Lucene search
+L
ThnMost viewed

20926 matches found

The Hacker News
The Hacker News
added 2024/01/18 4:16 a.m.56 views

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor "used bespoke phishing...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/08 2:4 p.m.56 views

Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals

Threat actors operating under the name Anonymous Arabic have released a remote access trojan RAT called Silver RAT that's equipped to bypass security software and stealthily launch hidden applications. "The developers operate on multiple hacker forums and social media platforms, showcasing an...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/11 12:2 p.m.56 views

Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords

Passwords are at the core of securing access to an organization's data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts. Instead of creating a strong and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/02 5:2 a.m.56 views

Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users

An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis's main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/20 12:38 p.m.56 views

Critical Security Flaws Exposed in Nagios XI Network Monitoring Software

Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Followi...

8AI score0.11278EPSS
Exploits3
The Hacker News
The Hacker News
added 2023/09/18 12:11 p.m.56 views

Hook: New Android Banking Trojan That Expands on ERMAC's Legacy

A new analysis of the Android banking trojan known as Hook has revealed that it's based on its predecessor called ERMAC. "The ERMAC source code was used as a base for Hook," NCC Group security researchers Joshua Kamp and Alberto Segura said in a technical analysis published last week. "All comman...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/21 3:14 p.m.56 views

Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports

The recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account MSA consumer signing key used to forge Azure Active...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/06 6:6 p.m.56 views

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified...

9.8CVSS6.8AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2023/06/14 4:46 p.m.56 views

Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems

The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867 CVSS score: 3.9, "enabled the execution of privileged commands...

8AI score0.98281EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/05/25 6:3 a.m.56 views

Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware

The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations. Agrius, also known as Pink Sandstorm formerly Americium, has a track record of staging destructive data-wiping attacks aimed at Israel under the guise of...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/24 6:36 a.m.56 views

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

A new "all-in-one" stealer malware named EvilExtractor also spelled Evil Extractor is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "I...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/20 5:51 a.m.56 views

Emotet Rises Again: Evades Macro Security via OneNote Attachments

The notorious Emotet malware, in its return after a short hiatus, is now being distributed via Microsoft OneNote email attachments in an attempt to bypass macro-based security restrictions and compromise systems. Emotet, linked to a threat actor tracked as Gold Crestwood, Mummy Spider, or TA542,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/13 6:15 a.m.56 views

KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian Targets

The Dark Pink advanced persistent threat APT actor has been linked to a fresh set of attacks targeting government and military entities in Southeast Asian countries with a malware called KamiKakaBot. Dark Pink, also called Saaiwc, was extensively profiled by Group-IB earlier this year, describing...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/11 1:32 p.m.56 views

BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads

The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. According to cybersecurity company eSentire, the malicious ads are used to spoof a wide range of legitimate apps and services such as Adobe, OpenAPI's ChatGP...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/12 2:46 p.m.56 views

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. "Throughout the attack, the attacker followed a...

2.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/29 7:48 a.m.56 views

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software

Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/20 5:52 a.m.56 views

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles CVE-2022-42821, CVSS score: 5.5, was addressed by th...

5.5CVSS0.7AI score0.03897EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/10/28 11:1 a.m.56 views

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan. This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/24 5:45 a.m.56 views

Why Ransomware in Education on the Rise and What That Means for 2023

The breach of LA Unified School District LAUSD highlights the prevalence of password vulnerabilities, as criminal hackers continue to use breached credentials in increasingly frequent ransomware attacks on education. The Labor Day weekend breach of LAUSD brought significant districtwide disruptio...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/06 6:47 a.m.56 views

New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security

A new phishing-as-a-service PhaaS toolkit dubbed EvilProxy is being advertised on the criminal underground as a means for threat actors to bypass two-factor authentication 2FA protections employed against online services. "EvilProxy actors are using reverse proxy and cookie injection methods to...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/05 2:59 p.m.56 views

TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users' Information

Popular short-form social video service TikTok denied reports that it was breached by a hacking group, after it claimed to have gained access to an insecure cloud server. "TikTok prioritizes the privacy and security of our users' data," the ByteDance-owned company told The Hacker News. "Our...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/22 2:28 p.m.56 views

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The malware, which Doctor Web first came across in July 2022, were discovered in the system partiti...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/11 3:4 p.m.56 views

Cisco Confirms It's Been Hacked by Yanluowang Ransomware Gang

Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee's personal Google account that contained passwords synced from their web browser. "Initial access to the Cisco VPN was achieved via the successful...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/28 6:41 a.m.56 views

LibreOffice Releases Software Update to Patch 3 New Vulnerabilities

The team behind LibreOffice has released security updates to fix three security flaws in the productivity software, one of which could be exploited to achieve arbitrary code execution on affected systems. Tracked as CVE-2022-26305, the issue has been described as a case of improper certificate...

