Lucene search
+L
ThnMost viewed

20926 matches found

The Hacker News
The Hacker News
added 2024/03/20 11:26 a.m.53 views

TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks

Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail the exploitation of CVE-2024-27198 CVSS score...

9.8CVSS7.9AI score0.99938EPSS
Exploits24
The Hacker News
The Hacker News
added 2024/03/14 11:59 a.m.53 views

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover

Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. "The vulnerability allows remote code execution with SYSTEM privileges on all Windows...

9.8CVSS8AI score0.32088EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/03/11 2:47 p.m.53 views

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/07 1:45 p.m.53 views

Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks

Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, "target WordPress websites from the browsers of completely innocent and...

9.8CVSS7.7AI score0.06646EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/02/10 7:12 a.m.53 views

Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/24 2:25 p.m.53 views

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine GKE that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster. The critical shortcoming has been codenamed Sys:All by cloud security firm Orca. As many ...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/09 1:45 p.m.53 views

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Poorly secured Microsoft SQL MS SQL servers are being targeted in the U.S., European Union, and Latin American LATAM regions as part of an ongoing financially motivated campaign to gain initial access. "The analyzed threat campaign appears to end in one of two ways, either the selling of 'access'...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/01 2:0 p.m.53 views

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Security researchers have detailed a new variant of a dynamic link library DLL search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/14 11:54 a.m.53 views

Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service DDoS botnet dubbed OracleIV. "Attackers are exploiting this misconfiguration to deliver a malicious Docker container, buil...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/10 9:0 a.m.53 views

The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest

There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/10 7:11 a.m.53 views

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors

A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/02 1:45 p.m.53 views

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations

The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened ...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/23 11:34 a.m.53 views

Who's Experimenting with AI Tools in Your Organization?

With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence—formerly the realm of data science and engineering teams—has become a resource available to every employee. From a productivity perspective, that's fantastic. Unfortunately for IT and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/27 2:42 p.m.53 views

Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors

A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," addin...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/28 3:40 p.m.53 views

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf,"...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/11 9:40 a.m.53 views

New SystemBC Malware Variant Targets Southern African Power Company

An unknown threat actor has been linked to a cyber attack on a power generation company in southern Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. "The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a sout...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/28 5:46 a.m.53 views

Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required

Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an "extremely severe" flaw that could result in pre-authenticated remote code execution on affected installations. Tracked as...

8.7AI score0.97924EPSS
Exploits37
The Hacker News
The Hacker News
added 2023/07/15 6:41 a.m.53 views

Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens

Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory Azure AD tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account MSA consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consum...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/22 10:17 a.m.53 views

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites

A critical security flaw has been disclosed in the WordPress "Abandoned Cart Lite for WooCommerce" plugin that's installed on more than 30,000 websites. "This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically...

9.8CVSS7.6AI score0.41077EPSS
Exploits8
The Hacker News
The Hacker News
added 2023/06/06 1:17 p.m.53 views

Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices

Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular applications to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to dri...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/13 7:45 a.m.53 views

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

A new phishing-as-a-service PhaaS or PaaS platform named Greatness has been leveraged by cybercriminals to target business users of the Microsoft 365 cloud service since at least mid-2022, effectively lowering the bar to entry for phishing attacks. "Greatness, for now, is only focused on Microsof...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/26 7:5 a.m.53 views

VMware Releases Critical Patches for Workstation and Fusion Software

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 CVSS score: 9.3, is described as a stack-based...

6.8AI score0.70423EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/04/12 11:58 a.m.53 views

Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit

Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/18 5:17 a.m.53 views

LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions

U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise IoCs and tactics, techniques, and procedures TTPs associated with the notorious LockBit 3.0 ransomware. "The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service RaaS...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/14 12:2 p.m.53 views

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. "GoBruteforcer chose a Classless Inter-Domain Routing CIDR block for scanning the network during the attack, and it targeted all I...

Exploits0
The Hacker News
The Hacker News
added 2023/03/06 12:13 p.m.53 views

Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

Law enforcement authorities from Germany and Ukraine have targeted suspected core members of a cybercrime group that has been behind large-scale attacks using DoppelPaymer ransomware. The operation, which took place on February 28, 2023, was carried out with support from the Dutch National Police...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/29 5:47 a.m.53 views

Gootkit Malware Continues to Evolve with New Components and Obfuscations

The threat actors associated with the Gootkit malware have made "notable changes" to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/28 10:42 a.m.53 views

Microsoft Urges Customers to Secure On-Premises Exchange Servers

Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. "Attackers looking to exploit unpatched Exchange...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/23 1:8 p.m.53 views

34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malware

As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. "The underground market value of stolen logs and compromised card details is estimated around $5.8...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/03 6:48 a.m.53 views

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data

Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China. The ByteDance-owned platform, which currently stores European user data in the U.S...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/23 10:21 a.m.53 views

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities KEV Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager...

