20924 matches found
U.S. Charges Chinese Hacker For 2015 Anthem Data Breach
The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies. Fujie Wang 王 福 杰 and another hacker named John Doe...
New Unpatched macOS Flaw Lets Apps Spy On Your Safari Browsing History
A new security vulnerability has been discovered in the latest version of Apple's macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app. Discovered by application developer Jeff Johnson on February 8, the...
Microsoft Says Russia Tried to Hack Three 2018 Midterm Election Candidates
Microsoft said it detected and helped the US government to block Russian hacking attempts against at least three congressional candidates this year, a Microsoft executive revealed speaking at the Aspen Security Forum today. Although the company refused to name the targets but said, the three...
Nintendo Switches Hacked to Run Linux—Unpatchable Exploit Released
Two separate teams of security researchers have published working proof-of-concept exploits for an unpatchable vulnerability in Nvidia's Tegra line of embedded processors that comes on all currently available Nintendo Switch consoles. Dubbed Fusée Gelée and ShofEL2, the exploits lead to a coldboo...
Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug
It's more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch. It was one of the biggest flaws in the Internet's history that...
Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail
A security researcher recently reported a critical vulnerability in one of the most popular open source PHP libraries used to send emails that allowed a remote attacker to execute arbitrary code in the context of the web server and compromise a web application. Disclosed by Polish security...
Scientists have Increased Fiber Optic capacity Nearly 20 Times
There’s a lot of speculations and fears regarding the fiber optic network that delivers the Internet to your home and offices — What will happen when the fiber optic cables max out? Well, there is nothing to fear about it. Your Internet is Safe! Scientists at the University of California, San...
NSA denies Report that Agency knew and exploited Heartbleed Vulnerability
The Bloomberg claimed that the U.S. National Security Agency NSA knew about the most critical Heartbleed flaw and has been using it on a regular basis to gather “critical intelligence” and sensitive information for at least past two years and decided to keep the bug secret, citing two sources...
Apple Mac OS X Vulnerability enables Root User to Hackers by resetting the clock
Do you think, because you’re using an Apple Mac, your data is safe from hackers ? Well, it is not true, there are dozens of security weaknesses and today Researchers have made it easier to exploit Apple Mac OS X, that allows penetration testers and hackers to gain root access. The flaw remained...
Microsoft to patch Six critical Remote Code Execution vulnerabilities this Tuesday
Microsoft has announced Patch Tuesday for this July Month, with seven bulletins. Out of that, one is important kernel privilege escalation flaw and six critical Remote Code Execution vulnerabilities. Patch will address vulnerabilities in Microsoft Windows, .Net Framework, Silverlight and will app...
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
What if attackers aren't breaking in—they're already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under...
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang,"...
Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation
A recently disclosed server-side request forgery SSRF vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique IP addresses that aim to...
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the...
Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
Microsoft has announced that it plans to eliminate NT LAN Manager NTLM in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing...
Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT
Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. "Campaigns include Chinese-language lures and malware typically associated wit...
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 CVSS score: 9.8, relates to a...
New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products
SonicWall on Wednesday urged customers of Global Management System GMS firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access...
Asylum Ambuscade: A Cybercrime Group with Espionage Ambitions
The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020. "It is a crimeware group that targets bank customers and cryptocurrency traders in various regions, including North America and Europe," ESET said in an...
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services IIS servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center ASEC, which detailed the advanced...
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider MSP located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the...
GuLoader Malware Utilizing New Techniques to Evade Security Software
Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. "New shellcode anti-analysis technique attempts to thwart researchers and hostile environments by scanning entire process memory for any virtua...
Telecom and BPO Companies Under Attack by SIM Swapping Hackers
A persistent intrusion campaign has set its eyes on telecommunications and business process outsourcing BPO companies at lease since June 2022. "The end objective of this campaign appears to be to gain access to mobile carrier networks and, as evidenced in two investigations, perform SIM swapping...
APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network
The Russia-linked APT29 nation-state actor has been found leveraging a "lesser-known" Windows feature called Credential Roaming following a successful phishing attack against an unnamed European diplomatic entity. "The diplomatic-centric targeting is consistent with Russian strategic priorities a...
Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans
The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the malware families FastFire,...
Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists
The actively exploited but now-fixed Google Chrome zero-day flaw that came to light at the start of this month was weaponized by an Israeli spyware company and used in attacks targeting journalists in the Middle East. Czech cybersecurity firm Avast linked the exploitation to Candiru aka Saito Tec...
Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users — The Hacker News
Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system. The malware, codenamed CloudMensis by Slovak cybersecurity firm ESET, is said to exclusively use public cloud storage services such as pCloud, Yandex Disk, and Dropbox...
New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain
Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices. "Since this service is typically executed with extensive privileges in an Active Directory environment,...
Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System
Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service DoS condition and render it powerless against malicious traffic. Tracked as CVE-2022-20685, the vulnerability is rated 7.5 for severity and...
