Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/09/09 4:33 a.m.18 views

U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate GRU 161st Specialist Training Center Unit 29155. "These cyber actors are responsible for computer network...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/07 7:28 a.m.15 views

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams

Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/07 7:10 a.m.21 views

FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals

Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/06 3:55 p.m.35 views

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10...

9.8CVSS9.3AI score0.15593EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/06 3:14 p.m.40 views

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware

A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug...

9.8CVSS8.7AI score0.99813EPSS
Exploits27
The Hacker News
The Hacker News
added 2024/09/06 3:3 p.m.41 views

GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code

Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterpart...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/06 9:37 a.m.11 views

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025

The 2024 State of the vCISO Report continues Cynomi's tradition of examining the growing popularity of virtual Chief Information Security Officer vCISO services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/06 6:35 a.m.41 views

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress

Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 CVSS score: 7.5, impacts versions before and includin...

9.8CVSS7.7AI score0.83178EPSS
Exploits15
The Hacker News
The Hacker News
added 2024/09/06 5:22 a.m.37 views

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning ERP system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The high-severity vulnerability, tracked as CVE-2024-45195 CVSS score: 7.5,...

9.8CVSS9.4AI score0.99983EPSS
Exploits15
The Hacker News
The Hacker News
added 2024/09/06 4:2 a.m.12 views

Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity

Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are misguided. "If a country is unhappy with an internet service, the established practice is to start a legal action against the service itself," Durov said in a 600-word statement on...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/05 4:19 p.m.57 views

Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East

Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. "Sighting this group's Tactics, Techniques, and Procedures in critical governmental entities in the Middle East,...

10CVSS7.7AI score0.99999EPSS
Exploits31
The Hacker News
The Hacker News
added 2024/09/05 4:5 p.m.56 views

Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues

Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below - CVE-2024-40711 CVSS score: 9.8 - A vulnerability in Veeam Backup &...

9.9CVSS10AI score0.90208EPSS
Exploits3
The Hacker News
The Hacker News
added 2024/09/05 12:4 p.m.12 views

U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown

The U.S. Department of Justice DoJ on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions. Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/05 9:19 a.m.20 views

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

It's been a decade since the National Institute of Standards and Technology NIST introduced its Cybersecurity Framework CSF 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/05 7:45 a.m.13 views

Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore

Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/05 5:3 a.m.17 views

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm

The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/05 4:40 a.m.38 views

Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks

Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information. A brief description of the two vulnerabilities is below - CVE-2024-20439 CVSS...

9.8CVSS7.9AI score0.92062EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 3:52 p.m.15 views

North Korean Hackers Targets Job Seekers with Fake FreeConference App

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 1:36 p.m.30 views

Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw

Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 CVSS score: 7.8, relates to a case of privilege escalation in...

8.1CVSS7.2AI score0.0301EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 1:0 p.m.20 views

Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack

A new supply chain attack technique targeting the Python Package Index PyPI registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used t...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 11:27 a.m.10 views

The New Effective Way to Prevent Account Takeovers

Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, "Why Account Takeov...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 11:27 a.m.31 views

Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers

Zyxel has released software updates to address a critical security flaw impacting certain access point AP and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 CVSS score: 9.8, the vulnerability has been described as a case of operating...

9.8CVSS7.5AI score0.11408EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 8:43 a.m.8 views

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database

The Dutch Data Protection Authority Dutch DPA has imposed a fine of €30.5 million $33.7 million against facial recognition firm Clearview AI for violating the General Data Protection Regulation GDPR in the European Union E.U. by building an "illegal database with billions of photos of faces,"...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/04 5:31 a.m.12 views

Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack

A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader aka WailingCrab loader by means of a search engine optimization SEO campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/03 1:29 p.m.62 views

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initial access," Kaspersky said in a Monday analysis of the group's tactics and tools. "For instance, t...

7.8CVSS8.2AI score0.97798EPSS
Exploits49
The Hacker News
The Hacker News
added 2024/09/03 1:16 p.m.20 views

New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems

Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat aka ALPHV operation. "It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses SMBs, likely through...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/03 9:37 a.m.17 views

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. "This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/03 7:30 a.m.27 views

Secrets Exposed: Why Your CISO Should Worry About Slack

In the digital realm, secrets API keys, private keys, username and password combos, etc. are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day? A Single Secret Can Wreak Havoc Imagine this: It's a typical Tuesd...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/03 4:1 a.m.27 views

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access

Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control TCC...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/03 1:58 a.m.22 views

Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt

A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer. Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/02 1:33 p.m.51 views

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and...

10CVSS10AI score0.99654EPSS
Exploits117
The Hacker News
The Hacker News
added 2024/09/02 8:55 a.m.21 views

Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management

The world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated. In this high-stakes game, security leaders need every advantage they can get. That's where Artificial Intelligence AI comes in. AI isn't just a buzzword; it'...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/02 7:0 a.m.17 views

Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities

The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A, describes a new cybercrimin...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/02 3:36 a.m.56 views

Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers' Systems

Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular 'noblox.js' library, attackers...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/31 3:35 p.m.59 views

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit

A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which has made ...

9.6CVSS8.9AI score0.51865EPSS
Exploits24
The Hacker News
The Hacker News
added 2024/08/30 1:4 p.m.51 views

Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control C2 mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeti...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 11:15 a.m.16 views

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns

Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future's Insikt Group has linked the infrastructure to a hacking group it tracks as GreenCharlie, an...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 10:42 a.m.15 views

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals

The most dangerous vulnerability you've never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others ar...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 10:20 a.m.12 views

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users

Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network VPN tool. "The malware can execute remote PowerShell commands, download and exfiltrate files,...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 6:25 a.m.22 views

North Korean Hackers Target Developers with Malicious npm Packages

Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 6:19 a.m.20 views

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments

A comprehensive guide authored by Dean Parsons, SANS Certified Instructor and CEO / Principal Consultant of ICS Defense Force, emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50% increase in ransomware attacks targeting...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 6:17 a.m.20 views

New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads

Chinese-speaking users are the target of a "highly organized and sophisticated attack" campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. "The attackers managed to move laterally, establish persistence and remain undetected within the systems...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/30 6:12 a.m.46 views

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. "The attacks involve threat actors that employ methods such as the deployment of shel...

10CVSS9.6AI score0.99984EPSS
Exploits32
The Hacker News
The Hacker News
added 2024/08/29 4:15 p.m.20 views

Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32

A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster tracked as APT32, a Vietnamese-aligned hacking crew that's also...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/29 3:59 p.m.53 views

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack

Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...

9.6CVSS9.5AI score0.29179EPSS
Exploits6
The Hacker News
The Hacker News
added 2024/08/29 11:42 a.m.35 views

U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks

U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox...

10CVSS10AI score0.99999EPSS
Exploits221
The Hacker News
The Hacker News
added 2024/08/29 11:26 a.m.19 views

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back

Attackers are increasingly using new phishing toolkits open-source, commercial, and criminal to execute adversary-in-the-middle AitM attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MF...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/29 11:5 a.m.94 views

Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks

A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 CVSS score: 8.7, the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circui...

10CVSS9.1AI score0.99975EPSS
Exploits13
The Hacker News
The Hacker News
added 2024/08/29 4:41 a.m.22 views

French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform

French prosecutors on Wednesday formally charged Telegram CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French citizen, has been charged...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 4:14 p.m.24 views

Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability

Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL databas...

9.8CVSS8AI score0.01167EPSS
Exploits0
Total number of security vulnerabilities20926