Lucene search
K

20793 matches found

The Hacker News
The Hacker News
added 2020/11/05 8:35 a.m.5 views

If You Don't Have A SASE Cloud Service, You Don't Have SASE At All

The Secure Access Service Edge or SASE has been a very hot buzzword in the past year. A term and category created by Gartner 2019, SASE states that the future of networking and security lies in the convergence of these categories into a single, cloud-based platform. The capabilities that SASE...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/03 11:49 a.m.29 views

New Kimsuky Module Makes North Korean Spyware More Powerful

A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT — dubbed "Kimsuky" aka Black Banshee or Thallium and believed to be...

Exploits0
The Hacker News
The Hacker News
added 2020/11/03 11:49 a.m.3 views

New Kimsuky Module Makes North Korean Spyware More Powerful

A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT — dubbed "Kimsuky" aka Black Banshee or Thallium and believed to be...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/03 9:33 a.m.149 views

New Chrome Zero-Day Under Active Attacks – Update Your Browser

Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming...

9.6CVSS0.9AI score0.5063EPSS
Exploits6
The Hacker News
The Hacker News
added 2020/11/03 9:33 a.m.3 views

New Chrome Zero-Day Under Active Attacks – Update Your Browser

Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming...

8.8CVSS7.8AI score0.48574EPSS
Exploits3
The Hacker News
The Hacker News
added 2020/11/02 12:41 p.m.3 views

How to Prevent Pwned and Reused Passwords in Your Active Directory

Many businesses are currently looking at how to bolster security across their organization as the pandemic and remote work situation continues to progress towards the end of the year. As organizations continue to implement security measures to protect business-critical data, there is an extremely...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/02 12:41 p.m.38 views

How to Prevent Pwned and Reused Passwords in Your Active Directory

Many businesses are currently looking at how to bolster security across their organization as the pandemic and remote work situation continues to progress towards the end of the year. As organizations continue to implement security measures to protect business-critical data, there is an extremely...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/02 12:8 p.m.75 views

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service

A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine. Called NAT Slipstreaming, the method involves sending the target a link to a malicious site or a legitimate site loaded with malicious ads...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/02 12:8 p.m.4 views

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service

A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine. Called NAT Slipstreaming, the method involves sending the target a link to a malicious site or a legitimate site loaded with malicious ads...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/11/02 9:43 a.m.368 views

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild

Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges EoP vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Window...

9.6CVSS8.3AI score0.5063EPSS
Exploits3
The Hacker News
The Hacker News
added 2020/11/02 9:43 a.m.7 views

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild

Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges EoP vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Window...

7.8CVSS7.7AI score0.05387EPSS
Exploits1
The Hacker News
The Hacker News
added 2020/10/30 10:22 a.m.228 views

Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the...

8.8CVSS0.86863EPSS
Exploits17
The Hacker News
The Hacker News
added 2020/10/30 10:22 a.m.4 views

Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers

Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/29 10:2 a.m.137 views

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems CMS. The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for...

9.8CVSS0.5AI score0.99999EPSS
Exploits19
The Hacker News
The Hacker News
added 2020/10/29 10:2 a.m.4 views

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems CMS. The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for...

9.8CVSS7.1AI score0.99999EPSS
Exploits19
The Hacker News
The Hacker News
added 2020/10/29 9:45 a.m.5 views

How to Run Google SERP API Without Constantly Changing Proxy Servers

You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while. After several...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/29 9:45 a.m.44 views

How to Run Google SERP API Without Constantly Changing Proxy Servers

You've probably run into a major problem when trying to scrape Google search results. Web scraping tools allow you to extract information from a web page. Companies and coders from across the world use them to download Google's SERP data. And they work well – for a little while. After several...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/29 5:57 a.m.100 views

FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems

The US Federal Bureau of Investigation FBI, Departments of Homeland Security, and Health and Human Services HHS issued a joint alert Wednesday warning of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting t...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/29 5:57 a.m.6 views

FBI, DHS Warn Of Possible Major Ransomware Attacks On Healthcare Systems

The US Federal Bureau of Investigation FBI, Departments of Homeland Security, and Health and Human Services HHS issued a joint alert Wednesday warning of an "imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting t...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/28 10:47 a.m.32 views

[Webinar and eBook]: Are You're Getting The Best Value From Your EDR Solution?

Many companies rely on Endpoint Detection and Response EDR solutions as their primary security tool to protect their organizations against cyber threats. EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecti...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/28 10:47 a.m.7 views

[Webinar and eBook]: Are You’re Getting The Best Value From Your EDR Solution?

