20926 matches found
Watch Out — Microsoft Warns Android Users About A New Ransomware
Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced wit...
A New Hacking Group Hitting Russian Companies With Ransomware
As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers i...
Former Uber Security Chief Charged Over Covering Up 2016 Data Breach
The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016. According to the press release published by the U.S. Department of Justice, Sullivan "took deliberate...
Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers. Amit Klein, VP of Security Research at SafeBreach who presented the findings today at the Black Hat security conference, said th...
Learn Machine Learning and AI – Online Training Program @ 93% OFF
Within the next decade, artificial intelligence is likely to play a significant role in our everyday lives. Machine learning already powers image recognition, self-driving cars, and Netflix recommendations. For any aspiring developer, learning how to code smart software is a good move. These skil...
How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats
The Coronavirus is hitting hard on the world's economy, creating a high volume of uncertainty within organizations. Cybersecurity firm Cynet today revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by thre...
L1ght Looks to Protect Internet Users from Toxic and Predatory Behavior
Cybersecurity has been regarded as a necessity for all computer users, especially today when data breaches and malware attacks have become rampant. However, one of the more overlooked aspects of cybersecurity is the prevention of other forms of cybercrime, such as the spread of harmful content an...
Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light
A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed 'Light Commands,' the hack relies on a vulnerability i...
7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App
A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app—one of the most popular open source replacements for Mac's built-in terminal app. Tracked as CVE-2019-9535, the vulnerability in iTerm2 was discovered as part of an independent...
Adobe Releases Security Patches for Flash, Acrobat Reader, Other Products
Good morning readers, it's Patch Tuesday again—the day of the month when Adobe and Microsoft release security patches for their software. Adobe just released its monthly security updates to address a total of 40 security vulnerabilities in several of its products, including Flash Player, Adobe...
WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites
If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites. WordPress has recently patched a severe vulnerability in its iO...
Advanced Breach Protection Demystified – Untold Truths On Security Beyond AV
Doing business in today's connected world means dealing with a continually evolving threat landscape. With potential losses due to downtime following a breach, plus valuable client and proprietary information at risk, most organizations realize they cannot afford to be complacent. This puts extra...
Your Linux Machine Can Be Hacked Remotely With Just A Malicious DNS Response
A critical vulnerability has been discovered in Systemd, the popular init system and service manager for Linux operating systems, that could allow remote attackers to potentially trigger a buffer overflow to execute malicious code on the targeted machines via a DNS response. The vulnerability,...
Critical OpenSSL Flaw Allows Hackers to Impersonate Any Trusted SSL Certificate
The mysterious security vulnerability in the widely used OpenSSL code library is neither HeartBleed nor FREAK, but it’s critical enough to be patched by sysadmins without any delay. OpenSSL Foundation released the promised patch against a high severity vulnerability in OpenSSL versions 1.0.1n and...
Zero-Day Flash Player Exploit Disclosed in 'Hacking Team' Data Dump
The Recent Cyber Attack that exposed 400GB of corporate data belonging to surveillance software firm Hacking Team has revealed that the spyware company have already discovered an exploit for an unpatched zero-day vulnerability in Flash Player. Security researchers at Trend Micro claim that the...
Meher Assel (NeT-Own3r) Tunisian Hacker do 9,856 mass defacements
"Meher Assel NeT-Own3r Tunisian Hacker is one of the Great Hacker. He do almost 9,856 defacements. Zone-H Records : Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post...
282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study
Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable token, or a backend server that accepte...
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a brute-force attack agains...
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer AMOS on Apple macOS systems. The campaign, according to CloudSEK, has been found to...
⚡ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple's Data Dilemma
Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you...
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 CV...
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers ISPs as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that...
New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascadi...
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...
Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control C2 framework within a PNG image of the project's logo. The package employing this...
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw
A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 CVSS score: 9.8, which affects D-Link DIR-645...
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack
Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 CVSS score: 10.0, could be weaponized to obtain unauthenticated remote shell command execution o...
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network CDN cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor...
GenAI: A New Headache for SaaS Security Teams
The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenA...
'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan
An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is no...
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report...
Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs
Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code. The intrusion, which took place...
Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the CVSS scoring system and could...
NIST Warns of Security and Privacy Risks from Rapid AI System Deployment
The U.S. National Institute of Standards and Technology NIST is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence AI systems in recent years. "These security and privacy challenges include the potential for adversari...
Microsoft Warns of COLDRIVER's Evolving Evasion and Credential-Stealing Tactics
The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star...
New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace
A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what's suspected to be a cyber espionage mission. The BlackBerry Threat Research and Intelligence team is tracking the activity cluster as AeroBlade. Its origin is...
North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware
State-sponsored threat actors from the Democratic People's Republic of Korea DPRK have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back to April 2023,...
Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
The advanced persistent threat APT actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew's tactics and capabilities. The findings come from Kaspersky, which first shed light on the adversary...
Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors
Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm formerly Holmium, said the adversar...
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection a...
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created...
New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App
A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called "OfficeNote." "The new version of XLoader is bundled inside a standard Apple disk image with the name OfficeNote.dmg,"...
Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives
Threat actors are increasingly using a phishing-as-a-service PhaaS toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft...
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak...
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts
A critical security flaw has been disclosed in miniOrange's Social Login and Register plugin for WordPress that could enable a malicious actor to log in as any user-provided information about email address is already known. Tracked as CVE-2023-2982 CVSS score: 9.8, the authentication bypass flaw...
Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin
A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive information. The flaw, tracked as CVE-2023-34000, impacts versions 7.4.0 and below. It was addressed by the plugin maintainers in version 7.4.1, which...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization's reputation, induce considerable financial losses, and even have serious legal repercussions. From the infamous Cambridge Analytica...
Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. "Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to...
A CISOs Practical Guide to Storage and Backup Ransomware Resiliency
One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual property. From a cyber risk perspective, attacks on data are the most prominent threat to organizations. Regulators, cyber insurance firms, and auditors are paying much...
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP...