Lucene search
K

20782 matches found

The Hacker News
The Hacker News
added 2021/07/15 8:25 a.m.412 views

Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild

Threat intelligence researchers from Google on Wednesday shed more light on four in-the-wild zero-days in Chrome, Safari, and Internet Explorer browsers that were exploited by malicious actors in different campaigns since the start of the year. What's more, three of the four zero-days were...

8.8CVSS8.7AI score0.64701EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/07/14 12:58 p.m.46 views

16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain

Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. The arrests were made in Ribeira A Coruña, Madrid, Parla and...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/14 11:1 a.m.37 views

REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks

REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web, leading to speculations that the criminal enterprise may have been taken down. Multiple darknet and clearnet sites maintained by the Russia-linke...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/14 5:3 a.m.384 views

Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days

Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. Of the 117...

10CVSS0.2AI score0.99999EPSS
Exploits58
The Hacker News
The Hacker News
added 2021/07/14 3:41 a.m.104 views

Chinese Hackers Exploited Latest SolarWinds 0-Day in Targeted Attacks

Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution RCE exploit is the handiwork of a Chinese threat actor dubbed "DEV-0322." The revelation comes days after the Texas-based IT monitori...

10CVSS1.9AI score0.9116EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/07/13 3:42 p.m.47 views

Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative

Cybersecurity researchers have disclosed new security vulnerabilities in the Etherpad text editor version 1.8.13 that could potentially enable attackers to hijack administrator accounts, execute system commands, and even steal sensitive documents. The two flaws — tracked as CVE-2021-34816 and...

7.2CVSS0.5AI score0.02229EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/07/13 9:40 a.m.31 views

Iranian Hackers Posing as Scholars Target Professors and Writers in Middle-East

A sophisticated social engineering attack undertaken by an Iranian-state aligned actor targeted think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London's School of Oriental and African Studies SOAS. Enterprise...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/13 7:6 a.m.44 views

Trickbot Malware Returns with a new VNC Module to Spy on its Victims

Cybersecurity researchers have opened the lid on the continued resurgence of the insidious Trickbot malware, making it clear that the Russia-based transnational cybercrime group is working behind the scenes to revamp its attack infrastructure in response to recent counter efforts from law...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/13 4:48 a.m.114 views

Critical RCE Flaw in ForgeRock Access Manager Under Active Attack

Cybersecurity agencies in Australia and the U.S. are warning of an actively exploited vulnerability impacting ForgeRock's OpenAM access management solution that could be leveraged to execute arbitrary code on an affected system remotely. "The Australian Cyber Security Centre has observed actors...

10CVSS3.8AI score0.99999EPSS
Exploits8
The Hacker News
The Hacker News
added 2021/07/13 3:58 a.m.97 views

A New Critical SolarWinds Zero-Day Vulnerability Under Active Attack

SolarWinds, the Texas-based company that became the epicenter of a massive supply chain attack late last year, has issued patches to contain a remote code execution flaw in its Serv-U managed file transfer service. The fixes, which target Serv-U Managed File Transfer and Serv-U Secure FTP product...

10CVSS1.4AI score0.9116EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/07/12 11:33 a.m.53 views

Crafting a Custom Dictionary for Your Password Policy

Modern password policies are comprised of many different elements that contribute to its effectiveness. One of the components of an effective current password policy makes use of what is known as a custom dictionary that filters out certain words that are not allowed as passwords in the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/12 11:4 a.m.186 views

Hackers Spread BIOPASS Malware via Chinese Online Gambling Sites

Cybersecurity researchers are warning about a new malware that's striking online gambling companies in China via a watering hole attack to deploy either Cobalt Strike beacons or a previously undocumented Python-based backdoor called BIOPASS RAT that takes advantage of Open Broadcaster Software OB...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/12 4:36 a.m.276 views

Kaseya Releases Patches for Flaws Exploited in Widespread Ransomware Attack

Florida-based software vendor Kaseya on Sunday rolled out urgent updates to address critical security vulnerabilities in its Virtual System Administrator VSA solution that was used as a jumping off point to target as many as 1,500 businesses across the globe as part of a widespread supply-chain...

