Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/09/27 7:47 a.m.12 views

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC,...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/27 5:54 a.m.23 views

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0...

9CVSS8.6AI score0.37055EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/09/26 4:2 p.m.22 views

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 12:28 p.m.11 views

Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 12:28 p.m.12 views

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet formerly Thallium, Sparkling Pisces,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 11:0 a.m.23 views

EPSS vs. CVSS: What's the Best Approach to Vulnerability Prioritization?

Many businesses rely on the Common Vulnerability Scoring System CVSS to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don't factor in real-world threat data, such as the likelihood of...

5.9CVSS6.7AI score0.93305EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/09/26 10:43 a.m.12 views

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusio...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 6:18 a.m.38 views

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control C2. Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which ...

7.8CVSS8.1AI score0.97798EPSS
Exploits49
The Hacker News
The Hacker News
added 2024/09/26 4:49 a.m.55 views

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers ISPs as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 5:0 p.m.30 views

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%

Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding fo...

7.8CVSS7.4AI score0.00217EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 2:12 p.m.7 views

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Vienna-based privacy non-profit noyb short for None Of Your Business has filed a complaint with the Austrian data protection authority DPA against Firefox maker Mozilla for enabling a new feature called Privacy-Preserving Attribution PPA without explicitly seeking users' consent. "Contrary to its...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 12:38 p.m.17 views

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 11:47 a.m.16 views

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence AI tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 11:20 a.m.14 views

Expert Tips on How to Spot a Phishing Link

Phishing attacks are becoming more advanced and harder to detect, but there are still telltale signs that can help you spot them before it's too late. See these key indicators that security experts use to identify phishing links: 1. Check Suspicious URLs Phishing URLs are often long, confusing, o...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 9:50 a.m.15 views

Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises

Security Orchestration, Automation, and Response SOAR was introduced with the promise of revolutionizing Security Operations Centers SOCs through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 7:3 a.m.23 views

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans RATs. The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation an...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/25 6:1 a.m.29 views

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager vTM to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 CVSS...

9.8CVSS7.7AI score0.99987EPSS
Exploits7
The Hacker News
The Hacker News
added 2024/09/24 4:13 p.m.23 views

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/24 1:3 p.m.18 views

U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

The U.S. Department of Commerce DoC said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People's Republic of China PRC and Russia. "The proposed rule focuses on hardware and software...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/24 12:0 p.m.13 views

Discover Latest Ransomware Tactics and Zero Trust Strategies in This Expert Webinar

Ransomware is no longer just a threat; it's an entire industry. Cybercriminals are growing more sophisticated, and their tactics are evolving rapidly. This persistent danger is a major concern for business leaders. But there's good news: you don't have to be defenseless. What if you could gain a...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/24 11:58 a.m.12 views

Kaspersky Exits U.S., Automatically Replaces Software With UltraAV, Raising Concerns

Antivirus vendor Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024, ahead of its formal exit at the end of the month. "Kaspersky antivirus customers received a software update facilitating the transition to...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/24 11:0 a.m.13 views

The SSPM Justification Kit

SaaS applications contain a wealth of sensitive data and are central to business operations. Despite this, far too many organizations rely on half measures and hope their SaaS stack will remain secure. Unfortunately, this approach is lacking and will leave security teams blind to threat preventio...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/24 9:37 a.m.16 views

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

Cybersecurity researchers have discovered a new version of an Android banking trojan called Octo that comes with improved capabilities to conduct device takeover DTO and perform fraudulent transactions. The new version has been codenamed Octo2 by the malware author, Dutch security firm ThreatFabr...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/24 6:33 a.m.21 views

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. "We've made it clear that the IP addresses and phone numbe...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 11:20 a.m.16 views

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22)

Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 11:0 a.m.19 views

Why 'Never Expire' Passwords Can Be a Risky Decision

Password resets can be frustrating for end users. Nobody likes being interrupted by the 'time to change your password' notification – and they like it even less when the new passwords they create are rejected by their organization's password policy. IT teams share the pain, with resetting passwor...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 9:58 a.m.34 views

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

A critical security flaw has been disclosed in the Microchip Advanced Software Framework ASF that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a...

