Lucene search
+L

20928 matches found

The Hacker News
The Hacker News
added 2024/09/18 9:32 a.m.31 views

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned Mandiant...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 9:4 a.m.10 views

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Google has announced that it's rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet and protects them against online threats. "With the newest version of Chrome, you can take advantage of our upgraded Safety Check, opt out...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 6:18 a.m.9 views

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

The GSM Association GSMA, the governing body that oversees the development of the Rich Communications Services RCS protocol, on Tuesday, said it's working towards implementing end-to-end encryption E2EE to secure messages sent between the Android and iOS ecosystems. "The next major milestone is f...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 5:8 a.m.46 views

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 CVSS score: 9.8, has been described as a heap-overflow vulnerability in the DCE/RPC protocol. "A...

9.8CVSS8AI score0.54143EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 12:22 p.m.122 views

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum computers CRQCs. "Chrome will offer a key share prediction for hybrid ML-KEM codepoint 0x11EC," David...

4.2CVSS7AI score0.00329EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 12:6 p.m.10 views

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role in the development, operation, and distribution of a commercial spyware called Predator. "The United States will not tolerate the reckless...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 12:0 p.m.19 views

How to Investigate ChatGPT activity in Google Workspace

When you connect your organization's Google Drive account to ChatGPT, you grant ChatGPT extensive permissions for not only your personal files, but resources across your entire shared drive. As you might imagine, this introduces an array of cybersecurity challenges. This post outlines how to see...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 11:56 a.m.10 views

Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts

Meta has announced that it will begin training its artificial intelligence AI systems using public content shared by adult users across Facebook and Instagram in the U.K. in the coming months. "This means that our generative AI models will reflect British culture, history, and idiom, and that U.K...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 7:18 a.m.11 views

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud. Clipper malware, also called ClipBankers, is a type of malware that Microsoft calls cryware, which comes with...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/17 4:34 a.m.28 views

SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks

SolarWinds has released fixes to address two security flaws in its Access Rights Manager ARM software, including a critical vulnerability that could result in remote code execution. The vulnerability, tracked as CVE-2024-28991, is rated 9.0 out of a maximum of 10.0 on the CVSS scoring system. It...

9.8CVSS8.6AI score0.03085EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 1:7 p.m.29 views

Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution

A now-patched critical security flaw impacting Google Cloud Platform GCP Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion. The vulnerability has been codenamed CloudImposer by Tenable...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 12:0 p.m.15 views

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver malware called RustDoor. The latest advisory comes from Jamf Threat Labs, which said it spotted an attack attempt in which a user was contacted on the...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 11:33 a.m.18 views

From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook

Imagine this... You arrive at work to a chaotic scene. Systems are down, panic is in the air. The culprit? Not a rogue virus, but a compromised identity. The attacker is inside your walls, masquerading as a trusted user. This isn't a horror movie, it's the new reality of cybercrime. The question...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 11:5 a.m.17 views

Master Your PCI DSS v4 Compliance with Innovative Smart Approvals

The PCI DSS landscape is evolving rapidly. With the Q1 2025 deadline looming ever larger, businesses are scrambling to meet the stringent new requirements of PCI DSS v4.0. Two sections in particular, 6.4.3 and 11.6.1, are troublesome as they demand that organizations rigorously monitor and manage...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 7:12 a.m.13 views

Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure

Apple has filed a motion to "voluntarily" dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could lead to exposure of critical "threat intelligence" information. The development was first reported by The Washington Post on Friday. The iPhone...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 4:23 a.m.21 views

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials. "Unlike other phishing webpage distribution behavior through HTML content, these attacks use the...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/14 4:12 a.m.37 views

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance CSA has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 CVSS score: 7.2, which allows remote code execution under certain circumstances. "An OS command...

10CVSS8AI score0.88955EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/09/13 1:51 p.m.19 views

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier...

6.2AI score0.00401EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/13 1:29 p.m.14 views

17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London

British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for London TfL. "The 17-year-old male was detained on suspicion of Computer Misuse Act offenses in relation to the attack, which was launched on TfL on 1 September," th...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/13 11:17 a.m.22 views

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials. "The mechanisms include using malformed ZIP files in combination wit...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/13 11:17 a.m.17 views

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials Verizon DBIR, 2024. Solving this problem resolves over 80% of your corporate risk, and a solution is possible. However, most tools available on the market toda...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/13 11:4 a.m.44 views

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept PoC exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released f...