Apple Releases iOS and macOS Updates to Patch Actively Exploited 0-Day Vulnerability
Apple on Wednesday released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices. Tracked as CVE-2022-22587, the vulnerability relates to a memory corrupti...
New Leak Reveals Abuse of Pegasus Spyware to Target Journalists Globally
A sweeping probe into a data leak of more than 50,000 phone numbers has revealed an extensive misuse of Israeli company NSO Group's Pegasus "military-grade spyware" to facilitate human rights violations by surveilling heads of state, activists, journalists, and lawyers around the world. Dubbed th...
Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files
While it's a norm for phishing campaigns that distribute weaponized Microsoft Office documents to prompt victims to enable macros in order to trigger the infection chain directly, new findings indicate attackers are using non-malicious documents to disable security warnings prior to executing mac...
Attention! FluBot Android Banking Malware Spreads Quickly Across Europe
Attention, Android users! A banking malware capable of stealing sensitive information is "spreading rapidly" across Europe, with the U.S. likely to be the next target. According to a new analysis by Proofpoint, the threat actors behind FluBot aka Cabassous have branched out beyond Spain to target...
Google limits which apps can access the list of installed apps on your device
Apps on Android have been able to infer the presence of specific apps, or even collect the full list of installed apps on the device. What's more, an app can also set to be notified when a new app is installed. Apart from all the usual concerns about misuse of such a data grab, the information ca...
The Top Free Tools for Sysadmins in 2021
It's no secret that sysadmins have plenty on their plates. Managing, troubleshooting, and updating software or hardware is a tedious task. Additionally, admins must grapple with complex webs of permissions and security. This can quickly become overwhelming without the right tools. If you're a...
European Authorities Disrupt Emotet — World's Most Dangerous Malware
Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade. The coordinated takedown of the botnet on Tuesday — dubbed "Operation...
British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data
British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers. In an official statement released today, EasyJet confirmed that of the 9...
Critical Bugs Found in 3 Popular e-Learning Plugins for WordPress Sites
Security researchers are sounding the alarm over newly discovered vulnerabilities in some popular online learning management system LMS plugins that various organizations and universities use to offer online training courses through their WordPress-based websites. According to the Check Point...
Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices
Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution...
Marriott Faces $123 Million GDPR Fine Over Starwood Data Breach
After fining British Airways with a record fine of £183 million earlier this week, the UK's data privacy regulator is now planning to slap world's biggest hotel chain Marriott International with a £99 million $123 million fine under GDPR over 2014 data breach. This is the second major penalty...
'GozNym' Banking Malware Gang Dismantled by International Law Enforcement
In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe,...
WikiLeaks Founder Julian Assange Arrested After Ecuador Withdraws Asylum
WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London—that's almost seven years after he took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. According to a short note released by London's Metropolitan Police Service, Assange was...
Reminder—Third Party Gmail Apps Can Read Your Emails, "Allow" Carefully!
Reminder—If you've forgotten about any Google app after using it once a few years ago, be careful, it may still have access to your private emails. When it comes to privacy on social media, we usually point fingers at Facebook for enabling third-party app developers to access users personal...
Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing Scam
Two Romanian hackers have been extradited to the United States to face 31 criminal charges including computer fraud and abuse, wire fraud conspiracy, wire fraud, and aggravated identity theft. Described as "international computer hackers" by the United States Department of Justice, Teodor Laurent...
Amazon Alexa Has Got Some Serious Skills—Spying On Users!
"Alexa, are you spying on me?" — aaaa.....mmmm.....hmmm.....maybe!!! Security researchers have developed a new malicious 'skill' for Amazon's popular voice assistant Alexa that can turn your Amazon Echo into a full-fledged spying device. Amazon Echo is an always-listening voice-activated smart ho...
Popular Android Phone Manufacturers Caught Lying About Security Updates
Android ecosystem is highly broken when it comes to security, and device manufacturers better known as OEMs make it even worse by not providing critical patches in time. According to a new study, most Android vendors have been lying to users about security updates and telling customers that their...
Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext
A severe programming bug has been found in APFS file system for macOS High Sierra operating system that exposes passwords of encrypted external drives in plain text. Introduced two years ago, APFS Apple File System is an optimized file system for flash and SSD-based storage solutions running MacO...
2-Year-Old Linux Kernel Issue Resurfaces As High-Risk Flaw
A bug in Linux kernel that was discovered two years ago, but was not considered a security threat at that time, has now been recognised as a potential local privilege escalation flaw. Identified as CVE-2017-1000253, the bug was initially discovered by Google researcher Michael Davidson in April...
Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password
WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances. The vulnerability CVE-2017-8295 becomes even more dangerous after knowing that it affects all versions of...
Internet Traffic Hijacking Linux Flaw Affects 80% of Android Devices
An estimated 80 percent of Android smartphones and tablets running Android 4.4 KitKat and higher are vulnerable to a recently disclosed Linux kernel flaw that allows hackers to terminate connections, spy on unencrypted traffic or inject malware into the parties' communications. Even the latest...