Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/12/10 3:57 p.m.14 views

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged

Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors...

9.8CVSS10AI score0.98529EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/12/10 2:13 p.m.13 views

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam

Cybersecurity researchers have shed light on a sophisticated mobile phishing aka mishing campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/10 11:50 a.m.8 views

The Future of Network Security: Automated Internal and External Pentesting

In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing pentesting, while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/10 11:19 a.m.6 views

Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands

Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data and funds. As part of the international operation, law enforcement agencies carried out 17 searches in...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/10 11:0 a.m.5 views

Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage

A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, cybersecurity companies...

9.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/10 10:1 a.m.5 views

Ongoing Phishing and Malware Campaigns in December 2024

Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats. Here's a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/10 9:12 a.m.7 views

CERT-UA Warns of Phishing Attacks Targeting Ukraine's Defense and Security Force

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 aka...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/09 5:44 p.m.7 views

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, whic...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/09 1:11 p.m.31 views

⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8)

This week's cyber world is like a big spy movie. Hackers are breaking into other hackers' setups, sneaky malware is hiding in popular software, and AI-powered scams are tricking even the smartest of us. On the other side, the good guys are busting secret online markets and kicking out shady chat...

7.1CVSS8.7AI score0.98067EPSS
Exploits23
The Hacker News
The Hacker News
added 2024/12/09 11:55 a.m.7 views

Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI

Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence AI chatbot that, if successfully exploited, could permit a bad actor to take control of a victim's account by means of a prompt injection attack. Security researcher Johann Rehberger, who has chronicled...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/09 11:0 a.m.7 views

Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions

Identity security is all the rage right now, and rightfully so. Securing identities that access an organization's resources is a sound security model. But IDs have their limits, and there are many use cases when a business should add other layers of security to a strong identity. And this is what...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/09 10:44 a.m.8 views

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices

A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight. "Proxy malware and services enable other types of criminal activity adding uncontrolled layers of anonymity to the threat actors, so they can perform all kinds of maliciou...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/07 10:54 a.m.6 views

Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions

In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence AI library named ultralytics were compromised to deliver a cryptocurrency miner. The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/07 10:54 a.m.7 views

Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar

Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to secure privileged accounts. Why? Traditional Privileged Access Management PAM solutions...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/07 8:18 a.m.5 views

Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data

Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies usi...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/07 7:25 a.m.7 views

Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok

In a historic decision, Romania's constitutional court has annulled the result of the first round of voting in the presidential election amid allegations of Russian interference. As a result, the second round vote, which was scheduled for December 8, 2024, will no longer take place. Călin...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/06 4:15 p.m.4 views

FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine

A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service FSB after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/06 11:28 a.m.13 views

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning ML tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22...

9.8CVSS7.2AI score0.01186EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/12/06 11:0 a.m.6 views

Conquering the Complexities of Modern BCDR

The modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities make data protection and seamless business continuity challenging for businesses of all sizes. Your organization needs robust security measures tha...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/06 8:22 a.m.6 views

More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader

The threat actors behind the Moreeggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service MaaS operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/06 7:3 a.m.12 views

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware

The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that's design...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 3:58 p.m.7 views

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan RAT called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 2:56 p.m.22 views

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

Cybersecurity researchers have released a proof-of-concept PoC exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability ...

9.8CVSS10AI score0.98067EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/12/05 2:55 p.m.7 views

Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers

Europol on Thursday announced the shutdown of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale. The operation, led by German authorities, has resulted in the seizure of more than 50 servers associated with the service and the arrest of two suspects. More...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 12:46 p.m.6 views

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Vulnerability Management VM has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 12:43 p.m.22 views

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs. "Earth Minotaur uses MOONSHINE to delive...

8.8CVSS7.6AI score0.78808EPSS
Exploits6
The Hacker News
The Hacker News
added 2024/12/05 11:0 a.m.5 views

Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers

A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According to Broadcom-owned Symantec, the first evidence of the malicious activity was detected on April 11, 2024 and continued until August. However, the company doesn't...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 7:30 a.m.4 views

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR aka HiddenFace and ANEL aka UPPERCUT, Trend Micro said ...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 5:47 a.m.5 views

NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions

The U.K. National Crime Agency NCA on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America. The effort, codenamed Operation...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/05 5:9 a.m.20 views

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

The U.S. Cybersecurity and Infrastructure Security Agency CISA added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of...

10CVSS10AI score0.94798EPSS
Exploits11
The Hacker News
The Hacker News
added 2024/12/04 5:23 p.m.11 views

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities

The Russia-linked advanced persistent threat APT group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control C2 servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, firs...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 12:20 p.m.5 views

Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown

Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 11:50 a.m.8 views

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that com...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 10:30 a.m.3 views

How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges

Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious and complex that employees post passwords on sticky notes under keyboards,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 9:48 a.m.6 views

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' private keys with an aim to drain their cryptocurrency wallets. The attack has been detected in...

8.3CVSS7.3AI score0.00431EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 6:7 a.m.10 views

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People's Republic of China PRC-affiliated threat actors targeting telecommunications providers. "Identified exploitations or compromises associated with these threa...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 5:34 a.m.22 views

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Veeam has released security updates to address a critical flaw impacting Service Provider Console VSPC that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted...

9.9CVSS10AI score0.20057EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/12/04 5:8 a.m.20 views

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

A critical security vulnerability has been disclosed in SailPoint's IdentityIQ identity and access management IAM software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905 , has a CVSS score of 10.0, indicating maximum severit...

10CVSS9.3AI score0.00954EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/04 4:48 a.m.5 views

Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses

Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. "The ongoing attack evades antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/03 12:51 p.m.12 views

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance ASA. The vulnerability, tracked as CVE-2014-2120 CVSS score: 4.3, concerns a case of insufficient input validation in ASA's WebVPN login page that...

6.1CVSS9AI score0.14029EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/03 10:17 a.m.20 views

NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network VPN clients that could be potentially exploited to gain remote code execution on Windows and macOS systems. "By targeting the implicit trust VPN clients place in servers,...

7.1CVSS9.7AI score0.01864EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/12/03 9:51 a.m.4 views

North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks

The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft. "Phishing emails were sent mainly through email services in Japan and Kore...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/03 5:23 a.m.8 views

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads

A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed Horns &Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/02 2:11 p.m.8 views

A Guide to Securing AI App Development: Join This Cybersecurity Webinar

Artificial Intelligence AI is no longer a far-off dream—it's here, changing the way we live. From ordering coffee to diagnosing diseases, it's everywhere. But while you're creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity—and a...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/02 2:1 p.m.31 views

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware. "SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide ran...

7.8CVSS8.2AI score0.99945EPSS
Exploits62
The Hacker News
The Hacker News
added 2024/12/02 11:14 a.m.24 views

THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)

Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's trying to break into a system somewhere every 39 seconds. And get this - while we're all worried about regular hackers, there are...

10CVSS10AI score0.91559EPSS
Exploits22
The Hacker News
The Hacker News
added 2024/12/02 9:46 a.m.7 views

8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. "These PUP potentially unwanted programs applications use social engineering tactics to...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/02 7:2 a.m.5 views

INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million

A global law enforcement operation has led to the arrest of more than 5,500 suspects involved in financial crimes and the seizure of more than $400 million in virtual assets and government-backed currencies. The coordinated exercise saw the participation of authorities from 40 countries,...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/30 7:14 a.m.5 views

Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested

A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/29 1:17 p.m.5 views

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023. The covert campaign undertaken by Social Design Agency SDA leverages videos...

7AI score
Exploits0
Total number of security vulnerabilities20926