Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/12/19 9:26 a.m.8 views

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

The Dutch Data Protection Authority DPA on Wednesday fined video on-demand streaming service Netflix €4.75 million $4.93 million for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found that the tech giant d...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/19 8:40 a.m.7 views

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

The Computer Emergency Response Team of Ukraine CERT-UA has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 2:10 p.m.6 views

HubPhish Abuses HubSpot Tools to Target 20,000 European Users for Credential Theft

Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims' Microsoft Azure cloud infrastructure. The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to t...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 1:36 p.m.19 views

Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected

Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities...

9.5CVSS10AI score0.80819EPSS
Exploits29
The Hacker News
The Hacker News
added 2024/12/18 11:55 a.m.8 views

Not Your Old ActiveState: Introducing our End-to-End OS Platform

Having been at ActiveState for nearly eight years, I've seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code. ActiveState has been helping enterprises manage open source fo...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 11:15 a.m.10 views

APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol RDP configuration files. The activity, which has targeted governments and armed forces, think tanks, academic...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 10:30 a.m.12 views

ONLY Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Evaluation

Across small-to-medium enterprises SMEs and managed service providers MSPs, the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data breaches, it's vital to understand the current cybersecurity vendor landscape and...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 9:15 a.m.15 views

BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products

BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access PRA and Remote Support RS products that could potentially lead to the execution of arbitrary commands. Privileged Remote Access controls, manages, and audits privileged accounts and credentials, offering zer...

9.8CVSS9.9AI score0.87991EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/12/18 9:10 a.m.7 views

INTERPOL Pushes for "Romance Baiting" to Replace "Pig Butchering" in Scam Discourse

INTERPOL is calling for a linguistic shift that aims to put to an end to the term "pig butchering," instead advocating for the use of "romance baiting" to refer to online scams where victims are duped into investing in bogus cryptocurrency schemes under the pretext of a romantic relationship. "Th...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/18 5:43 a.m.3 views

Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts

Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million around $263 million for a 2018 data breach that impacted millions of users in the bloc, in what's the latest financial hit the company has taken for flouting stringent privacy laws. The...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 4:35 p.m.4 views

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 2:11 p.m.7 views

Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUXCONSOLE , said it likely starts with a phishing email link or...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 12:5 p.m.4 views

Even Great Companies Get Breached — Find Out Why and How to Stop It

Even the best companies with the most advanced tools can still get hacked. It's a frustrating reality: you've invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen. So, what's going wrong? The truth is, that attackers are constantly finding...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 11:7 a.m.8 views

Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT. "The attack chain used alternate data streams in a RAR archive to deliver a shortcut LNK file that...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 10:52 a.m.5 views

5 Practical Techniques for Effective Cyber Threat Hunting

Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless arrays of data and...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 9:3 a.m.8 views

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection

Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. "Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks," Morphisec researcher Nadav Lorber...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 6:55 a.m.11 views

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal

A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. "The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007," Kaspersky...

9.3CVSS6.9AI score0.05521EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/12/17 5:47 a.m.28 views

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added two security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of flaws is below - CVE-2024-20767 CVSS score: 7.4 - Adobe ColdFusion contains an...

7.8CVSS8AI score0.99998EPSS
Exploits83
The Hacker News
The Hacker News
added 2024/12/16 2:22 p.m.4 views

DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages

Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. "Entirely reliant on a single ad...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/16 12:45 p.m.17 views

NoviSpy Spyware Installed on Journalist's Phone After Unlocking It With Cellebrite Tool

A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy , according to a new report published by Amnesty International. "NoviSpy allows for capturing sensitive personal data from a target's phone...

7.8CVSS7.4AI score0.00674EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/16 12:11 p.m.33 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips

This past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there's a lot that might have flown under your radar. Attackers are adapting old tricks, uncovering...

9.5CVSS9.5AI score0.99654EPSS
Exploits66
The Hacker News
The Hacker News
added 2024/12/16 11:0 a.m.7 views

Data Governance in DevOps: Ensuring Compliance in the AI Era

With the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and compliance. As we enter the age of artificial intelligence AI, the importance of robust pipeline governance has only intensified. With that said, we'll...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/16 10:17 a.m.8 views

New Investment Scam Leverages AI, Social Media Ads to Target Victims Worldwide

Cybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence AI powered video testimonials featuring famous personalities, ultimately leading to financial and data los...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/16 9:9 a.m.6 views

New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP

Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/16 6:44 a.m.8 views

Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes

The Security Service of Ukraine SBU or SSU has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service FSB that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games." Law enforcement officials said that it detain...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/14 11:33 a.m.6 views

Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action

Germany's Federal Office of Information Security BSI has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/14 10:16 a.m.20 views

Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques

Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. "The target of the threat actors were Thailand officials based on the nature of the lures," Nikhil Hegde, senior...

