Lucene search
+L
ThnMost viewed

20926 matches found

The Hacker News
The Hacker News
added 2016/01/28 10:1 p.m.66 views

Critical OpenSSL Flaw Allows Hackers to Decrypt HTTPS Traffic

The OpenSSL Foundation has released the promised patch for a high severity vulnerability in its cryptographic code library that let attackers obtain the key to decrypt HTTPS-based communications and other Transport layer security TLS channels. OpenSSL is an open-source library that is the most...

4.3CVSS6.9AI score0.83645EPSS
Exploits2
The Hacker News
The Hacker News
added 2014/06/27 5:43 a.m.66 views

20-Year Old Vulnerability in LZO Compression Algorithm Went to Planet Mars

A 20 year old critical subtle integer overflow vulnerability has been discovered in Lempel-Ziv-Oberhumer LZO, an extremely efficient data compression algorithm that focuses on decompression speed, which is almost five times faster than zlib and bzip compression algorithms. Lempel-Ziv-Oberhumer LZ...

5CVSS8.5AI score0.08103EPSS
Exploits3
The Hacker News
The Hacker News
added 2014/04/13 8:19 a.m.66 views

Billions of Smartphone Users affected by Heartbleed Vulnerability

Heartbleed has left a worst impression worldwide affecting millions of websites and is also supposed to put millions of Smartphones and tablets users at a great risk. Heartbleed is a critical bug CVE-2014-0160 in the popular OpenSSL cryptographic software library, that actually resides in the...

5CVSS7.5AI score0.99999EPSS
Exploits90
The Hacker News
The Hacker News
added 2013/11/29 4:40 a.m.66 views

CVE-2013-5065: Microsoft Windows XP and Server 2003 Privilege escalation Zero-Day exploit discovered

None...

10CVSS2.8AI score0.78581EPSS
Exploits24
The Hacker News
The Hacker News
added 2025/03/21 10:28 a.m.65 views

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. "Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control C2 servers...

9.1CVSS9.5AI score0.99999EPSS
Exploits112
The Hacker News
The Hacker News
added 2025/03/17 11:25 a.m.65 views

⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More

From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week's cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new...

10CVSS9.3AI score0.99999EPSS
Exploits94
The Hacker News
The Hacker News
added 2024/10/16 10:50 a.m.65 views

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 CVSS score: 7.5, a memory corruption bug in the Scripting Engine...

8.8CVSS8.3AI score0.39196EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/07/31 11:1 a.m.65 views

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three year...

9.8CVSS10AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/04/26 2:3 p.m.65 views

Severe Flaws Disclosed in Brocade SANnav SAN Management Software

Several security vulnerabilities disclosed in Brocade SANnav storage area network SAN management application could be exploited to compromise susceptible appliances. The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discover...

9.8CVSS8.7AI score0.00848EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/04/21 8:42 a.m.65 views

New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control C2 server IP...

9.8CVSS6.4AI score0.9466EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/04/09 5:46 a.m.65 views

Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks

Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage NAS devices. Tracked as CVE-2024-3272 CVSS score: 9.8 and CVE-2024-3273 CVSS score: 7.3, the vulnerabilities impact legacy D-Link...

10CVSS7.9AI score0.99997EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/02/20 10:38 a.m.65 views

Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now

ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities are listed below - CVE-2024-1708 CVSS score: 8.4 - Improper...

10CVSS10AI score0.99959EPSS
Exploits9
The Hacker News
The Hacker News
added 2024/01/26 6:3 a.m.65 views

Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs

Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise HPE...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/06 1:38 p.m.65 views

Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Threat actors can take advantage of Amazon Web Services Security Token Service AWS STS as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/01 2:55 p.m.65 views

Researchers Expose Prolific Puma's Underground Link Shortening Service

A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that's offered to other threat actors for at least over the past four years. Prolific Puma creates "domain names with an RDGA registered domain generation algorithm and us...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/16 11:46 a.m.65 views

The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video)

SaaS Security's roots are in configuration management. An astounding 35% of all security breaches begin with security settings that were misconfigured. In the past 3 years, the initial access vectors to SaaS data have widened beyond misconfiguration management. "SaaS Security on Tap" is a new vid...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/03 9:29 a.m.65 views

Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection

Firewall and distributed denial-of-service DDoS attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls, defeating the very purpose of these safeguards, it has emerged. "Attackers can utilize their own Cloudflare accounts to abuse the...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/06 2:2 p.m.65 views

Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw

Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android...

