Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/10/29 11:0 a.m.18 views

A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: "When you have eliminated the impossible, whatever remains, however improbable, must be the truth." Rather tha...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/29 10:59 a.m.13 views

Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Dutch National Police, along with international partners, have announced the disruption of the infrastructure powering two information stealers tracked as RedLine and MetaStealer. The takedown, which took place on October 28, 2024, is the result of an international law enforcement task force...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/29 7:36 a.m.14 views

U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The U.S. government USG has issued new guidance governing the use of the Traffic Light Protocol TLP to handle threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/29 5:53 a.m.42 views

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh...

5.6CVSS7.4AI score0.74041EPSS
Exploits9
The Hacker News
The Hacker News
added 2024/10/28 5:26 p.m.23 views

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/28 3:44 p.m.79 views

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27)

Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head...

9.9CVSS7.9AI score0.94761EPSS
Exploits11
The Hacker News
The Hacker News
added 2024/10/28 2:2 p.m.21 views

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group TAG and Mandiant are tracking the activity under the name UNC581...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/28 1:51 p.m.13 views

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/28 11:10 a.m.41 views

Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials

Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. "The campaigns target sensitive information from different crypto...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/28 11:0 a.m.18 views

Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

Operational Technology OT security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/28 5:29 a.m.35 views

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement DSE on fully patched Windows systems, leading to operating system OS downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize...

7.3CVSS7.9AI score0.01678EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/26 9:6 a.m.34 views

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. "The group is currently targeting exposed Docker daemons to deploy Sliver...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/26 8:34 a.m.17 views

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported th...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/26 4:6 a.m.19 views

CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities

The Computer Emergency Response Team of Ukraine CERT-UA has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. "The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/25 1:41 p.m.32 views

Researchers Discover Command Injection Flaw in Wi-Fi Alliance's Test Suite

A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center CERT/CC said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers. The...

9.9AI score0.02548EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/10/25 12:25 p.m.22 views

Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security

Apple has publicly made available its Private Cloud Compute PCC Virtual Research Environment VRE, allowing the research community to inspect and verify the privacy and security guarantees of its offering. PCC, which Apple unveiled earlier this June, has been marketed as the "most advanced securit...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/25 11:0 a.m.15 views

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

Artificial Intelligence AI has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they're happening across industries and outpacing traditional defense mechanisms. The solution, however, is not...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/25 9:36 a.m.10 views

SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures

The U.S. Securities and Exchange Commission SEC has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/25 5:49 a.m.15 views

Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations

The Irish data protection watchdog on Thursday fined LinkedIn €310 million $335 million for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. "The inquiry examined LinkedIn's processing of personal data for the purposes of behavioral...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/24 4:38 p.m.21 views

New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics

Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. "Notably, Qilin.B now supports AES-256-CTR encryption f...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/24 1:0 p.m.21 views

AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks

Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services AWS Cloud Development Kit CDK that could have resulted in an account takeover under specific circumstances. "The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/24 12:41 p.m.77 views

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack

Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance ASA that could lead to a denial-of-service DoS condition. The vulnerability, tracked as CVE-2024-20481 CVSS score: 5.8, affects the Remote Access VPN RAVPN service of...

9.9CVSS8.7AI score0.15953EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/24 11:0 a.m.25 views

Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA

Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency CISA, in coordination with the FBI, issues a...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/24 9:53 a.m.62 views

Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices

The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it made the discovery after it came across a novel attack chain in May 20...

9.6CVSS9.2AI score0.15111EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/10/24 6:23 a.m.43 views

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 CVSS score: 9.8, the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager FGFM protocol. "A missing...

9.8CVSS10AI score0.94761EPSS
Exploits7
The Hacker News
The Hacker News
added 2024/10/23 5:33 p.m.15 views

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. "Only part of this ga...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/23 1:3 p.m.18 views

Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large

Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/23 12:54 p.m.44 views

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 CVSS score: 7.2,...

8.1CVSS8.3AI score0.47826EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/10/23 9:54 a.m.22 views

Researchers Reveal 'Deceptive Delight' Method to Jailbreak AI Models

Cybersecurity researchers have shed light on a new adversarial technique that could be used to jailbreak large language models LLMs during the course of an interactive conversation by sneaking in an undesirable instruction between benign ones. The approach has been codenamed Deceptive Delight by...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/23 9:34 a.m.23 views

Think You're Secure? 49% of Enterprises Underestimate SaaS Risks

It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it's no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security with...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/23 9:30 a.m.43 views

Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks

Threat actors have been observed abusing Amazon S3 Simple Storage Service Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. "Attempts were made to disguise the Golang ransomware as the notorious LockBi...

9.8CVSS8.3AI score0.97591EPSS
Exploits11
The Hacker News
The Hacker News
added 2024/10/22 5:6 p.m.15 views

Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans

Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT aka DCRat and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 2:12 p.m.24 views

Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers

Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...

8.8CVSS7.4AI score0.11871EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 2:0 p.m.13 views

Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks

Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 11:0 a.m.17 views

A Comprehensive Guide to Finding Service Accounts in Active Directory

Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 10:0 a.m.24 views

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies

Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 9:33 a.m.48 views

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell SSH protocol. The packages attempt to "gain SSH access to the victim's machine by...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 7:3 a.m.44 views

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 CVSS score: 9.8, concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC...

9.8CVSS9.7AI score0.54143EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/22 4:47 a.m.54 views

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 CV...

9.8CVSS9.7AI score0.61725EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/10/21 1:8 p.m.22 views

Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain

The prolific Chinese nation-state actor known as APT41 aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry. "Over a period of at least six months, the attackers stealthily gathered valuable informati...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/21 11:25 a.m.22 views

Guide:  The Ultimate Pentest Checklist for Full-Stack Security

Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization's attack surface, both...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/21 11:11 a.m.61 views

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)

Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies...

9.8CVSS8.5AI score0.98557EPSS
Exploits26
The Hacker News
The Hacker News
added 2024/10/21 6:59 a.m.21 views

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted E2EE cloud storage platforms that could be exploited to leak sensitive data. "The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/20 7:37 a.m.31 views

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month an email that...

6.1CVSS5.9AI score0.73296EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/10/20 7:23 a.m.19 views

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

North Korean information technology IT workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/19 9:30 a.m.15 views

Acronym Overdose – Navigating the Complex Data Security Landscape

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/19 7:39 a.m.25 views

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. "The group under review has a toolkit that includes utilities such ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/18 11:25 a.m.15 views

The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today's fast-evolving landscape can feel like an impossible challenge. But...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/18 11:0 a.m.45 views

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and passwor...

10CVSS7.2AI score0.99512EPSS
Exploits75
The Hacker News
The Hacker News
added 2024/10/18 9:43 a.m.24 views

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. "This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given...

7.3AI score
Exploits0
Total number of security vulnerabilities20926