10CVSS0.9AI score0.85619EPSS
Exploits5
The Hacker News
The Hacker News
added 2021/07/09 2:23 p.m.53 views

Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration

Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocksBlockcomment and encoding stolen credit card data into images and other files hosted on the server, once again demonstrating how the attackers are continuously...

Exploits0
The Hacker News
The Hacker News
added 2021/07/09 11:59 a.m.43 views

New SaaS Security Report Dives into the Concerns and Plans of CISOs in 2021

For years, security professionals have recognized the need to enhance SaaS security. However, the exponential adoption of Software-as-a-Service SaaS applications over 2020 turned slow-burning embers into a raging fire. Organizations manage anywhere from thirty-five to more than a hundred...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/09 7:0 a.m.219 views

Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems

Multiple security vulnerabilities have been disclosed in Philips Clinical Collaboration Platform Portal aka Vue PACS, some of which could be exploited by an adversary to take control of an affected system. "Successful exploitation of these vulnerabilities could allow an unauthorized person or...

9.8CVSS0.4AI score0.9927EPSS
Exploits53
The Hacker News
The Hacker News
added 2021/07/09 5:39 a.m.72 views

Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files

While it's a norm for phishing campaigns that distribute weaponized Microsoft Office documents to prompt victims to enable macros in order to trigger the infection chain directly, new findings indicate attackers are using non-malicious documents to disable security warnings prior to executing mac...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/08 11:26 a.m.139 views

Critical Flaws Reported in Sage X3 Enterprise Management Software

Four security vulnerabilities have been uncovered in the Sage X3 enterprise resource planning ERP product, two of which could be chained together as part of an attack sequence to enable adversaries to execute malicious commands and take control of vulnerable systems. These issues were discovered ...

10CVSS1.6AI score0.70268EPSS
Exploits9
The Hacker News
The Hacker News
added 2021/07/08 9:58 a.m.54 views

Experts Uncover Malware Attacks Targeting Corporate Networks in Latin America

Cybersecurity researchers on Thursday took the wraps off a new, ongoing espionage campaign targeting corporate networks in Spanish-speaking countries, specifically Venezuela, to spy on its victims. Dubbed "Bandidos" by ESET owing to the use of an upgraded variant of Bandook malware, the primary...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/08 9:43 a.m.46 views

Security Awareness Training is Broken. Human Risk Management (HRM) is the Fix

Humans are an organization's strongest defence against evolving cyber threats, but security awareness training alone often isn't enough to transform user behaviour. In this guide, usecure looks at why Human Risk Management HRM is the new fix for building a security-savvy workforce. Don't be...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/08 9:32 a.m.2467 views

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare

This week, PrintNightmare - Microsoft's Print Spooler vulnerability CVE-2021-34527 was upgraded from a 'Low' criticality to a 'Critical' criticality. This is due to a Proof of Concept published on GitHub, which attackers could potentially leverage for gaining access to Domain Controllers. As we...

9CVSS0.99759EPSS
Exploits41
The Hacker News
The Hacker News
added 2021/07/08 9:31 a.m.47 views

SideCopy Hackers Target Indian Government Officials With New Malware

A cyber-espionage group has been observed increasingly targeting Indian government personnel as part of a broad campaign to infect victims with as many as four new custom remote access trojans RATs, signaling a "boost in their development operations." Attributed to a group tracked as SideCopy, th...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/08 4:35 a.m.281 views

Microsoft's Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability

Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain...

9.3CVSS1.4AI score0.99759EPSS
Exploits75
The Hacker News
The Hacker News
added 2021/07/07 1:18 p.m.35 views

WildPressure APT Emerges With New Malware Targeting Windows and macOS

A malicious campaign that has set its sights on industrial-related entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to strike both Windows and macOS operating systems, symbolizing an expansion in both its targets and its strategy around distributing threats...

Exploits0
The Hacker News
The Hacker News
added 2021/07/07 12:58 p.m.130 views

Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform

An analysis of off-the-shelf packages hosted on the NuGet repository has revealed 51 unique software components to be vulnerable to actively exploited, high-severity vulnerabilities, once again underscoring the threat posed by third-party dependencies to the software development process. In light...

