Lucene search
K

20793 matches found

The Hacker News
The Hacker News
added 2020/12/16 2:26 p.m.36 views

Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy

Cybercriminals are increasingly outsourcing the task of deploying ransomware to affiliates using commodity malware and attack tools, according to new research. In a new analysis published by Sophos today and shared with The Hacker News, recent deployments of Ryuk and Egregor ransomware have...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 2:26 p.m.4 views

Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy

Cybercriminals are increasingly outsourcing the task of deploying ransomware to affiliates using commodity malware and attack tools, according to new research. In a new analysis published by Sophos today and shared with The Hacker News, recent deployments of Ryuk and Egregor ransomware have...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 2:0 p.m.37 views

New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data

As 5G networks are being gradually rolled out in major cities across the world, an analysis of its network architecture has revealed a number of potential weaknesses that could be exploited to carry out a slew of cyber assaults, including denial-of-service DoS attacks to deprive subscribers of...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 2:0 p.m.6 views

New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data

As 5G networks are being gradually rolled out in major cities across the world, an analysis of its network architecture has revealed a number of potential weaknesses that could be exploited to carry out a slew of cyber assaults, including denial-of-service DoS attacks to deprive subscribers of...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 1:41 p.m.35 views

What is Geocoding? — How to Find Coordinates of An Address

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet,...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 1:41 p.m.3 views

What is Geocoding? — How to Find Coordinates of An Address

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet,...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 6:47 a.m.4 views

SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack

Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 6:47 a.m.105 views

SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack

Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/16 6:8 a.m.42 views

SolarWinds Issues Second Hotfix for Orion Platform Supply Chain Attack

Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its advisory...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/15 11:18 a.m.5 views

Wormable Gitpaste-12 Botnet Returns to Target Linux Servers, IoT Devices

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a...

10CVSS7.9AI score0.79673EPSS
Exploits2
The Hacker News
The Hacker News
added 2020/12/15 11:18 a.m.204 views

Wormable Gitpaste-12 Botnet Returns to Target Linux Servers, IoT Devices

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a...

10CVSS0.7AI score0.99999EPSS
Exploits81
The Hacker News
The Hacker News
added 2020/12/15 9:51 a.m.34 views

Nearly 18,000 SolarWinds Customers Installed Backdoored Software

SolarWinds, the enterprise monitoring software provider which found itself at the epicenter of the most consequential supply chain attacks, said as many as 18,000 of its high-profile customers might have installed a tainted version of its Orion products. The acknowledgment comes as part of a new...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/15 9:51 a.m.4 views

Nearly 18,000 SolarWinds Customers Installed Backdoored Software

SolarWinds, the enterprise monitoring software provider which found itself at the epicenter of the most consequential supply chain attacks, said as many as 18,000 of its high-profile customers might have installed a tainted version of its Orion products. The acknowledgment comes as part of a new...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/15 7:42 a.m.5 views

Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed "AIR-FI," the attack hing...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/15 7:42 a.m.134 views

Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed "AIR-FI," the attack hing...

2.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/14 1:29 p.m.97 views

SoReL-20M: A Huge Dataset of 20 Million Malware Samples Released Online

Cybersecurity firms Sophos and ReversingLabs on Monday jointly released the first-ever production-scale malware research dataset to be made available to the general public that aims to build effective defenses and drive industry-wide improvements in security detection and response. "SoReL-20M"...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/14 1:29 p.m.4 views

SoReL-20M: A Huge Dataset of 20 Million Malware Samples Released Online

Cybersecurity firms Sophos and ReversingLabs on Monday jointly released the first-ever production-scale malware research dataset to be made available to the general public that aims to build effective defenses and drive industry-wide improvements in security detection and response. "SoReL-20M"...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/14 5:44 a.m.367 views

US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor

State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration NTIA, and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The...

10CVSS9AI score0.99999EPSS
Exploits223
The Hacker News
The Hacker News
added 2020/12/14 5:44 a.m.3 views

US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor

State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration NTIA, and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 5:25 p.m.3 views

Mount Locker Ransomware Offering Double Extortion Scheme to Other Hackers

A relatively new ransomware strain behind a series of breaches on corporate networks has developed new capabilities that allow it to broaden the scope of its targeting and evade security software—as well as with ability for its affiliates to launch double extortion attacks. The MountLocker...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 5:25 p.m.25 views

Mount Locker Ransomware Offering Double Extortion Scheme to Other Hackers

A relatively new ransomware strain behind a series of breaches on corporate networks has developed new capabilities that allow it to broaden the scope of its targeting and evade security software—as well as with ability for its affiliates to launch double extortion attacks. The MountLocker...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 11:48 a.m.6 views

Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers

Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising. "Adrozek," as it's called by the Microsoft 365 Defender Research Team, employs an "expansive, dynam...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 11:48 a.m.131 views

Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers

Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising. "Adrozek," as it's called by the Microsoft 365 Defender Research Team, employs an "expansive, dynam...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 11:29 a.m.28 views

Governance Considerations for Democratizing Your Organization's Data in 2021

With the continuing rise of IoT devices, mobile networks, and digital channels, companies face a lot of pressure to generate meaningful and actionable insights from the wealth of data they capture. Gartner Research lists data democratization as one of the top strategic technology trends to watch...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 11:29 a.m.6 views

Governance Considerations for Democratizing Your Organization's Data in 2021

With the continuing rise of IoT devices, mobile networks, and digital channels, companies face a lot of pressure to generate meaningful and actionable insights from the wealth of data they capture. Gartner Research lists data democratization as one of the top strategic technology trends to watch...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 7:42 a.m.43 views

Facebook Tracks APT32 OceanLotus Hackers to IT Company in Vietnam

Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware. Tracked as APT32 or Bismuth, OceanLotus, and Cobalt Kitt...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/11 7:42 a.m.3 views

Facebook Tracks APT32 OceanLotus Hackers to IT Company in Vietnam

Cybersecurity researchers from Facebook today formally linked the activities of a Vietnamese threat actor to an IT company in the country after the group was caught abusing its platform to hack into people's accounts and distribute malware. Tracked as APT32 or Bismuth, OceanLotus, and Cobalt Kitt...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/10 4:2 p.m.78 views

Cisco Reissues Patches for Critical Bugs in Jabber Video Conferencing Software

Cisco has once again fixed four previously disclosed critical bugs in its Jabber video conferencing and messaging app that were inadequately addressed, leaving its users susceptible to remote attacks. The vulnerabilities, if successfully exploited, could allow an authenticated, remote attacker to...

9.9CVSS0.2AI score0.61862EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/10 4:2 p.m.4 views

Cisco Reissues Patches for Critical Bugs in Jabber Video Conferencing Software

Cisco has once again fixed four previously disclosed critical bugs in its Jabber video conferencing and messaging app that were inadequately addressed, leaving its users susceptible to remote attacks. The vulnerabilities, if successfully exploited, could allow an authenticated, remote attacker to...

9.9CVSS8.3AI score0.02496EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/10 11:0 a.m.5 views

Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games

Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even...

10CVSS7.7AI score0.05753EPSS
Exploits2
The Hacker News
The Hacker News
added 2020/12/10 11:0 a.m.77 views

Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games

Critical flaws in a core networking library powering Valve's online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers. "An attacker could remotely crash an opponent's game client to force a win or even...

10CVSS0.05753EPSS
Exploits2
The Hacker News
The Hacker News
added 2020/12/10 7:17 a.m.75 views

AWS, Cisco, and CompTIA Exam Prep — Get 22 Courses for $4.50 Each

You don't need a college degree to get a well-paid job in IT. But technical recruiters do expect to see key certifications on your résumé. If you would like to improve your chances of getting hired, "The 2021 All-In-One AWS, Cisco & CompTIA Super Certification Bundle" is worth your attention. Thi...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/10 7:17 a.m.3 views

AWS, Cisco, and CompTIA Exam Prep — Get 22 Courses for $4.50 Each

You don't need a college degree to get a well-paid job in IT. But technical recruiters do expect to see key certifications on your résumé. If you would like to improve your chances of getting hired, "The 2021 All-In-One AWS, Cisco& CompTIA Super Certification Bundle" is worth your attention. This...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/10 7:16 a.m.3 views