9.8CVSS1.5AI score0.9994EPSS
Exploits5
The Hacker News
The Hacker News
added 2022/09/02 10:57 a.m.53 views

JuiceLedger Hackers Behind the Recent Phishing Attacks Against PyPI Users

More details have emerged about the operators behind the first-known phishing campaign specifically aimed at the Python Package Index PyPI, the official third-party software repository for the programming language. Connecting it to a threat actor tracked as JuiceLedger, cybersecurity firm...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/02 7:0 a.m.53 views

New Evidence Links Raspberry Robin Malware to Dridex and Russian Evil Corp Hackers

Researchers have identified functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' connections to the Russia-based Evil Corp group. The findings suggest that "Evil Corp is likely using...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/31 1:53 a.m.53 views

Chinese Hackers Used ScanBox Framework in Recent Cyber Espionage Attacks

A months-long cyber espionage campaign undertaken by a Chinese nation-state group targeted several entities with reconnaissance malware so as to glean information about its victims and meet its strategic goals. "The targets of this recent campaign spanned Australia, Malaysia, and Europe, as well ...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/16 9:35 a.m.53 views

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "highly persistent threat actor" whose objectives align closely with Russian state interests. The company is tracking the espionage-oriented activity cluster under its chemical element-themed moniker...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/09 2:24 p.m.53 views

Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack

Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/03 4:9 p.m.53 views

Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in an hour's time. The algorithm in question is SIKE — short for Supersingular Isogeny Key...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/21 1:22 p.m.53 views

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems

A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one of the most intricate...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/30 9:40 a.m.53 views

Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks

A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate. Sebastien Vachon-Desjardins, who was extradited to the U.S. on March 10, 2022, is accused of conspiracy to commit computer fraud and wi...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/27 1:44 p.m.53 views

Cybersecurity Experts Warn of Emerging Threat of "Black Basta" Ransomware

The Black Basta ransomware-as-a-service RaaS syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/06 3:15 p.m.53 views

Cyber Security WEBINAR — How to Ace Your InfoSec Board Deck

Communication is a vital skill for any leader at an organization, regardless of seniority. For security leaders, this goes double. Communicating clearly works on multiple levels. On the one hand, security leaders and CISOs must be able to communicate strategies clearly – instructions, incident...

Exploits0
The Hacker News
The Hacker News
added 2022/03/18 4:52 a.m.53 views

New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers

ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet's...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/17 7:37 a.m.53 views

New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host. "Invocation of CVE-2022-0811 can allow an attacker to perform a variety of actions on objectives,...

9CVSS0.1AI score0.18561EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/03/16 7:53 a.m.53 views

Multiple Flaws Uncovered in ClickHouse OLAP Database System for Big Data

Researchers have disclosed seven new security vulnerabilities in an open-source database management system solution called ClickHouse that could be weaponized to crash the servers, leak memory contents, and even lead to the execution of arbitrary code. "The vulnerabilities require authentication,...

9.1CVSS1.5AI score0.54889EPSS
Exploits14
The Hacker News
The Hacker News
added 2021/12/27 11:32 a.m.53 views

'Spider-Man: No Way Home' Pirated Downloads Contain Crypto-Mining Malware

Peter Parker might not be a mastermind cryptocurrency criminal, but the name Spiderman is quickly becoming more associated with the mining landscape. ReasonLabs, a leading provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into customer...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/11/26 10:32 a.m.53 views

Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token NFT, and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "This malware installer has been used in ...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/29 11:3 a.m.53 views

New 'Shrootless' Bug Could Let Attackers Install Rootkit on macOS Systems

Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed "Shrootless"...

5.5CVSS1AI score0.10352EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/09/15 11:3 a.m.53 views

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

The U.S. Department of Justice DoJ on Tuesday disclosed it fined three intelligence community and military personnel $1.68 million in penalties for their role as cyber-mercenaries working on behalf of a U.A.E.-based cybersecurity company. The trio in question — Marc Baier, 49, Ryan Adams, 34, and...

7.8CVSS6.4AI score0.75994EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/08/03 11:27 a.m.53 views

Chinese Hackers Target Major Southeast Asian Telecom Companies

Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. "The goal of the attackers behind these...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/22 10:12 a.m.53 views

Reduce End-User Password Change Frustrations

Organizations today must give attention to their cybersecurity posture, including policies, procedures, and technical solutions for cybersecurity challenges. This often results in a greater burden on the IT service desk staff as end-users encounter issues related to security software, policies, a...

7.2AI score
Exploits0
Total number of security vulnerabilities5000