Lucene search
K

20787 matches found

The Hacker News
The Hacker News
added 2021/04/23 2:43 p.m.154 views

New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It!

A new ransomware strain called "Qlocker" is targeting QNAP network attached storage NAS devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives. First reports of the infections emerged on April 20, with the adversaries behind the operations demanding a...

10CVSS1.8AI score0.78395EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/04/23 7:42 a.m.408 views

Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers

Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research. "Prometei exploits the recently disclosed Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate...

7.8CVSS0.7AI score0.99946EPSS
Exploits31
The Hacker News
The Hacker News
added 2021/04/23 5:51 a.m.129 views

Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion

The U.S. Cybersecurity and Infrastructure Security Agency CISA has disclosed details of a new advanced persistent threat APT that's leveraging the Supernova backdoor to compromise SolarWinds Orion installations after gaining access to the network through a connection to a Pulse Secure VPN device...

9.8CVSS1.6AI score0.9198EPSS
Exploits3
The Hacker News
The Hacker News
added 2021/04/22 1:18 p.m.250 views

Researchers Find Additional Infrastructure Used By SolarWinds Hackers

The sprawling SolarWinds cyberattack which came to light last December was known for its sophistication in the breadth of tactics used to infiltrate and persist in the target infrastructure, so much so that Microsoft went on to call the threat actor behind the campaign "skillful and methodic...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/22 12:32 p.m.50 views

Cost of Account Unlocks, and Password Resets Add Up

There are many labor-intensive tasks that the IT service desk carries out on a daily basis. None as tedious and costly as resetting passwords. Modern IT service desks spend a significant amount of time both unlocking and resetting passwords for end-users. This issue has been exacerbated by the...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/22 10:0 a.m.101 views

Cybercriminals Using Telegram Messenger to Control ToxicEye Malware

Adversaries are increasingly abusing Telegram as a "command-and-control" system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems. "Even when Telegram is not installed or being used, the system allows hackers to send malicious...

1.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/22 6:42 a.m.56 views

Facebook Busts Palestinian Hackers' Operation Spreading Mobile Spyware

Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. The social media giant attributed the attacks to a network connected to the Preventive Security...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/21 12:47 p.m.57 views

Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid

Prominent Apple supplier Quanta on Wednesday said it suffered a ransomware attack from the REvil ransomware group, which is now demanding the iPhone maker pay a ransom of $50 million to prevent leaking sensitive files on the dark web. In a post shared on its deep web "Happy Blog" portal, the thre...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/21 12:9 p.m.51 views

Improve Your Cyber Security Posture by Combining State of the Art Security Tools

Today there are plenty of cybersecurity tools on the market. It is now more important than ever that the tools you decide to use work well together. If they don't, you will not get the complete picture, and you won't be able to analyze the entire system from a holistic perspective. This means tha...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/21 8:20 a.m.415 views

Update Your Chrome Browser ASAP to Patch a Week Old Public Exploit

Google on Tuesday released an update for Chrome web browser for Windows, Mac, and Linux, with a total of seven security fixes, including one flaw for which it says an exploit exists in the wild. Tracked as CVE-2021-21224 , the flaw concerns a type confusion vulnerability in V8 open-source...

8.8CVSS8.8AI score0.70435EPSS
Exploits7
The Hacker News
The Hacker News
added 2021/04/21 5:7 a.m.156 views

3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances

SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security ES product that are being actively exploited in the wild. Tracked as CVE-2021-20021 and CVE-2021-20022, the flaws were discovered and reported to the company by FireEye's Mandiant subsidia...

9.8CVSS0.9AI score0.83425EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/04/21 4:20 a.m.2856 views

WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations

If Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability CVE-2021-22893 that is currently being exploited in the wild and for which there is no patch available yet. At least two threat...

10CVSS0.6AI score0.99999EPSS
Exploits35
The Hacker News
The Hacker News
added 2021/04/20 4:18 p.m.38 views

Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store

Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud. The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700,000...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/20 10:50 a.m.54 views

[eBook] Why Autonomous XDR Is Going to Replace NGAV/EDR

For most organizations today, endpoint protection is the primary security concern. This is not unreasonable – endpoints tend to be the weakest points in an environment – but it also misses the forest for the trees. As threat surfaces expand, security professionals are harder pressed to detect...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/20 10:41 a.m.37 views

120 Compromised Ad Servers Target Millions of Internet Users

An ongoing malvertising campaign tracked as "Tag Barnakle" has been behind the breach of more than 120 ad servers over the past year to sneakily inject code in an attempt to serve malicious advertisements that redirect users to rogue websites, thus exposing victims to scamware or malware. Unlike...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/20 5:33 a.m.65 views