8AI score0.02203EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/05/24 10:0 a.m.65 views

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services AWS credentials associated with DynamoDB and CloudWatch. "This recent update demonstrates a widening of scope, with new capabilities such the ability to...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/15 10:9 a.m.65 views

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

A new ransomware-as-service RaaS operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/25 1:4 p.m.65 views

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to deploy an updated version of a Windows backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/22 7:19 a.m.65 views

NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection

The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia. The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C and is designed to evade "network-based forms of...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/16 10:47 a.m.65 views

CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released several Industrial Control Systems ICS advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio...

10CVSS1.3AI score0.01236EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/12/14 1:8 p.m.65 views

Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems

Microsoft on Tuesday disclosed it took steps to implement blocking protections and suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program. The tech giant said its investigation revealed the activity was restricted to a number of...

Exploits0
The Hacker News
The Hacker News
added 2022/08/20 4:33 p.m.65 views

New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. "In this campaign, the threat actors impersonate government officials from the Attorney General's Office of Mexico City and from the Public...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/05 10:20 a.m.65 views

Resolving Availability vs. Security, a Constant Conflict in IT

Conflicting business requirements is a common problem – and you find it in every corner of an organization, including in information technology. Resolving these conflicts is a must, but it isn't always easy – though sometimes there is a novel solution that helps. In IT management there is a...

8.8CVSS9AI score0.5838EPSS
Exploits2
The Hacker News
The Hacker News
added 2022/07/14 9:15 a.m.65 views

Pakistani Hackers Targeting Indian Students in Latest Malware Campaign

The advanced persistent threat APT group known as Transparent Tribe has been attributed to a new ongoing phishing campaign targeting students at various educational institutions in India at least since December 2021. "This new campaign also suggests that the APT is actively expanding its network ...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/15 9:45 a.m.65 views

New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs

A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack. Dubbed Hertzbleed by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University ...

1.6AI score0.12124EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/04/02 4:3 a.m.65 views

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts

DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts. Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have been discovered internally by t...

9.8CVSS1.1AI score0.87369EPSS
Exploits6
The Hacker News
The Hacker News
added 2022/03/21 12:26 p.m.65 views

New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable

A novel phishing technique called browser-in-the-browser BitB attack can be exploited to simulate a browser window within the browser in order to spoof a legitimate domain, thereby making it possible to stage convincing phishing attacks. According to penetration tester and security researcher, wh...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/25 5:21 p.m.65 views

New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. "SockDetour is a backdoor that is designed to...

10CVSS0.5AI score0.7825EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/02/22 7:22 a.m.65 views

Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike

Vulnerable internet-facing Microsoft SQL MS SQL Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/16 5:18 a.m.65 views

High-Severity RCE Security Bug Reported in Apache Cassandra Database Software

Researchers have revealed details of a now-patched high-severity security vulnerability in Apache Cassandra that, if left unaddressed, could be abused to gain remote code execution RCE on affected installations. "This Apache security vulnerability is easy to exploit and has the potential to wreak...

9.1CVSS1.3AI score0.54889EPSS
Exploits7
The Hacker News
The Hacker News
added 2022/02/08 3:37 a.m.65 views

Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse

Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. MSIX, based on...

7.1CVSS7.7AI score0.10295EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/12/22 7:1 a.m.65 views

Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers

Microsoft is urging customers to patch two security vulnerabilities in Active Directory domain controllers that it addressed in November following the availability of a proof-of-concept PoC tool on December 12. The two vulnerabilities — tracked as CVE-2021-42278 and CVE-2021-42287 — have a severi...

8.8CVSS0.7AI score0.74265EPSS
Exploits10
The Hacker News
The Hacker News
added 2021/11/25 5:9 a.m.65 views

VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client

VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Track...