8.8CVSS1.2AI score0.01139EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/06/24 9:52 a.m.56 views

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata,...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/22 3:5 p.m.56 views

Researchers Uncover Ways to Break the Encryption of 'MEGA' Cloud Storage Service

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data. In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers poi...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/18 10:18 a.m.56 views

Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility

Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve persistence on compromised systems. The intrusions, which leverage brute-force attacks as an initial compromise vector, stand out for their use of...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/17 8:46 a.m.56 views

Ukraine Secret Service Arrests Hacker Helping Russian Invaders

The Security Service of Ukraine SBU said it has detained a "hacker" who offered technical assistance to the invading Russian troops by providing mobile communication services inside the Ukrainian territory. The anonymous suspect is said to have broadcasted text messages to Ukrainian officials,...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/23 6:30 a.m.56 views

25 Malicious JavaScript Libraries Distributed via Official NPM Package Repository

Another batch of 25 malicious JavaScript libraries have made their way to the official NPM package registry with the goal of stealing Discord tokens and environment variables from compromised systems, more than two months after 17 similar packages were taken down. The libraries in question...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/27 12:6 p.m.56 views

Garrett Walk-Through Metal Detectors Can Be Hacked Remotely

A number of security flaws have been uncovered in a networking component in Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, tamper with metal detector configurations, and even execute arbitrary code on the devices. "An attacker could manipulate thi...

10CVSS1.9AI score0.02817EPSS
Exploits9
The Hacker News
The Hacker News
added 2021/07/23 11:20 a.m.56 views

Dutch Police Arrest Two Hackers Tied to "Fraud Family" Cybercrime Ring

Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. Th...

Exploits0
The Hacker News
The Hacker News
added 2021/07/05 9:48 a.m.56 views

TrickBot Botnet Found Deploying A New Ransomware Called Diavol

Threat actors behind the infamous TrickBot malware have been linked to a new ransomware strain named "Diavol," according to the latest research. Diavol and Conti ransomware payloads were deployed on different systems in a case of an unsuccessful attack targeting one of its customers earlier this...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/28 3:27 a.m.56 views

SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers

In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/11 1:14 p.m.56 views

Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. "FLoC is premised on a compelling...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/02 11:36 a.m.56 views

Researchers Uncover Hacking Operations Targeting Government Entities in South Korea

A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with its southern counterpart to install an Android and Windows backdoor for collecting sensitive information. Cybersecurity firm Malwarebytes attributed t...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/31 12:13 p.m.56 views

Can Your Business Email Be Spoofed? Check Your Domain Security Now!

Are you aware of how secure your domain is? In most organizations, there is an assumption that their domains are secure and within a few months, but the truth soon dawns on them that it isn't. Spotting someone spoofing your domain name is one way to determine if your security is unsatisfactory -...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/04 12:39 p.m.56 views

How Should the Service Desk Reset Passwords?

Ask the average helpdesk technician what they do all day, and they will probably answer by saying that they reset passwords. Sure, helpdesk technicians do plenty of other things too, but in many organizations, a disproportionate number of helpdesk calls are tied to password resets. On the surface...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/29 10:31 a.m.56 views

How to Conduct Vulnerability Assessments: An Essential Guide for 2021

Hackers are scanning the internet for weaknesses all the time, and if you don't want your organization to fall victim, you need to be the first to find these weak spots. In other words, you have to adopt a proactive approach to managing your vulnerabilities, and a crucial first step in achieving...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/29 9:2 a.m.56 views

Researchers Uncover Stealthy Linux Malware That Went Undetected for 3 Years

A previously undocumented Linux malware with backdoor capabilities has managed to stay under the radar for about three years, allowing the threat actor behind the operation to harvest and exfiltrate sensitive information from infected systems. Dubbed "RotaJakiro" by researchers from Qihoo 360...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/27 11:26 a.m.56 views

Cybersecurity Webinar: Understanding the 2020 MITRE ATT&CK Results

The release of MITRE Engenuity's Carbanak+Fin7 ATT&CK evaluations every year is a benchmark for the cybersecurity industry. The organization's tests measure how well security vendors can detect and respond to threats and offers an independent metric for customers and security leaders to understan...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/22 6:42 a.m.56 views

Facebook Busts Palestinian Hackers' Operation Spreading Mobile Spyware

Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. The social media giant attributed the attacks to a network connected to the Preventive Security...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/17 11:9 a.m.56 views

[Webinar] Oy Vey, We Hired a Large, Hairy Hacker…

It's not every day that one of the best-known independent cybersecurity individuals joins a cybersecurity company. The two are generally on opposite sides of the coin, with little crossover. After all, they're usually concerned with different parts of the cybersecurity puzzle – one providing...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/25 9:13 a.m.56 views

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities. "The purpose of the attack was the mass contamination of informatio...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/18 7:26 a.m.56 views

U.S. Charges 3 North Korean Hackers Over $1.3 Billion Cryptocurrency Heist

The U.S. Department of Justice DoJ on Wednesday indicted three suspected North Korean hackers for allegedly conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses. The three defendants — Jon Chang Hyok, 31; Kim Il, 27; and Park Jin...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/21 11:4 a.m.56 views

Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection ATP and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 7:30 a.m.56 views

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers

The U.S. National Security Agency NSA on Friday said DNS over HTTPS DoH — if configured appropriately in enterprise environments — can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used by threat actors. "DNS over Hypertext Transfer Protocol over Transpo...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/12 7:52 a.m.56 views

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced wit...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/09/23 9:7 a.m.56 views

A New Hacking Group Hitting Russian Companies With Ransomware

As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers i...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/20 9:39 p.m.56 views

Former Uber Security Chief Charged Over Covering Up 2016 Data Breach

The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016. According to the press release published by the U.S. Department of Justice, Sullivan "took deliberate...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/05 6:57 p.m.56 views

Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack

A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers. Amit Klein, VP of Security Research at SafeBreach who presented the findings today at the Black Hat security conference, said th...

6.9AI score
Exploits0
Total number of security vulnerabilities5000