Lazarus APT Hackers are now using BMP images to hide RAT malware

A spear-phishing attack operated by a North Korean threat actor targeting its southern counterpart has been found to conceal its malicious code within a bitmap .BMP image file to drop a remote access trojan RAT capable of stealing sensitive information. Attributing the attack to the Lazarus Group...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/19 11:20 a.m.36 views

Passwordless: More Mirage Than Reality

The concept of "passwordless" authentication has been gaining significant industry and media attention. And for a good reason. Our digital lives are demanding an ever-increasing number of online accounts and services, with security best practices dictating that each requires a strong, unique...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/19 10:21 a.m.79 views

Malware That Spreads Via Xcode Projects Now Targeting Apple's M1-based Macs

A Mac malware campaign targeting Xcode developers has been retooled to add support for Apple's new M1 chips and expand its features to steal confidential information from cryptocurrency apps. XCSSET came into the spotlight in August 2020 after it was found to spread via modified Xcode IDE project...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/17 9:44 a.m.125 views

SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

A high-level manager and systems administrator associated with the FIN7 threat actor has been sentenced to 10 years in prison, the U.S. Department of Justice announced Friday. Fedir Hladyr, a 35-year-old Ukrainian national, is said to have played a crucial role in a criminal scheme that compromis...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/17 9:13 a.m.79 views

What are the different roles within cybersecurity?

People talk about the cybersecurity job market like it's a monolith, but there are a number of different roles within cybersecurity, depending not only on your skill level and experience but on what you like to do. In fact, Cybercrime Magazine came up with a list of 50 cybersecurity job titles,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/16 8:38 a.m.77 views

Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service DoS attacks, data leaks, and remote code execution. All OpENer commits and...

9.8CVSS2AI score0.04519EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/04/15 4:55 p.m.179 views

US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack

The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with "high confidence" to government operatives working for Russia's Foreign Intelligence Service SVR. "Russia's pattern of malign behaviour around the world – whether in...

10CVSS0.4AI score0.99999EPSS
Exploits93
The Hacker News
The Hacker News
added 2021/04/15 11:9 a.m.153 views

1-Click Hack Found in Popular Desktop Apps — Check If You're Using Them

Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps lik...

10CVSS0.5AI score0.07408EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/04/15 10:25 a.m.58 views

Malware Variants: More Sophisticated, Prevalent and Evolving in 2021

A malicious program intended to cause havoc with IT systems—malware—is becoming more and more sophisticated every year. The year 2021 is no exception, as recent trends indicate that several new variants of malware are making their way into the world of cybersecurity. While smarter security...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/15 9:11 a.m.67 views

YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs

Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into visiting seemingly legitimate Google sites that install a Remote Access Trojan RAT capable of carrying out a wide range of attacks. The attack works by leveraging searches for business forms suc...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/14 2:43 p.m.147 views

New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely

Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information. The flaws take aim at devices running Android versions up to and...

7.5CVSS0.04765EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/04/14 2:16 p.m.38 views

New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks

Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer attack. Dubbed SMASH Synchronized MAny-Sided Hammering, the technique can be used to successfully trigger the attack from JavaScript on modern DDR4 RAM...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/14 7:37 a.m.43 views

Simplify, then Add Lightness – Consolidating the Technology to Better Defend Ourselves

One of the biggest consequences of the rapidly evolving cybersecurity threat landscape is that defenses must constantly build bigger systems to defend themselves. This leads to both more complex systems and often less communication between them. More importantly, it can lead companies to invest i...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/14 5:48 a.m.127 views

Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits

Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation. One of the two flaws...

8.8CVSS0.7AI score0.70435EPSS
Exploits7
The Hacker News
The Hacker News
added 2021/04/14 4:58 a.m.139 views

NSA Discovers New Vulnerabilities Affecting Microsoft Exchange Servers

In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server. Of the 114 flaws, 19 are rated as Critical, 88 are rated Important, and one is rated Moderate in severity...

10CVSS0.7AI score0.78376EPSS
Exploits25
The Hacker News
The Hacker News
added 2021/04/13 12:24 p.m.239 views

New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices

Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. Dubbed "NAME:WRECK" by Forescout and JSOF, the flaws are the latest ...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/13 11:51 a.m.58 views

Hackers Using Website's Contact Forms to Deliver IcedID Malware

Microsoft has warned organizations of a "unique" attack campaign that abuses contact forms published on websites to deliver malicious links to businesses via emails containing fake legal threats, in what's yet another instance of adversaries abusing legitimate infrastructure to mount evasive...