10CVSS1.1AI score0.07489EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/07/07 12:53 p.m.30 views

[Whitepaper] XDR vs. NDR/NTA – What do Organizations Truly Need to Stay Safe?

Security teams whose organizations are outside the Fortune 500 are faced with a dilemma. Most teams will have to choose between deploying either a network traffic analysis NTA or network detection and response NDR tool or an endpoint detection and response EDR tool to supplement their existing...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/07 3:11 a.m.114 views

Microsoft Issues Emergency Patch for Critical Windows PrintNightmare Vulnerability

Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability — known as "PrintNightmare" — that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. Tracked as...

9.3CVSS2.9AI score0.99759EPSS
Exploits75
The Hacker News
The Hacker News
added 2021/07/06 8:13 a.m.70 views

Interpol Arrests Moroccan Hacker Engaged in Nefarious Cyber Activities

Law enforcement authorities with the Interpol have apprehended a threat actor responsible for targeting thousands of unwitting victims over several years and staging malware attacks on telecom companies, major banks, and multinational corporations in France as part of a global phishing and credit...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/06 7:3 a.m.187 views

Kaseya Rules Out Supply-Chain Attack; Says VSA 0-Day Hit Its Customers Directly

U.S. technology firm Kaseya, which is firefighting the largest ever supply-chain ransomware strike on its VSA on-premises product, ruled out the possibility that its codebase was unauthorizedly tampered with to distribute malware. While initial reports raised speculations that REvil, the ransomwa...

10CVSS0.6AI score0.85619EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/07/05 12:44 p.m.177 views

Getting Started with Security Testing: A Practical Guide for Startups

A common misconception among startup founders is that cybercriminals won't waste time on them, because they're not big or well known enough yet. But just because you are small doesn't mean you're not in the firing line. The size of a startup does not exempt it from cyber-attacks – that's because...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/05 9:48 a.m.56 views

TrickBot Botnet Found Deploying A New Ransomware Called Diavol

Threat actors behind the infamous TrickBot malware have been linked to a new ransomware strain named "Diavol," according to the latest research. Diavol and Conti ransomware payloads were deployed on different systems in a case of an unsuccessful attack targeting one of its customers earlier this...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/05 6:42 a.m.119 views

Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw

Microsoft is urging Azure users to update the PowerShell command-line tool as soon as possible to protect against a critical remote code execution vulnerability impacting .NET Core. The issue, tracked as CVE-2021-26701 CVSS score: 8.1, affects PowerShell versions 7.0 and 7.1 and have been...

9.8CVSS1.8AI score0.30315EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/07/05 5:22 a.m.1436 views

REvil Used 0-Day in Kaseya Ransomware Attack, Demands $70 Million Ransom

Amidst the massive supply-chain ransomware attack that triggered an infection chain compromising thousands of businesses on Friday, new details have emerged about how the notorious Russia-linked REvil cybercrime gang may have pulled off the unprecedented hack. The Dutch Institute for Vulnerabilit...

10CVSS0.5AI score0.85619EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/07/03 2:57 p.m.74 views

Android Apps with 5.8 million Installs Caught Stealing Users' Facebook Passwords

Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company's Play Store after the apps were caught furtively stealing users' Facebook login credentials. "The applications were fully functional, which was supposed to weaken the vigilance of potential...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/03 8:0 a.m.98 views

Kaseya Supply-Chain Attack Hits Nearly 40 Service Providers With REvil Ransomware

Threat actors behind the notorious REvil cybercrime operation appear to have pushed ransomware via an update for Kaseya's IT management software, hitting around 40 customers worldwide, in what's an instance of a widespread supply-chain ransomware attack. "Beginning around mid-day EST/US on Friday...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/03 7:37 a.m.81 views

Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF

Whether you are looking to turn into a full-time developer or simply increasing your earnings in your current niche, learning to code can be a smart move. It is a well-known fact that recruiters strive to recruit people with technical skills, and these skills are a great way to build your own...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/02 1:1 p.m.39 views

New Mirai-Inspired Botnet Could Be Using Your KGUARD DVRs in Cyber Attacks

Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called "miraiptea" that leverages an undisclosed vulnerability in digital video recorders DVR provided by KGUARD to propagate and carry out distributed denial-of-service DDoS attacks. Chinese security firm...

