Lucene search
K

20777 matches found

The Hacker News
The Hacker News
added 2021/09/20 11:54 a.m.94 views

Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters

Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property crime, netting the gang about €10 million $11.7 million in illegal proceeds in just a year. "The...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/20 11:0 a.m.27 views

A New Wave of Malware Attack Targeting Organizations in South America

A spam campaign delivering spear-phishing emails aimed at South American organizations has retooled its techniques to include a wide range of commodity remote access trojans RATs and geolocation filtering to avoid detection, according to new research. Cybersecurity firm Trend Micro attributed the...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/20 5:35 a.m.46 views

Google to Auto-Reset Unused Android App Permissions for Billions of Devices

Google on Friday said it's bringing an Android 11 feature that auto-resets permissions granted to apps that haven't been used in months, to devices running Android versions 6 and above. The expansion is expected to go live later this year in December 2021 and enabled on Android phones with Google...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/20 5:7 a.m.31 views

Numando: A New Banking Trojan Targeting Latin American Users

A newly spotted banking trojan has been caught leveraging legitimate platforms like YouTube and Pastebin to store its encrypted, remote configuration and commandeer infected Windows systems, making it the latest to join the long list of malware targeting Latin America LATAM after Guildma, Javali,...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/17 11:2 a.m.25 views

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/17 8:0 a.m.47 views

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

A targeted phishing campaign aimed at the aviation industry for two years may be spearheaded by a threat actor operating out of Nigeria, highlighting how attackers can carry out small-scale cyber offensives for extended periods of time while staying under the radar. Cisco Talos dubbed the malware...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/16 1:38 p.m.33 views

Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects

Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The issue — tracked as CVE-2021-41077 — concerns unauthorized...

7.5CVSS7.6AI score0.01438EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/09/16 9:48 a.m.38 views

Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released

New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices. The flaw — dubbed "Seventh Inferno" CVSS score: 9.8 — is part of a trio ...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/16 7:19 a.m.253 views

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

Microsoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. "These attacks used the vulnerability, tracked as...

8.8CVSS0.5AI score0.96843EPSS
Exploits38
The Hacker News
The Hacker News
added 2021/09/16 6:21 a.m.43 views

You Can Now Sign-in to Your Microsoft Accounts Without a Password

Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email. The change is expected to be rolled out in the coming weeks...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/15 6:36 p.m.170 views

Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs

Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by...

9.8CVSS0.5AI score0.99723EPSS
Exploits20
The Hacker News
The Hacker News
added 2021/09/15 11:3 a.m.53 views

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

The U.S. Department of Justice DoJ on Tuesday disclosed it fined three intelligence community and military personnel $1.68 million in penalties for their role as cyber-mercenaries working on behalf of a U.A.E.-based cybersecurity company. The trio in question — Marc Baier, 49, Ryan Adams, 34, and...

7.8CVSS6.4AI score0.75994EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/09/15 10:16 a.m.76 views

Download the Essential Guide to Response Automation

In the classic children's movie 'The Princess Bride,' one of the characters utters the phrase, "You keep using that word. I do not think it means what you think it means." It's freely used as a response to someone's misuse or misunderstanding of a word or phrase. "Response Automation" is another...

Exploits0
The Hacker News
The Hacker News
added 2021/09/15 5:0 a.m.140 views

Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability

A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively...

9.8CVSS0.1AI score0.99723EPSS
Exploits57
The Hacker News
The Hacker News
added 2021/09/14 1:43 p.m.22 views

New Stealthier ZLoader Variant Spreading Via Fake TeamViewer Download Ads

Users searching for TeamViewer remote desktop software on search engines like Google are being redirected to malicious links that drop ZLoader malware onto their systems while simultaneously embracing a stealthier infection chain that allows it to linger on infected devices and evade detection by...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/14 11:13 a.m.50 views

HP OMEN Gaming Hub Flaw Affects Millions of Windows Computers

Cybersecurity researchers on Tuesday disclosed details about a high-severity flaw in the HP OMEN driver software that impacts millions of gaming computers worldwide, leaving them open to an array of attacks. Tracked as CVE-2021-3437 CVSS score: 7.8, the vulnerabilities could allow threat actors t...