1.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/13 11:1 a.m.238 views

Detecting the "Next" SolarWinds-Style Cyber Attack

The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim. Because of the far-reaching SolarWinds deployments, t...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/13 6:52 a.m.38 views

BRATA Malware Poses as Android Security Scanners on Google Play Store

A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. "These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/13 6:3 a.m.150 views

RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers

An Indian security researcher has publicly published a proof-of-concept PoC exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave. Released by Rajvardhan Agarwal, the working exploit concerns a remote code executio...

Exploits0
The Hacker News
The Hacker News
added 2021/04/12 3:52 p.m.52 views

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users' Data

Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. The leaked information includes names, email addresses, dat...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/12 12:22 p.m.55 views

What Does It Take To Be a Cybersecurity Researcher?

Behind the strategies and solutions needed to counter today's cyber threats are—dedicated cybersecurity researchers. They spend their lives dissecting code and analyzing incident reports to discover how to stop the bad guys. But what drives these specialists? To understand the motivations for why...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/12 7:51 a.m.61 views

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

The 2021 spring edition of Pwn2Own hacking contest concluded last week on April 8 with a three-way tie between Team Devcore, OV, and Computest researchers Daan Keuper and Thijs Alkemade. A total of $1.2 million was awarded for 16 high-profile exploits over the course of the three-day virtual even...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/10 6:50 a.m.107 views

Hackers Tampered With APKPure Store to Distribute Malware Apps

APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat actors to distribute Trojans to Android devices. In a supply-chain attack similar to that of German telecommunications equipment manufacturer Gigaset, the...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/09 2:59 p.m.50 views

Alert — There's A New Malware Out There Snatching Users' Passwords

A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads. Dubbed "Saint Bot," the malware is said to have first appeared on the scene in January 2021, with indications that it's under active developmen...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/09 2:37 p.m.244 views

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

For organizations that deal with the defense infrastructure – cybersecurity is more than just a buzzword. Recently the US Department of Defense DoD created a new certification process – the Cybersecurity Maturity Model Certificate CMMC – to ensure that all its vendors and contractors follow...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/09 9:22 a.m.101 views

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers

Networking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices. The bug, tracked as CVE-2021-1459, is rated with a CVSS score of 9.8 out of 10, and affects RV110W...

10CVSS2.7AI score0.03023EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/04/09 7:45 a.m.72 views

Gigaset Android Update Server Hacked to Install Malware on Users' Devices

Gigaset has revealed a malware infection discovered in its Android devices was the result of a compromise of a server belonging to an external update service provider. Impacting older smartphone models — GS100, GS160, GS170, GS180, GS270 plus, and GS370 plus series — the malware took the form of...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/09 7:45 a.m.5 views

Gigaset Android Update Server Hacked to Install Malware on Users' Devices

Gigaset has revealed a malware infection discovered in its Android devices was the result of a compromise of a server belonging to an external update service provider. Impacting older smartphone models — GS100, GS160, GS170, GS180, GS270 plus, and GS370 plus series — the malware took the form of...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/08 1:37 p.m.2 views

Researchers uncover a new Iranian malware used in recent cyberattacks

An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/08 1:37 p.m.62 views

Researchers uncover a new Iranian malware used in recent cyberattacks

An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/08 1:12 p.m.6 views

Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets

Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware called "Cring" inside corporate networks. At least one of the hacking incidents led to the temporary shutdown of a production site, said...

9.8CVSS7.7AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2021/04/08 1:12 p.m.497 views

Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets

Unpatched Fortinet VPN devices are being targeted in a series of attacks against industrial enterprises in Europe to deploy a new strain of ransomware called "Cring" inside corporate networks. At least one of the hacking incidents led to the temporary shutdown of a production site, said...

9.8CVSS1.1AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2021/04/08 12:40 p.m.46 views

NIST and HIPAA: Is There a Password Connection?

When dealing with user data, it's essential that we design our password policies around compliance. These policies are defined both internally and externally. While companies uphold their own password standards, outside forces like HIPAA and NIST have a heavy influence. Impacts are defined by...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/08 12:40 p.m.5 views

NIST and HIPAA: Is There a Password Connection?

When dealing with user data, it's essential that we design our password policies around compliance. These policies are defined both internally and externally. While companies uphold their own password standards, outside forces like HIPAA and NIST have a heavy influence. Impacts are defined by...

5.6AI score
Exploits0
Total number of security vulnerabilities20787