New BLISTER Malware Using Code Signing Certificates to Evade Detection

Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems. The binary, a loader, has...

New Fileless Malware Uses Windows Registry as Storage to Evade Detection

A new JavaScript-based remote access Trojan RAT propagated via a social engineering campaign has been observed employing sneaky "fileless" techniques as part of its detection-evasion methods to elude discovery and analysis. Dubbed DarkWatchman by researchers from Prevailion's Adversarial...

New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists

North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat APT as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the...

Italy's Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practices

Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza...

U.S. Charges Ukrainian Hacker for Kaseya Attack; Seizes $6 Million from REvil Gang

The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack dow...

Critical Flaws Uncovered in Pentaho Business Analytics Software

Multiple vulnerabilities have been disclosed in Hitachi Vantara's Pentaho Business Analytics software that could be abused by malicious actors to upload arbitrary data files and even execute arbitrary code on the underlying host system of the application. The security weaknesses were reported by...

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft...

What is AS-REP Roasting attack, really?

Microsoft's Active Directory is said to be used by 95% of Fortune 500. As a result, it is a prime target for attackers as they look to gain access to credentials in the organization, as compromised credentials provide one of the easiest ways for hackers to access your data. A key authentication...

Why Is There A Surge In Ransomware Attacks?

The U.S. is presently combating two pandemics--coronavirus and ransomware attacks. Both have partially shut down parts of the economy. However, in the case of cybersecurity, lax security measures allow hackers to have an easy way to rake in millions. It's pretty simple for hackers to gain...

Another Hacker Arrested for 2020 Twitter Hack and Massive Bitcoin Scam

A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts. Joseph O'Connor, 22, has been charged with intentionally accessing a computer without authorization and obtaini...

Trickbot Malware Returns with a new VNC Module to Spy on its Victims

Cybersecurity researchers have opened the lid on the continued resurgence of the insidious Trickbot malware, making it clear that the Russia-based transnational cybercrime group is working behind the scenes to revamp its attack infrastructure in response to recent counter efforts from law...

Unpatched Virtual Machine Takeover Bug Affects Google Compute Engine

An unpatched security vulnerability affecting Google's Compute Engine platform could be abused by an attacker to take over virtual machines over the network. "This is done by impersonating the metadata server from the targeted virtual machine's point of view," security researcher Imre Rad said in...

Shifting the focus from reactive to proactive, with human-led secure coding

The same 10 software vulnerabilities have caused more security breaches in the last 20+ years than any others. And yet, many businesses still opt for post-breach, post-event remediation, muddling through the human and business ramifications of it all. But now, a new research study points to a new...

Chinese Hackers Attacking Military Organizations With New Backdoor

Bad actors with suspected ties to China have been behind a wide-ranging cyberespionage campaign targeting military organizations in Southeast Asia for nearly two years, according to new research. Attributing the attacks to a threat actor dubbed "Naikon APT," cybersecurity firm Bitdefender laid ou...

Android to Support Rust Programming Language to Prevent Memory Flaws

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project AOSP with Rust for the past 18 months...

Hackers Targeting professionals With 'more_eggs' Malware via LinkedIn Job Offers

A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called "moreeggs." To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the...

Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data

A cybercrime group known for targeting e-commerce websites unleashed a "multi-stage malicious campaign" earlier this year designed with an intent to distribute information stealers and JavaScript-based payment skimmers. In a new report published today and shared with The Hacker News,...

Evolution of Emotet: From Banking Trojan to Malware Distributor

Emotet is one of the most dangerous and widespread malware threats active today. Ever since its discovery in 2014—when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for distributing other kinds of computer viruses. Being...

How to Run Google SERP API Without Constantly Changing Proxy Servers

You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while. After several...

U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks

The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate GRU, ha...

XDR: The Next Level of Prevention, Detection and Response [New Guide]

One new security technology we keep hearing about is Extended Detection and Response XDR. This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control an...

Adobe Issues July 2020 Critical Security Patches for Multiple Software

Adobe today released software updates to patch a total of 13 new security vulnerabilities affecting 5 of its widely used applications. Out of these 13 vulnerabilities, four have been rated critical, and nine are important in severity. The affected products that received security patches today...

VirusTotal Adds Cynet's Artificial Intelligence-Based Malware Detection

VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm. VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and...

New Skill Testing Platform For 6 Most In-Demand Cybersecurity Jobs

Building a security team is a necessity for organizations of all industries and sizes. It makes selecting the right person for the job a critical task in which testing candidates' domain knowledge is a core component of the hiring process. A common practice is for each organization to put togethe...

L1ght Looks to Protect Internet Users from Toxic and Predatory Behavior

Cybersecurity has been regarded as a necessity for all computer users, especially today when data breaches and malware attacks have become rampant. However, one of the more overlooked aspects of cybersecurity is the prevention of other forms of cybercrime, such as the spread of harmful content an...

Prepare for Cisco, CompTIA, and More IT Certifications with this Bundle

Exams are pretty important in professional IT. You can have all the practical knowledge in the world, but technical recruiters want to see certificates. If you want to improve your resume, the Complete 2020 IT Certification Exam Prep Mega Bundle will help you ace nine of the most important exams...

Top 5 Essential Features of Effective Cybersecurity for Web Apps

There's hardly any business nowadays that don't use computers and connect to the Internet. Companies maintain an online presence through their official websites, blogs, and social media pages. People use online services to conduct day to day activities like banking. And of course, there are many...

Google Sued Over Misleading Users About Location Tracking Feature

Google was in the news last week for a misleading claim that "with Location History off, the places you go are no longer stored," which is not true. Now, the search engine giant is once again in the news after a San Diego man has filed the first lawsuit against Google over this issue. Last week,...