10CVSS8.2AI score0.99984EPSS
Exploits35
The Hacker News
The Hacker News
added 2024/09/13 5:39 a.m.15 views

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency

Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining and deliver botnet malware. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver a malware strain dubbed Hadooken,...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/12 4:12 p.m.20 views

New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram

Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2023 with the goal of harvesting financial information and intercepting two-factor authentication 2FA messages. Singapore-headquartered Group-IB, which...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/12 3:55 p.m.71 views

Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user. The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0 "An issue was discovered in...

10CVSS7AI score0.94955EPSS
Exploits17
The Hacker News
The Hacker News
added 2024/09/12 1:46 p.m.22 views

Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide

Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d aka Void. "It is a backdoor that puts its components in the system storage area and, when commanded by attacker...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/12 12:56 p.m.22 views

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions," Cado Security researchers Tara Gould and Nate...

5.8CVSS7AI score0.04615EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/09/12 10:51 a.m.20 views

Top 3 Threat Report Insights for Q2 2024

Cato CTRL Cyber Threats Research Lab has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato's global customers, between April and June 2024. Key Insights from the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/12 10:49 a.m.12 views

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister's Office and the Ministry of Foreign Affairs, cybersecurity compa...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/12 10:32 a.m.8 views

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

The Irish Data Protection Commission DPC has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence AI model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal dat...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/12 4:57 a.m.23 views

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication 2FA mandatorily. The enforcement is expected to come into effect starting October 1, 2024. "Accounts with commit access can pu...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 4:20 p.m.18 views

Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances

The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to ...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 3:39 p.m.13 views

DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe

A "simplified Chinese-speaking actor" has been linked to a new campaign that has targeted multiple countries in Asia and Europe with the end goal of performing search engine optimization SEO rank manipulation. The black hat SEO cluster has been codenamed DragonRank by Cisco Talos, with victimolog...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 12:7 p.m.13 views

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

The Singapore Police Force SPF has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 10:41 a.m.13 views

Why Is It So Challenging to Go Passwordless?

Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, "If it sounds too good to be true, it probably is." If your organization is like many, you may be contemplating a move to passwordles...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 9:46 a.m.13 views

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. "The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 6:53 a.m.58 views

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are...

9.8CVSS8.9AI score0.84345EPSS
Exploits3
The Hacker News
The Hacker News
added 2024/09/11 6:30 a.m.43 views

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager EPM, including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows - CVE-2024-29847 CVSS score: 10.0 - A deserialization of...

10CVSS9.1AI score0.88955EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/09/10 3:48 p.m.44 views

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously...

10CVSS7.4AI score0.99512EPSS
Exploits154
The Hacker News
The Hacker News
added 2024/09/10 11:43 a.m.17 views

Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/10 11:20 a.m.20 views

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers. Shadow apps may include instances of...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/10 10:10 a.m.21 views

New PIXHELL Attack Exploits LCD Screen Noise to Exfiltrate Data from Air-Gapped Computers

A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the "audio gap" and exfiltrating sensitive information by taking advantage of the noise generated by pixels on an LCD screen. "Malware in the air-gap and audio-gap computers generates crafted pixe...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/10 9:57 a.m.11 views

Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 5:19 p.m.17 views

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks

A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory RAM as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO short for "Radiation of Air-gapped Memory Bus for Offense" by Dr...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 12:34 p.m.14 views

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout

The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach n...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 12:24 p.m.18 views

Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT

The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan RAT referred to as Quasar RAT since June 2024. "Attacks have originated with phishing emails impersonating the...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 12:16 p.m.36 views

Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

The China-linked advanced persistent threat APT group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. "This threat actor used Visual Studio Code's embedded reverse shell feature to ga...

8.6CVSS9.1AI score0.99978EPSS
Exploits52
The Hacker News
The Hacker News
added 2024/09/09 11:25 a.m.13 views

Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It's Productivity Benefits

GenAI has become a table stakes tool for employees, due to the productivity gains and innovative capabilities it offers. Developers use it to write code, finance teams use it to analyze reports, and sales teams create customer emails and assets. Yet, these capabilities are exactly the ones that...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 10:30 a.m.16 views

Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

Designed to be more than a one-time assessment— Wing Security's SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it's free! Introducing SaaS Pulse: Free Continuous SaaS Risk Management Just like waiting for a medical issue to...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/09 9:24 a.m.24 views

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant MT hypervisor that could result in the execution of arbitrary operating system commands. Tracked as CVE-2024-7591 CVSS score: 10.0, the vulnerability has been described as an improper input...

10CVSS7.7AI score0.44069EPSS
Exploits1
Total number of security vulnerabilities20928