Lucene search
K
ThnMost viewed

20809 matches found

The Hacker News
The Hacker News
added 2022/06/27 1:44 p.m.53 views

Cybersecurity Experts Warn of Emerging Threat of "Black Basta" Ransomware

The Black Basta ransomware-as-a-service RaaS syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/18 4:52 a.m.53 views

New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers

ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet's...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/17 7:37 a.m.53 views

New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host. "Invocation of CVE-2022-0811 can allow an attacker to perform a variety of actions on objectives,...

9CVSS0.1AI score0.18561EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/12/16 1:8 p.m.53 views

Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips

Cybersecurity researchers have demonstrated a new attack technique that makes it possible to leverage a device's Bluetooth component to directly extract network passwords and manipulate traffic on a Wi-Fi chip, putting billions of electronic devices at risk of stealthy attacks. The novel attacks...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/15 11:3 a.m.53 views

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

The U.S. Department of Justice DoJ on Tuesday disclosed it fined three intelligence community and military personnel $1.68 million in penalties for their role as cyber-mercenaries working on behalf of a U.A.E.-based cybersecurity company. The trio in question — Marc Baier, 49, Ryan Adams, 34, and...

7.8CVSS6.4AI score0.75994EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/07/22 10:12 a.m.53 views

Reduce End-User Password Change Frustrations

Organizations today must give attention to their cybersecurity posture, including policies, procedures, and technical solutions for cybersecurity challenges. This often results in a greater burden on the IT service desk staff as end-users encounter issues related to security software, policies, a...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/20 6:52 a.m.53 views

US and Global Allies Accuse China of Massive Microsoft Exchange Attack

The U.S. government and its key allies, including the European Union, the U.K., and NATO, formally attributed the massive cyberattack against Microsoft Exchange email servers to state-sponsored hacking crews working affiliated with the People's Republic of China's Ministry of State Security MSS. ...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/12 11:33 a.m.53 views

Crafting a Custom Dictionary for Your Password Policy

Modern password policies are comprised of many different elements that contribute to its effectiveness. One of the components of an effective current password policy makes use of what is known as a custom dictionary that filters out certain words that are not allowed as passwords in the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/09 2:23 p.m.53 views

Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration

Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocksBlockcomment and encoding stolen credit card data into images and other files hosted on the server, once again demonstrating how the attackers are continuously...

Exploits0
The Hacker News
The Hacker News
added 2021/06/28 7:2 a.m.53 views

DMARC: The First Line of Defense Against Ransomware

There has been a lot of buzz in the industry about ransomware lately. Almost every other day, it's making headlines. With businesses across the globe holding their breath, scared they might fall victim to the next major ransomware attack, it is now time to take action. The FBI IC3 report of 2020...

Exploits0
The Hacker News
The Hacker News
added 2021/06/09 10:17 a.m.53 views

EBook – Creating a Large Company Security Stack on a Lean Company Budget

The speed at which malicious actors have improved their attack tactics and continue to penetrate security systems has made going bigger the major trend in cybersecurity. Facing an evolving threat landscape, organizations have responded by building bigger security stacks, adding more tools and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/08 7:56 a.m.53 views

U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers

In a major blow, the U.S. Department of Justice on Monday said it has recovered 63.7 bitcoins currently valued at $2.3 million paid by Colonial Pipeline to the DarkSide ransomware extortionists on May 8, pursuant to a seizure warrant that was authorized by the Northern District of California. The...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/03 10:28 a.m.53 views

Experts Uncover Yet Another Chinese Spying Campaign Aimed at Southeast Asia

An ongoing cyber-espionage operation with suspected ties to China has been found targeting a Southeast Asian government to deploy spyware on Windows systems while staying under the radar for more than three years. "In this campaign, the attackers utilized the set of Microsoft Office exploits and...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/20 10:20 a.m.53 views

Is Single Sign-On Enough to Secure Your SaaS Applications?

If there's one thing all great SaaS platforms share in common, it's their focus on simplifying the lives of their end-users. Removing friction for users in a safe way is the mission of single sign-on SSO providers. With SSO at the helm, users don't have to remember separate passwords for each app...

Exploits0
The Hacker News
The Hacker News
added 2021/05/10 6:17 a.m.53 views

Four Plead Guilty to Aiding Cyber Criminals with Bulletproof Hosting

Four Eastern European nationals face 20 years in prison for Racketeer Influenced Corrupt Organization RICO charges after pleading guilty to providing bulletproof hosting services between 2008 and 2015, which were used by cybercriminals to distribute malware to financial entities across the U.S. T...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/07 1:20 p.m.53 views

6 Unpatched Flaws Disclosed in Remote Mouse App for Android and iOS

As many as six zero-days have been uncovered in an application called Remote Mouse, allowing a remote attacker to achieve full code execution without any user interaction. The unpatched flaws, collectively named 'Mouse Trap,' were disclosed on Wednesday by security researcher Axel Persinger, who...