9.8CVSS8.3AI score0.15551EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/09/14 10:26 a.m.25 views

Zero Trust Requires Cloud Data Security with Integrated Continuous Endpoint Risk Assessment

Every once in a while, an industry term will get overused by marketing to the point of becoming a cliche. "Zero Trust" may have reached this threshold. In some ways, we understand why this is happening. Security perimeters have become obsolete as people use mobile devices and cloud applications t...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/14 4:35 a.m.124 views

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware

Apple has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 to fix two actively exploited vulnerabilities, one of which defeated extra security protections built into the operating system. The list of two flaws is as follows - CVE-2021-30858 WebKit - A use after...

8.8CVSS0.2AI score0.75994EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/09/14 4:8 a.m.156 views

Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack

Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild. Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine a...

9.6CVSS0.8AI score0.70435EPSS
Exploits12
The Hacker News
The Hacker News
added 2021/09/13 2:15 p.m.98 views

Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide

Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetratio...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/13 1:48 p.m.40 views

Critical Bug Reported in NPM Package With Millions of Downloads Weekly

A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent. The flaw, tracked ...

9.8CVSS9.2AI score0.02863EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/09/13 7:54 a.m.84 views

New SpookJS Attack Bypasses Google Chrome's Site Isolation Protection

A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in a Spectre-style speculative execution attack. Dubbed "Spook.js" by academics fr...

5.6CVSS2AI score0.93838EPSS
Exploits11
The Hacker News
The Hacker News
added 2021/09/11 11:18 a.m.152 views

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service DDoS attack by a new botnet called Mēris. The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests pe...

9.1CVSS0.4AI score0.96087EPSS
Exploits23
The Hacker News
The Hacker News
added 2021/09/11 8:22 a.m.39 views

WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. The optional feature,...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/10 11:14 a.m.36 views

Moving Forward After CentOS 8 EOL

The Linux community was caught unprepared when, in December 2020, as part of a change in the way Red Hat supports and develops CentOS, Red Hat suddenly announced that it's cutting the official CentOS 8 support window from ten years – to just two, with support ending Dec 31, 2021. It created a...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/10 10:24 a.m.33 views

SOVA: New Android Banking Trojan Emerges With Growing Capabilities

A mix of banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain are the target of a newly discovered Android trojan that could enable attackers to siphon personally identifiable information from infected devices, including banking credentials and open the door for...

1.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/10 8:18 a.m.22 views

Experts Link Sidewalk Malware Attacks to Grayfly Chinese Hacker Group

A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation dubbed Grayfly. In late August, Slovakian cybersecurity firm ESET disclosed details of an implant called SideWalk...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/10 5:7 a.m.75 views

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances ACI services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in the public...

9.3CVSS0.5AI score0.9857EPSS
Exploits33
The Hacker News
The Hacker News
added 2021/09/09 9:57 a.m.26 views

Russian Ransomware Group REvil Back Online After 2-Month Hiatus

The operators behind the REvil ransomware-as-a-service RaaS staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4. Two of the dark web portals, including the gang's Happy Blog data leak site and its...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/09 8:28 a.m.50 views

Fighting the Rogue Toaster Army: Why Secure Coding in Embedded Systems is Our Defensive Edge

There are plenty of pop culture references to rogue AI and robots, and appliances turning on their human masters. It is the stuff of science fiction, fun, and fantasy, but with IoT and connected devices becoming more prevalent in our homes, we need more discussion around cybersecurity and safety...

9.8CVSS9.7AI score0.02545EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/09/09 7:16 a.m.752 views

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices

Network security solutions provider Fortinet confirmed that a malicious actor had unauthorizedly disclosed VPN login names and passwords associated with 87,000 FortiGate SSL-VPN devices. "These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of th...

9.8CVSS0.1AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2021/09/09 5:45 a.m.112 views

CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday issued a bulletin warning of a zero-day flaw affecting Zoho ManageEngine ADSelfService Plus deployments that is currently being actively exploited in the wild. The flaw, tracked as CVE-2021-40539, concerns a REST API...

10CVSS0.9AI score0.99941EPSS
Exploits14
The Hacker News
The Hacker News
added 2021/09/08 12:38 p.m.17 views

3 Ways to Secure SAP SuccessFactors and Stay Compliant

The work-from-anywhere economy has opened up the possibility for your human resources team to source the best talent from anywhere. To scale their operations, organizations are leveraging the cloud to accelerate essential HR functions such as recruiting, onboarding, evaluating, and more. SAP is...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/08 12:33 p.m.128 views

HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack

A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively...