Apple Transfers Chinese Users' iCloud Data to State-Controlled Data Centers

There's terrible news for Apple users in China. Apple's Chinese data center partner has transferred iCloud data, belonging to 130 million China-based users, to a cloud storage service managed by a state-owned mobile telecom provider—raising concerns about privacy. Back in February this year, Appl...

Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers

Although the original creators of the infamous IoT malware Mirai have already been arrested and sent to jail, the variants of the notorious botnet are still in the game due to the availability of its source code on the Internet. Hackers have widely used the infamous IoT malware to quietly amass a...

Unpatchable 'DoubleAgent' Attack Can Hijack All Windows Versions — Even Your Antivirus!

A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer. Dubbed DoubleAgent, the new injecting code technique works on all versions of Microsoft Windows operating...

Microsoft Releases 4 Security Updates — Smallest Patch Tuesday Ever!

In Brief Microsoft has issued its first Patch Tuesday for 2017, and it's one of the smallest ever monthly patch releases for the company, with only four security updates to address vulnerabilities in its Windows operating system as well as Adobe Flash Player. Meanwhile, Adobe has also released...

OpenSSL Releases Patch For "High" Severity Vulnerability

As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software. The most serious of all is a heap-based buffer overflow bug CVE-2016-7054 related to Transport Layer Security TLS connections using -CHACHA20-POLY1305...

Another Critical Flaw Affecting Almost All Android Devices

Two weeks ago, we reported about a critical mediaserver vulnerability that threatened to crash more than 55 percent of Android devices, making them unresponsive and practically unusable to perform most essential tasks. Now, security researchers at Trend Micro have uncovered another flaw in the...

Anonymous Hackers Target Israeli Websites and Leak Credentials

The infamous hacking group Anonymous that vowed an 'Electronic Holocaust' against Israel and promised to 'erase Israel from cyberspace' on 7th April, managed to launch a cyber attack, beginning Tuesday morning. In a spooky video "message to Israel" posted on YouTube March 4, Anonymous declared...

Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

Warning for Adobe users! Another zero-day vulnerability has been discovered in Adobe Flash Player that is actively being exploited by cyber crooks in drive-by download attacks, security researchers warned today. This is for the third time in last few weeks when Adobe is dealing with a zero day...

Samsung 'Find My Mobile' Flaw Allows Hacker to Remotely Lock Your Device

The National Institute of Standards and Technology NIST is warning users of a newly discovered Zero-Day flaw in the Samsung Find My Mobile service, which fails to validate the sender of a lock-code data received over a network. The Find My Mobile feature implemented by Samsung in their devices is...

The Bash Vulnerability: How to Protect your Environment

A recently discovered hole in the security of the Bourne-Again Shell bash has the majority of Unix/Linux including OS X admins sweating bullets. You should be, too--attackers have already developed exploits to unleash on unpatched web servers, network services and daemons that use shell scripts...

Reported Apple iCloud Hack Leaked Hundreds of Celebrity Photos

Now this gonna be the height of Privacy Breach! Images of several high-profile persona including actors, models, singers and presenters have been made available online in a blatant hacking leak linked to the Apple iCloud service. The recent privacy breach appears to be one of the biggest celebrit...

MediaWiki Remote Code Execution vulnerability leaves Wikipedia open for Cyber attacks

The Encyclopedia giant WIKIPEDIA has been found vulnerable to remote code execution because of a critical flaw in the MediaWiki software. Wikipedia is a name which has become a major source of information for all of us. It has webpages on almost every topic you need to search. This giant is power...

Malicious Pinterest browser plugin stealing passwords and spreading spam

Social networking sites are unfortunately now major interest to malicious cyber criminals, spreading malware and building botnet army to steal money direct from your keyboards. Janne Ahlberg, a security professional from Finland found and analysed an interesting piece of malicious code, offered a...

Ruby on Rails exploit could hijack unpatched servers for botnet

Server Administrators are being urged to update their Ruby on Rails servers following the discovery of an active malware campaign targeting vulnerable versions of the web development framework. According to security researcher Jeff Jarmoc, Hackers are exploiting a known and patched vulnerability ...

Official Debian and Python Wiki Servers Compromised

Administration from Debian and Python project official websites confirmed that their WIKI servers were compromised by some unknown hackers recently. Hackers was able to hack because of several vulnerabilities in "moin" package. According to Brian Curtin at Python Project, Hacker user some unknown...

SpoofTooph 0.5 : Automate Cloning of Bluetooth devices

SpoofTooph 0.5 : Automate Cloning of Bluetooth devices SpoofTooph 0.5 has been updated with some major bug fixes and new features. The new version 0.5 runs scans MUCH faster, which also allows for more Device Names to be resolved during scans. Spooftooph is designed to automate spoofing or clonin...

IPfucK -- A Proxy tool for Firefox -- New Version

Having your IP address considered as private from a legal point of view, it is always interesting to increase your on-line privacy. Not only to hide your illegal activity indeed for most politicians and anti-fraud organizations, behind each surfers lives, but to just keep your personal informatio...

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per...

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning WebDAV that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This include...

Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

Adobe on Tuesday pushed security updates to address a total of 254 security flaws impacting its software products, a majority of which affect Experience Manager AEM. Of the 254 flaws, 225 reside in AEM, impacting AEM Cloud Service CS as well as all versions prior to and including 6.5.22. The issu...

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system's primary disk and render it unbootable. The names of the packages are listed below - github.com/truthfulpharm/prototransfor...

SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients

Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. "We first became aware of this threat cluster during a 2024 intrusion conducted against an...