9.8CVSS8.7AI score0.46331EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/09/23 9:43 a.m.25 views

Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls

Popular social messaging platform Discord has announced that it's rolling out a new custom end-to-end encrypted E2EE protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord's audio and video end-to-end encryption "E2EE A/V". As part of the change introduced...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 6:39 a.m.14 views

New PondRAT Malware Hidden in Python Packages Targets Software Developers

Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT aka SIMPLESE...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 4:49 a.m.31 views

Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

A suspected advanced persistent threat APT originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific APAC region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which w...

9.8CVSS7AI score0.99813EPSS
Exploits25
The Hacker News
The Hacker News
added 2024/09/21 2:39 p.m.43 views

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a...

10CVSS10AI score0.99999EPSS
Exploits57
The Hacker News
The Hacker News
added 2024/09/21 1:18 p.m.8 views

LinkedIn Halts AI Data Processing in U.K. Amid Privacy Concerns Raised by ICO

The U.K. Information Commissioner's Office ICO has confirmed that professional social networking platform LinkedIn has suspended processing users' data in the country to train its artificial intelligence AI models. "We are pleased that LinkedIn has reflected on the concerns we raised about its...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/21 1:7 p.m.9 views

Ukraine Bans Telegram Use for Government and Military Personnel

Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity NCCC in a post shared on...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/20 12:58 p.m.10 views

Europol Shuts Down iServer Phishing Scheme and Ghost Cybercrime Chat Platform

Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service PhaaS platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/20 11:0 a.m.17 views

Passwordless AND Keyless: The Future of (Privileged) Access Management

In IT environments, some secrets are managed well and some fly under the radar. Here's a quick checklist of what kinds of secrets companies typically manage, including one type they should manage: Passwords x TLS certificates x Accounts x SSH keys ??? The secrets listed above are typically secure...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/20 10:11 a.m.58 views

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

An Iranian advanced persistent threat APT threat actor likely affiliated with the Ministry of Intelligence and Security MOIS is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker...

9.8CVSS7.4AI score0.99913EPSS
Exploits29
The Hacker News
The Hacker News
added 2024/09/20 5:33 a.m.15 views

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by anyone, not even...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/20 4:18 a.m.37 views

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance CSA has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the...

9.4CVSS8.7AI score0.98557EPSS
Exploits3
The Hacker News
The Hacker News
added 2024/09/19 5:34 p.m.8 views

Wherever There's Ransomware, There's Service Account Compromise. Are You Protected?

Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities NHI accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/19 3:41 p.m.11 views

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product's default credentials,"...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/19 2:10 p.m.10 views

New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. "Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on jus...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/19 1:27 p.m.14 views

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server VPS infrastructures based on the CentOS operating system. "The initial access was accomplished via a Secure Shell SSH brute force attack on the victim's assets, during whi...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/19 11:0 a.m.19 views

Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it's not just data at risk — it's the care of patients...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/19 10:12 a.m.12 views

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest formerly DEV-083...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/19 5:7 a.m.34 views

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab has released patches to address a critical flaw impacting Community Edition CE and Enterprise Edition EE that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library CVE-2024-45409, CVSS score: 10.0, which could allow an attacker to log in as an...

10CVSS7.7AI score0.9921EPSS
Exploits14
The Hacker News
The Hacker News
added 2024/09/18 4:0 p.m.45 views

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office SOHO and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon aka Ethereal Panda or RedJuliett. The sophisticated botnet, dubbed Raptor Tra...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 2:0 p.m.14 views

Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military

A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration NASA, research universities, and private companies. Song...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 11:0 a.m.19 views

Why Pay A Pentester?

The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the grandmaster Garry Kasparov in 1997, only to be stunned when the machine claimed victory. Fast forward to today, would we have imagined just three years...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 9:32 a.m.31 views

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned Mandiant...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 9:4 a.m.10 views

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Google has announced that it's rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet and protects them against online threats. "With the newest version of Chrome, you can take advantage of our upgraded Safety Check, opt out...

6.9AI score
Exploits0
Total number of security vulnerabilities20926