7.5CVSS9AI score0.04601EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/10/08 1:41 p.m.65 views

Ransomware Group FIN12 Aggressively Going After Healthcare Targets

An "aggressive" financially motivated threat actor has been identified as linked to a string of RYUK ransomware attacks since October 2018, while maintaining close partnerships with TrickBot-affiliated threat actors and using a publicly available arsenal of tools such as Cobalt Strike Beacon...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/22 3:9 a.m.65 views

VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server

VMware on Tuesday published a new bulletin warning of as many as 19 vulnerabilities in vCenter Server and Cloud Foundation appliances that a remote attacker could exploit to take control of an affected system. The most urgent among them is an arbitrary file upload vulnerability in the Analytics...

9.8CVSS0.5AI score0.99999EPSS
Exploits17
The Hacker News
The Hacker News
added 2021/09/04 7:50 a.m.65 views

Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack

Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with "high confidence" to a threat actor operating out of China. In mid-July, the Texas-based company...

10CVSS0.5AI score0.9116EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/08/11 11:33 a.m.65 views

MSPs and MSSPs Can Increase Profit Margins With Cynet 360 Platform

As cyber threats keep on increasing in volume and sophistication, more and more organizations acknowledge that outsourcing their security operations to a 3rd-party service provider is a practice that makes the most sense. To address this demand, managed security services providers MSSPs and manag...

Exploits0
The Hacker News
The Hacker News
added 2021/07/30 7:36 a.m.65 views

A New Wiper Malware Was Behind Recent Cyberattack On Iranian Train System

A cyber attack that derailed websites of Iran's transport ministry and its national railway system earlier this month, causing widespread disruptions in train services, was the result of a never-before-seen reusable wiper malware called "Meteor." The campaign — dubbed "MeteorExpress" — has not be...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/27 12:39 p.m.65 views

Hackers Turning to 'Exotic' Programming Languages for Malware Development

Threat actors are increasingly shifting to "exotic" programming languages such as Go, Rust, Nim, and Dlang that can better circumvent conventional security protections, evade analysis, and hamper reverse engineering efforts. "Malware authors are known for their ability to adapt and modify their...

Exploits0
The Hacker News
The Hacker News
added 2021/01/20 4:59 a.m.65 views

SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWin...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/25 6:36 a.m.65 views

China's Baidu Android Apps Caught Collecting Sensitive User Data

Two popular Android apps from Chinese tech giant Baidu were temporarily unavailable on the Google Play Store in October after they were caught collecting sensitive user details. The two apps in question—Baidu Maps and Baidu Search Box—were found to collect device identifiers, such as the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/06/10 12:59 p.m.65 views

Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments TEE. Called SGAxe, the first of the flaws is an evolution of the previously uncovered CacheOut attack...

5.5CVSS1.2AI score0.00587EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/05/30 10:32 a.m.65 views

New Noise-Resilient Attack On Intel and AMD CPUs Makes Flush-based Attacks Effective

Modern Intel and AMD processors are susceptible to a new form of side-channel attack that makes flush-based cache attacks resilient to system noise, newly published research shared with The Hacker News has revealed. The findings are from a paper "DABANGG: Time for Fearless Flush based Cache...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/05/28 9:52 a.m.65 views

Researchers Uncover Brazilian Hacktivist's Identity Who Defaced Over 4800 Sites

It's one thing for hackers to target websites and proudly announce it on social media platforms for all to see. It's, however, an entirely different thing to leave a digital trail that leads cybersecurity researchers right to their doorsteps. That's exactly what happened in the case of a hacktivi...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/22 9:11 a.m.65 views

Chinese Hackers Using New iPhone Hack to Spy On Uyghur Muslims

A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang. The findings, published by digital forensics firm Volexity, reveal that the exploit — named "Insomnia" —...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/02/28 12:26 p.m.65 views

Let's Encrypt Issued A Billion Free SSL Certificates in the Last 4 Years

Let's Encrypt, a free, automated, and open certificate signing authority CA from the nonprofit Internet Security Research Group ISRG, has said it's issued a billion certificates since its launch in 2015. The CA issued its first certificate in September 2015, before eventually reaching 100 million...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/02/26 2:48 p.m.65 views

New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack —...

0.6AI score
Exploits0
Total number of security vulnerabilities5000