9.8CVSS2.4AI score0.14195EPSS
Exploits6
The Hacker News
The Hacker News
added 2021/02/11 7:43 a.m.53 views

Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research. Attributing the operation to be the work of Static Kitten aka MERCURY or MuddyWater, Anomali said the "objective of this activity is to...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/02 10:13 a.m.53 views

Sigma Rules to Live Your Best SOC Life

Security Operations is a 24 x 7 job. It does not stop for weekends or holidays or even that much-needed coffee break after the first hour of the shift is complete. We all know this. Every SOC engineer is hoping for some rest at some point. One of my favorite jokes when talking about Security...

Exploits0
The Hacker News
The Hacker News
added 2021/01/22 10:40 a.m.53 views

Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

Amazon has addressed a number of flaws in its Kindle e-reader platform that could have allowed an attacker to take control of victims' devices by simply sending them a malicious e-book. Dubbed "KindleDrip," the exploit chain takes advantage of a feature called "Send to Kindle" to send a...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/22 10:18 a.m.53 views

Missing Link in a 'Zero Trust' Security Model—The Device You're Connecting With!

Like it or not, 2020 was the year that proved that teams could work from literally anywhere. While terms like "flex work" and "WFH" were thrown around before COVID-19 came around, thanks to the pandemic, remote working has become the defacto way people work nowadays. Today, digital-based work...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/09/17 2:14 p.m.53 views

Zenscrape: A Simple Web Scraping Solution for Penetration Testers

Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/06/13 10:54 a.m.53 views

Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room

You might not believe it, but it's possible to spy on secret conversations happening in a room from a nearby remote location just by observing a light bulb hanging in there—visible from a window—and measuring the amount of light it emits. A team of cybersecurity researchers has developed and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/05/28 10:35 a.m.53 views

A New Free Monitoring Tool to Measure Your Dark Web Exposure

Last week, application security company ImmuniWeb released a new free tool to monitor and measure an organization's exposure on the Dark Web. To improve the decision-making process for cybersecurity professionals, the free tool crawls Dark Web marketplaces, hacking forums, and Surface Web resourc...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/30 12:14 p.m.53 views

New Android Malware Steals Banking Passwords, Private Data and Keystrokes

A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Called "EventBot" by Cybereason researchers, the malware is...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/04 10:16 a.m.53 views

Top 10 Most Innovative Cybersecurity Companies After RSA 2020

The RSA Conference, the world's leading information security conference and exposition, held its 29th annual event in San Francisco last week. According to the organizers, over 36,000 attendees, 704 speakers, and 658 exhibitors gathered at the Moscone Center to discuss privacy, Machine Learning,...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/01/02 8:11 p.m.53 views

Landry's Restaurant Chain Suffers Payment Card Theft Via PoS Malware

Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale POS systems that allowed cybercriminals to steal customers' payment card information. Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outle...

Exploits0
The Hacker News
The Hacker News
added 2019/08/29 6:38 p.m.53 views

Google Will Now Pay Anyone Who Reports Apps Abusing Users' Data

In the wake of data abuse scandals and several instances of malware app being discovered on the Play Store, Google today expanded its bug bounty program to beef up the security of Android apps and Chrome extensions distributed through its platform. The expansion in Google's vulnerability reward...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/08/23 6:57 p.m.53 views

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

A prolific hacker who carried out phishing scams against hundreds of companies worldwide has been ordered to pay back more than $1.1 million over £922,000 worth of cryptocurrencies to his victims. Grant West, a 27-year-old resident of Kent, England, targeted several well-known companies around th...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/05/08 11:19 a.m.53 views

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

A bug hunter has discovered and publicly disclosed details of an unpatched browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically...

Exploits0
The Hacker News
The Hacker News
added 2019/04/25 3:0 p.m.53 views

'Highly Critical' Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2018/03/31 10:57 a.m.53 views

Russian Hacker Who Allegedly Hacked LinkedIn and Dropbox Extradited to US

A Russian man accused of hacking LinkedIn, Dropbox, and Formspring in 2012 and possibly compromising personal details of over 100 million users, has pleaded not guilty in a U.S. federal court after being extradited from the Czech Republic. Yevgeniy Aleksandrovich Nikulin, 30, of Moscow was arrest...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/12/21 3:59 a.m.53 views

Hackers Targeting Servers Running Database Services for Mining Cryptocurrency

Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The researchers from security firm GuardiCore...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2016/10/24 10:11 p.m.53 views

Warning! Your iPhone Can Get Hacked Just by Opening a JPEG Image, PDF or Font File

What's worse than knowing that innocent looking JPEGs, PDFs and font files can hijack your iPhone, iPad, and iPod. Yes, attackers can take over your vulnerable Apple's iOS device remotely – all they have to do is trick you to view a maliciously-crafted JPEG graphic or PDF file through a website o...