7.5CVSS7.8AI score0.56083EPSS
Exploits5
The Hacker News
The Hacker News
added 2021/09/08 8:8 a.m.30 views

Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group

Cybersecurity researchers on Tuesday released new findings that reveal a year-long mobile espionage campaign against the Kurdish ethnic group to deploy two Android backdoors that masquerade as legitimate apps. Active since at least March 2020, the attacks leveraged as many as six dedicated Facebo...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/08 7:27 a.m.24 views

[Ebook] The Guide for Speeding Time to Response for Lean IT Security Teams

Most cyber security today involves much more planning, and much less reacting than in the past. Security teams spend most of their time preparing their organizations' defenses and doing operational work. Even so, teams often must quickly spring into action to respond to an attack. Security teams...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/08 3:37 a.m.206 views

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 CVSS score: 8.8, the remote code execution flaw is rooted in MSHTML aka Triden...

8.8CVSS0.7AI score0.96843EPSS
Exploits38
The Hacker News
The Hacker News
added 2021/09/07 10:5 a.m.92 views

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. T...

9.8CVSS2.2AI score0.99999EPSS
Exploits45
The Hacker News
The Hacker News
added 2021/09/06 12:17 p.m.36 views

ProtonMail Logs Activist's IP Address With Authorities After Swiss Court Order

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a "legally...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/06 11:13 a.m.21 views

Traffic Exchange Networks Distributing Malware Disguised as Cracked Software

An ongoing campaign has been found to leverage a network of websites acting as a "dropper as a service" to deliver a bundle of malware payloads to victims looking for "cracked" versions of popular business and consumer applications. "These malware included an assortment of click fraud bots, other...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/06 10:33 a.m.25 views

Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC Released

Networking, storage and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. The flaws, which were discovered and reported to Netgear by...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/04 9:8 a.m.48 views

Apple Delays Plans to Scan Devices for Child Abuse Images After Privacy Backlash

Apple is temporarily hitting the pause button on its controversial plans to screen users' devices for child sexual abuse material CSAM after receiving sustained blowback over worries that the tool could be weaponized for mass surveillance and erode the privacy of users. "Based on feedback from...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/04 7:50 a.m.65 views

Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack

Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with "high confidence" to a threat actor operating out of China. In mid-July, the Texas-based company...

10CVSS0.5AI score0.9116EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/09/04 7:19 a.m.120 views

U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw

The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system. "Mass exploitation...

9.8CVSS2.1AI score0.99999EPSS
Exploits45
The Hacker News
The Hacker News
added 2021/09/03 10:40 a.m.24 views

This New Malware Family Using CLFS Log Files to Avoid Detection

Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System CLFS to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms. FireEye's Mandiant Advanced Practices team, which made the discovery...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/03 8:44 a.m.35 views

FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale PoS service provider located in the U.S. The attacks, which are believed to have taken...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/03 6:20 a.m.72 views

Cisco Issues Patch for Critical Enterprise NFVIS Flaw — PoC Exploit Available

Cisco has patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software NFVIS that could be exploited by an attacker to take control of an affected system. Tracked as CVE-2021-34746, the weakness has been rated 9.8 out of a maximum of 1...

9.8CVSS2.5AI score0.19958EPSS
Exploits3
The Hacker News
The Hacker News
added 2021/09/02 3:48 p.m.44 views

What is AS-REP Roasting attack, really?

Microsoft's Active Directory is said to be used by 95% of Fortune 500. As a result, it is a prime target for attackers as they look to gain access to credentials in the organization, as compromised credentials provide one of the easiest ways for hackers to access your data. A key authentication...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/02 12:29 p.m.42 views

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable

A set of new security vulnerabilities has been disclosed in commercial Bluetooth stacks that could enable an adversary to execute arbitrary code and, worse, crash the devices via denial-of-service DoS attacks. Collectively dubbed "BrakTooth" referring to the Norwegian word "Brak" which translates...

8.8CVSS1.2AI score0.01292EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/09/02 10:7 a.m.22 views

WhatsApp Photo Filter Bug Could Have Exposed Your Data to Remote Attackers

A now-patched high-severity security vulnerability in WhatApp's image filter feature could have been abused to send a malicious image over the messaging app to read sensitive information from the app's memory. Tracked as CVE-2020-1910 CVSS score: 7.8, the flaw concerns an out-of-bounds read/write...

7.8CVSS0.6AI score0.05118EPSS
Exploits0
Total number of security vulnerabilities20777