Many companies rely on Endpoint Detection and Response EDR solutions as their primary security tool to protect their organizations against cyber threats. EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecti...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/28 8:12 a.m.3 views

TrickBot Linux Variants Active in the Wild Despite Recent Takedown

Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren't sitting idle. According to new findings shared by cybersecurity firm Netscout, TrickBot's authors have moved portions of their code to Linux in an attempt to...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/28 8:12 a.m.50 views

TrickBot Linux Variants Active in the Wild Despite Recent Takedown

Efforts to disrupt TrickBot may have shut down most of its critical infrastructure, but the operators behind the notorious malware aren't sitting idle. According to new findings shared by cybersecurity firm Netscout, TrickBot's authors have moved portions of their code to Linux in an attempt to...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/27 9:25 a.m.4 views

Google Removes 21 Malicious Android Apps from Play Store

Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads. The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps list here we...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/27 9:25 a.m.45 views

Google Removes 21 Malicious Android Apps from Play Store

Google has stepped in to remove several Android applications from the official Play Store following the disclosure that the apps in question were found to serve intrusive ads. The findings were reported by the Czech cybersecurity firm Avast on Monday, which said the 21 malicious apps list here we...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/26 12:31 p.m.3 views

Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/26 12:31 p.m.49 views

Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/23 10:50 a.m.6 views

New Framework Released to Protect Machine Learning Systems From Adversarial Attacks

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning ML systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/23 10:50 a.m.43 views

New Framework Released to Protect Machine Learning Systems From Adversarial Attacks

Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning ML systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/21 4:26 p.m.131 views

New Chrome 0-day Under Active Attacks – Update Your Browser Now

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security...

9.6CVSS7.7AI score0.5063EPSS
Exploits2
The Hacker News
The Hacker News
added 2020/10/21 4:26 p.m.5 views

New Chrome 0-day Under Active Attacks – Update Your Browser Now

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security...

9.6CVSS7.6AI score0.5063EPSS
Exploits2
The Hacker News
The Hacker News
added 2020/10/21 7:2 a.m.4 views

Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks

--- Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browser...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/21 7:2 a.m.41 views

Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks

--- Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browser...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/20 1:59 p.m.28 views

Windows GravityRAT Malware Now Also Targets macOS and Android Devices

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbe...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/20 1:59 p.m.4 views

Windows GravityRAT Malware Now Also Targets macOS and Android Devices

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbe...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/20 6:4 a.m.7 views

U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks

The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate GRU, ha...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/20 6:4 a.m.44 views

U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks

The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate GRU, ha...

Exploits0
The Hacker News
The Hacker News
added 2020/10/16 7:19 a.m.12 views

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the...

8.8CVSS7.9AI score0.07693EPSS
Exploits6
The Hacker News
The Hacker News
added 2020/10/16 7:19 a.m.99 views

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the...

8.8CVSS1.8AI score0.07693EPSS
Exploits6
The Hacker News
The Hacker News
added 2020/10/15 6:31 a.m.5 views

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/15 6:31 a.m.41 views

India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?

The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/14 5:55 p.m.45 views

Police Raided German Spyware Company FinFisher Offices

German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the Germ...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/14 5:55 p.m.3 views

Police Raided German Spyware Company FinFisher Offices

German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the Germ...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/14 12:38 p.m.33 views

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least sin...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/14 12:38 p.m.5 views

FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks

A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least sin...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/14 10:20 a.m.26 views

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions

Managed Security Services Providers MSSPs have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are...

Exploits0
The Hacker News
The Hacker News
added 2020/10/14 10:20 a.m.4 views

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions

Managed Security Services Providers MSSPs have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/14 10:10 a.m.179 views

Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution RCE flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked...

9.3CVSS9AI score0.33551EPSS
Exploits12
The Hacker News
The Hacker News
added 2020/10/14 10:10 a.m.5 views

Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs

Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution RCE flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked...

9.3CVSS7.9AI score0.33551EPSS
Exploits12
The Hacker News
The Hacker News
added 2020/10/13 7:10 a.m.59 views

Microsoft and Other Tech Companies Take Down TrickBot Botnet

Days after the US Government took steps to disrupt the notorious TrickBot botnet, a group of cybersecurity and tech companies has detailed a separate coordinated effort to take down the malware's back-end infrastructure. The joint collaboration, which involved Microsoft's Digital Crimes Unit,...

0.4AI score
Exploits0
Total number of security vulnerabilities20793