Access Manageme...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/18 4:48 p.m.8 views

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/13 4:9 p.m.4 views

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE , has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 2:9 p.m.15 views

Inside Iran's Cyber Playbook: AI, Fake Hosting, and Psychological Warfare

U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participation in the sporting event. The activity has...

6.9AI score
Exploits0
Rows per page
Query Builder