2.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/02 12:35 p.m.45 views

Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software

In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass, one of Mongolia's major certificate authorities, to backdoor its installer software with Cobalt Strike binaries. The trojanized client was available for download between February 8, 2021...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/02 9:44 a.m.43 views

New Google Scorecards Tool Scans Open-Source Software for More Security Risks

Google has launched an updated version of Scorecards, its automated security tool that produces a "risk score" for open source initiatives, with improved checks and capabilities to make the data generated by the utility accessible for analysis. "With so much software today relying on open-source...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/02 6:23 a.m.47338 views

NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency NSA, Cybersecurity and...

9CVSS1.1AI score0.99965EPSS
Exploits34
The Hacker News
The Hacker News
added 2021/07/02 5:36 a.m.279 views

Microsoft Warns of Critical "PrintNightmare" Flaw Being Exploited in the Wild

Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution RCE vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected...

9.3CVSS0.6AI score0.99759EPSS
Exploits75
The Hacker News
The Hacker News
added 2021/07/01 10:0 a.m.49 views

IndigoZebra APT Hacking Campaign Targets the Afghan Government

Cybersecurity researchers are warning of ongoing attacks coordinated by a suspected Chinese-speaking threat actor targeting the Afghanistan government as part of an espionage campaign that may have had its provenance as far back as 2014. Israeli cybersecurity firm Check Point Research attributed...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/01 9:58 a.m.178 views

Rethinking Application Security in the API-First Era

Securing applications it the API-first era can be an uphill battle. As development accelerates, accountability becomes unclear, and getting controls to operate becomes a challenge in itself. It's time that we rethink our application security strategies to reflect new priorities, principles and...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/01 9:34 a.m.46 views

Facebook Sues 4 Vietnamese for Hacking Accounts and $36 Million Ad Fraud

Facebook on Tuesday revealed it filed two separate legal actions against perpetrators who abused its ad platform to run deceptive advertisements in violation of the company's Terms and Advertising Policies. "In the first case, the defendants are a California marketing company and its agents...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/01 9:14 a.m.51 views

3 Steps to Strengthen Your Ransomware Defenses

The recent tsunami of ransomware has brought to life the fears of downtime and data loss cybersecurity pros have warned about, as attacks on the energy sector, food supply chain, healthcare industry, and other critical infrastructure have grabbed headlines. For the industry experts who track the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/01 6:5 a.m.43 views

Microsoft Discloses Critical Bugs Allowing Takeover of NETGEAR Routers

Cybersecurity researchers have detailed critical security vulnerabilities affecting NETGEAR DGN2200v1 series routers, which they say could be reliably abused as a jumping-off point to compromise a network's security and gain unfettered access. The three HTTPd authentication security weaknesses CV...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/01 5:23 a.m.60 views

Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012. Mihai Ionut Paunescu aka "Virus", the individual in question, was detained at the El Dorado airport in...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/30 12:56 p.m.36 views

[Webinar] How Cyber Attack Groups Are Spinning a Larger Ransomware Web

Organizations today already have an overwhelming number of dangers and threats to look out for, from spam to phishing attempts to new infiltration and ransomware tactics. There is no chance to rest, since attack groups are constantly looking for more effective means of infiltrating and infecting...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/30 12:56 p.m.33 views

Authorities Seize DoubleVPN Service Used by Cybercriminals

A coordinated international law enforcement operation resulted in the takedown of a VPN service called DoubleVPN for providing a safe haven for cybercriminals to cover their tracks. "On 29th of June 2021, law enforcement took down DoubleVPN," the agencies said in a seizure notice splashed on the...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/30 11:28 a.m.456 views

Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability

A proof-of-concept PoC exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. Identified as CVE-2021-1675, the security issue could grant remote attackers full contr...

9.3CVSS1.1AI score0.86132EPSS
Exploits80
Total number of security vulnerabilities20782