6.8CVSS8.2AI score0.01812EPSS
Exploits0
The Hacker News
The Hacker News
added 2015/09/07 6:46 a.m.53 views

Warning! Seagate Wireless Hard Drives Have a Secret Backdoor for Hackers

Several of Seagate's 3rd generation Wireless Hard drives have a secret backdoor for hackers that puts users' data at risk. A Recent study done by the security researchers at Tangible Security firm disclosed an “undocumented Telnet services” with a hard-coded password in Seagate Wireless Hard...

10CVSS9.5AI score0.04154EPSS
Exploits2
The Hacker News
The Hacker News
added 2015/07/24 2:52 a.m.53 views

RCSAndroid — Advanced Android Hacking Tool Leaked Online

As digging deeper and deeper into the huge Hacking Team data dump, security researchers are finding more and more source code, including an advanced Android Hacking Tool. Yes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to...

6.8CVSS6.6AI score0.0238EPSS
Exploits0
The Hacker News
The Hacker News
added 2014/02/24 11:20 p.m.53 views

Caphaw Banking Malware Distributed via YouTube Ads

More than one billion of unique visitor spend about 6 billion hours on YouTube to watch videos, according to monthly YouTube Stats. Security researchers from Bromium Labs recently found that YouTube advertising network has been abused by rogue advertisers to distribute malware. YouTube In-Stream...

9.3CVSS9AI score0.70248EPSS
Exploits9
The Hacker News
The Hacker News
added 2013/06/18 6:47 a.m.53 views

BlackBerry Z10 Privilege Escalation Vulnerability

BlackBerry Z10 users should be aware that there is a privilege escalation vulnerability. The vulnerability potentially allows a hacker to modify or edit data on a stolen BlackBerry Z10 smartphone with BlackBerry Protect enabled, identified as BSRT-2013-006 CVE-2013-3692 According to the...

10CVSS6.8AI score0.08158EPSS
Exploits0
The Hacker News
The Hacker News
added 2012/12/20 4:44 a.m.53 views

Croatian Banks hacked by Anonymous

Anonymous Croatia hacking crew yesterday deface two Croatian Banks websites and add Anonymous Logo on home pages. The hackers left a message saying: "We are Anonymous. We don't forgive. We don't forget. You were stealing enough from people. Soon the other banks will fall". Karlovacka Banka kaba.h...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/22 5:50 a.m.53 views

Israeli Prime Minister Netanyahu's Website Defaced by Egyptian Hacker

Israeli Prime Minister Netanyahu's Website Defaced by Egyptian Hacker An Egyptian hacker managed on Sunday to hack into the website of Israeli Prime Minister, Benjamin Netanyahu, and placed a picture of Egyptian soldiers raising the Egyptian flag in Sinai during the October, 6, 1973, on the sites...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/14 5:57 p.m.52 views

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 CVSS score: 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricte...

9.8CVSS9.5AI score0.91941EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/03/21 10:28 a.m.52 views

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. "Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control C2 servers...

9.1CVSS9.5AI score0.99999EPSS
Exploits112
The Hacker News
The Hacker News
added 2024/11/07 12:0 p.m.52 views

A Hacker's Guide to Password Cracking

Defending your organization's security is like fortifying a castle—you need to understand where attackers will strike and how they'll try to breach your walls. And hackers are always searching for weaknesses, whether it's a lax password policy or a forgotten backdoor. To build a stronger defense,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/29 3:59 p.m.52 views

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack

Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...

9.6CVSS9.5AI score0.29179EPSS
Exploits6
The Hacker News
The Hacker News
added 2024/04/17 1:32 p.m.52 views

Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/08 11:29 a.m.52 views

Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/03 11:12 a.m.52 views

Attack Surface Management vs. Vulnerability Management

Attack surface management ASM and vulnerability management VM are often confused, and while they overlap, they're not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attac...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/14 10:24 a.m.52 views

3 Things CISOs Achieve with Cato

Being a CISO is a balancing act: ensuring organizations are secure without compromising users' productivity. This requires taking multiple elements into consideration, like cost, complexity, performance and user experience. CISOs around the globe use Cato SSE 360, as part of the Cato SASE Cloud...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/11 6:28 a.m.52 views

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Technical specifics and a proof-of-concept PoC exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403...

10CVSS8.2AI score0.03272EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/03/07 1:45 p.m.52 views

Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks

Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, "target WordPress websites from the browsers of completely innocent and...

9.8CVSS7.7AI score0.067EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/02/29 11:33 a.m.52 views

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges GRX The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol GTP for command-and-control C2 communications. GPRS...

7.1AI score
Exploits0
Total number of security vulnerabilities5000