48 U.S. States and FTC are suing Facebook for illegal monopolization

The US Federal Trade Commission and a coalition of 48 state attorneys general on Wednesday filed a pair of sweeping antitrust suits against Facebook, alleging that the company abused its power in the marketplace to neutralize competitors through its acquisitions of Instagram and WhatsApp and...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/10 7:16 a.m.35 views

48 U.S. States and FTC are suing Facebook for illegal monopolization

The US Federal Trade Commission and a coalition of 48 state attorneys general on Wednesday filed a pair of sweeping antitrust suits against Facebook, alleging that the company abused its power in the marketplace to neutralize competitors through its acquisitions of Instagram and WhatsApp and...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 3:5 p.m.91 views

Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware

A Russian threat actor known for its malware campaigns has reappeared in the threat landscape with yet another attack leveraging COVID-19 as phishing lures, once again indicating how adversaries are adept at repurposing the current world events to their advantage. Linking the operation to a...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 3:5 p.m.4 views

Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware

A Russian threat actor known for its malware campaigns has reappeared in the threat landscape with yet another attack leveraging COVID-19 as phishing lures, once again indicating how adversaries are adept at repurposing the current world events to their advantage. Linking the operation to a...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 9:50 a.m.6 views

Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices

Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an attacker to take control of a vulnerable system...

9.8CVSS8.3AI score0.58695EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 9:50 a.m.193 views

Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices

Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an attacker to take control of a vulnerable system...

9.8CVSS2AI score0.58695EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 9:9 a.m.36 views

Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen

FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. The company said it's...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 9:9 a.m.4 views

Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen

FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. The company said it's...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/09 4:57 a.m.206 views

Microsoft Releases Windows Update (Dec 2020) to Fix 58 Security Flaws

Microsoft on Tuesday released fixes for 58 newly discovered security flaws spanning as many as 11 products and services as part of its final Patch Tuesday of 2020, effectively bringing their CVE total to 1,250 for the year. Of these 58 patches, nine are rated as Critical, 46 are rated as Importan...

10CVSS1AI score0.8979EPSS
Exploits4
The Hacker News
The Hacker News
added 2020/12/09 4:57 a.m.8 views

Microsoft Releases Windows Update (Dec 2020) to Fix 58 Security Flaws

Microsoft on Tuesday released fixes for 58 newly discovered security flaws spanning as many as 11 products and services as part of its final Patch Tuesday of 2020, effectively bringing their CVE total to 1,250 for the year. Of these 58 patches, nine are rated as Critical, 46 are rated as Importan...

10CVSS7.9AI score0.8979EPSS
Exploits4
The Hacker News
The Hacker News
added 2020/12/08 1:59 p.m.4 views

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, leaving millions of home and business networks open to cyberattacks—even if they are secured with a strong password. Discovered by researchers at Digital Defense, the three securi...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 1:59 p.m.31 views

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, leaving millions of home and business networks open to cyberattacks—even if they are secured with a strong password. Discovered by researchers at Digital Defense, the three securi...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 11:11 a.m.36 views

Download: How XDR Platforms Are Changing The Game For Ransomware Protection

There seems to be a new ransomware story every day - a new ransomware attack, a new ransomware technique, criminals not providing encryption keys after receiving ransom payments, private data being publicly released by ransomware attackers—it never ends. Just last month, the FBI, the Department o...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 11:11 a.m.7 views

Download: How XDR Platforms Are Changing The Game For Ransomware Protection

There seems to be a new ransomware story every day - a new ransomware attack, a new ransomware technique, criminals not providing encryption keys after receiving ransom payments, private data being publicly released by ransomware attackers—it never ends. Just last month, the FBI, the Department o...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 6:31 a.m.6 views

Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams

A zero-click remote code execution RCE bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system. The issues were reported to the Windows maker by Oskars Vegeris, a security...

7.8CVSS8.1AI score0.01831EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 6:31 a.m.75 views

Zero-Click Wormable RCE Vulnerability Reported in Microsoft Teams

A zero-click remote code execution RCE bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system. The issues were reported to the Windows maker by Oskars Vegeris, a security...

7.8CVSS2.5AI score0.01831EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 5:44 a.m.6 views

NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

The US National Security Agency NSA on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data. Specifics regarding the identities of the threat actor exploiting the VMwar...

9.1CVSS7.6AI score0.23771EPSS
Exploits0
Total number of security vulnerabilities20793