7.8CVSS8.7AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2024/12/13 8:0 p.m.8 views

390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits

A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system CMS is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/13 4:48 p.m.11 views

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

A security flaw has been disclosed in OpenWrt's Attended Sysupgrade ASU feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical...

9.3CVSS9.9AI score0.01867EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/13 3:51 p.m.5 views

DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years

The U.S. Department of Justice DoJ has indicted 14 nationals belonging to the Democratic People's Republic of Korea DPRK or North Korea for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft by illegally seeking...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/13 11:44 a.m.5 views

Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

Iran-affiliated threat actors have been linked to a new custom malware that's geared toward IoT and operational technology OT environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/13 11:30 a.m.5 views

How to Generate a CrowdStrike RFM Report With AI in Tines

Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform. Their bi-annual "You Did What...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/13 9:11 a.m.7 views

New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection

Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. "PUMAKIT is a sophisticated loadable kernel module LKM rootkit...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/13 6:6 a.m.6 views

FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized

The U.S. Department of Justice DoJ on Thursday announced the shutdown of an illicit marketplace called Rydox "rydox.ru" and "rydox.cc" for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud. In tandem, three Kosovo nationals and administrators...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/12 2:24 p.m.4 views

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service DoS as well as remote code execution RCE attacks. "Prometheus servers or exporters, often lacking proper...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/12 1:35 p.m.4 views

Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States

The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome , marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/12 12:35 p.m.28 views

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control TCC framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 CVSS score:...

7.8CVSS9.1AI score0.01155EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/12/12 11:30 a.m.6 views

SaaS Budget Planning Guide for IT Professionals

SaaS services are one of the biggest drivers of OpEx operating expenses for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it's no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/12 9:18 a.m.21 views

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks. The flaw, tracked as CVE-2024-11972 CVSS score: 9.8, affects all versions of the plugin prior to 1.9.0. The...

10CVSS9.6AI score0.54754EPSS
Exploits11
The Hacker News
The Hacker News
added 2024/12/12 6:15 a.m.7 views

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service DDoS attacks and took them offline as part of a multi-year international exercise called PowerOFF. The effort, coordinated by Europol and involving 15 countries, dismantled...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 6:2 p.m.12 views

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 3:13 p.m.8 views

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

A newly devised technique leverages a Windows accessibility framework called UI Automation UIA to perform a wide range of malicious activities without tipping off endpoint detection and response EDR solutions. "To exploit this technique, a user must be convinced to run a program that uses UI...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 2:32 p.m.4 views

Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication MFA implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account. "The bypass was simple: it took around an hour ...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 2:7 p.m.8 views

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System DNS tunnel for command-and-control C2 communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. "Zloader 2.9.4.0 adds notable...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 11:2 a.m.41 views

What is Nudge Security and How Does it Work?

Regain control of SaaS sprawl with Day One discovery of all SaaS and GenAI accounts along with workflows to help you mitigate security risks, curb rogue app usage, and manage SaaS spend. In today's highly distributed workplace, every employee has the ability to act as their own CIO, adopting new...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 11:2 a.m.7 views

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

Cybersecurity researchers have discovered a novel surveillance program that's suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices. The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 11:0 a.m.7 views

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/11 7:16 a.m.20 views

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability

Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity...

9.8CVSS9.9AI score0.70906EPSS
Exploits21
The Hacker News
The Hacker News
added 2024/12/11 6:29 a.m.29 views

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng aka gbigmao and gxiaomao, who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been...

9.8CVSS10AI score0.99796EPSS
Exploits15
The Hacker News
The Hacker News
added 2024/12/11 2:59 a.m.15 views

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application CSA and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 CVSS score: 10.0 - An authentication...

10CVSS10AI score0.23598EPSS
Exploits0
Total number of security vulnerabilities20926