Lucene search
+L

20928 matches found

The Hacker News
The Hacker News
added 2024/08/29 4:41 a.m.23 views

French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform

French prosecutors on Wednesday formally charged Telegram CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French citizen, has been charged...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 4:14 p.m.25 views

Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability

Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL databas...

9.8CVSS8AI score0.01167EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 1:48 p.m.31 views

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor

A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecuri...

9.3CVSS8.3AI score0.01773EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 10:21 a.m.44 views

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage...

7.2CVSS7.6AI score0.2677EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 6:50 a.m.32 views

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning ERP system to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

9.8CVSS8.2AI score0.99427EPSS
Exploits15
The Hacker News
The Hacker News
added 2024/08/28 6:49 a.m.20 views

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials

Cybersecurity researchers are calling attention to a new QR code phishing aka quishing campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. "By using legitimate cloud applications, attacke...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 4:14 a.m.54 views

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution

A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 CVSS score: 9.9, impacts all versions of the plugin before 4.6.13,...

9.9CVSS9.6AI score0.25533EPSS
Exploits3
The Hacker News
The Hacker News
added 2024/08/27 4:8 p.m.92 views

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of...

9.3CVSS8.6AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2024/08/27 2:0 p.m.34 views

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one non-U.S. victim in the Internet...

7.2CVSS7.4AI score0.04006EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/08/27 1:21 p.m.21 views

CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in thi...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/27 6:9 a.m.30 views

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot

Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. "ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/27 4:45 a.m.51 views

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

Google has revealed that a security flaw that was patched as part of a software update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8...

9.6CVSS9.1AI score0.19883EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/08/26 2:33 p.m.27 views

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 CVSS score: 9.3, has been described as an improper access contr...

7.2AI score0.15593EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/26 2:23 p.m.13 views

Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.

The Dutch Data Protection Authority DPA has fined Uber a record €290 million $324 million for allegedly failing to comply with European Union E.U. data protection standards when sending sensitive driver data to the U.S. "The Dutch DPA found that Uber transferred personal data of European taxi...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/26 10:31 a.m.21 views

Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration

Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got ho...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/26 10:31 a.m.44 views

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms

Cybersecurity researchers are warning about the security risks in the machine learning ML software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as inherent- and implementation-bas...

9.8CVSS9.5AI score0.81512EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/08/26 7:45 a.m.43 views

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized ...

9.8CVSS8.7AI score0.54413EPSS
Exploits12
The Hacker News
The Hacker News
added 2024/08/26 4:46 a.m.18 views

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/25 5:54 a.m.29 views

Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said t...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/25 5:37 a.m.14 views

New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules

Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/24 7:3 a.m.75 views

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 CVSS score: 6.6, is case of...

10CVSS9.7AI score0.99871EPSS
Exploits28
The Hacker News
The Hacker News
added 2024/08/24 6:55 a.m.17 views

Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp

Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian state-sponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/23 3:2 p.m.28 views

PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. "This memory-only dropper decrypts and executes a PowerShell-based downloader,"...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/23 11:26 a.m.23 views

Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform

Let's be honest. The world of cybersecurity feels like a constant war zone. You're bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It's exhausting, isn't it? But what if there was a better way? Imagine having every essential cybersecurity tool...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/23 10:55 a.m.34 views

Focus on What Matters Most: Exposure Management and Your Attack Surface

Read the full article for key points from Intruder's VP of Product, Andy Hornegold's recent talk on exposure management. If you'd like to hear Andy's insights first-hand, watch Intruder's on-demand webinar. To learn more about reducing your attack surface, reach out to their team today. Attack...

10CVSS7.8AI score0.99999EPSS
Exploits43
The Hacker News
The Hacker News
added 2024/08/23 10:24 a.m.58 views

New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascadi...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/23 5:1 a.m.18 views

New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data

Cybersecurity researchers have uncovered a new information stealer that's designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system. Dubbed Cthulhu Stealer, the malware has been...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/23 4:38 a.m.21 views

Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group

A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021. Deniss Zolotarjovs aka Sforzacesarini has been charged with conspiring to commit money laundering, wire fraud and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 4:46 p.m.31 views

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Class...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 4:35 p.m.39 views

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

SolarWinds has issued patches to address a new security flaw in its Web Help Desk WHD software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. "The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowi...

9.8CVSS9.9AI score0.93299EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/08/22 4:13 p.m.48 views

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliances and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the...

6.7CVSS8.2AI score0.04271EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/08/22 3:3 p.m.27 views

New 'ALBeast' Misconfiguration Exposes Weakness in AWS Application Load Balancer

As many as 15,000 applications using Amazon Web Services' AWS Application Load Balancer ALB for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications. That's according to findings from Israeli...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 10:3 a.m.29 views

The Facts About Continuous Penetration Testing and Why It's Important

What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing CASPT is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 5:19 a.m.49 views

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. "Typ...

9.6CVSS9.1AI score0.19883EPSS
Exploits16
The Hacker News
The Hacker News
added 2024/08/22 5:2 a.m.63 views

Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. "The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated...

9.8CVSS7.6AI score0.68266EPSS
Exploits13
The Hacker News
The Hacker News
added 2024/08/22 4:48 a.m.53 views

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a...

10CVSS7.9AI score0.02573EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 4:31 a.m.48 views

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

Cybersecurity researchers have unpacked a new malware strain dubbed PGMEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gaine...

10CVSS8.4AI score0.99999EPSS
Exploits355
The Hacker News
The Hacker News
added 2024/08/21 4:15 p.m.56 views

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 CVSS score: 8.5, the vulnerability has been described as an information disclosure bug stemming from a...

9.1CVSS6.7AI score0.12341EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/21 3:37 p.m.16 views

North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/21 11:11 a.m.14 views

It's Time To Untangle the SaaS Ball of Yarn

It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/21 11:10 a.m.16 views

Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details

In what's a case of an operational security OPSEC lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative o...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/21 11:0 a.m.40 views

New macOS Malware TodoSwift Linked to North Korean Hacking Groups

Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea DPRK —...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/21 5:28 a.m.24 views

CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait

The Computer Emergency Response Team of Ukraine CERT-UA has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope of the attacks are presently...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/21 4:35 a.m.141 views

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 CVSS score: 10.0, impacts all versions of the plugin prior to version 3.14.2,...

10CVSS8.6AI score0.74283EPSS
Exploits11
The Hacker News
The Hacker News
added 2024/08/20 8:13 p.m.27 views

Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys

As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS Amazon Web Services still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/20 7:59 p.m.16 views

Czech Mobile Users Targeted in New Banking Credential Theft Scheme

Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application PWA in an attempt to sidestep security protections and steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka CSOB,...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/20 10:25 a.m.48 views

Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control C&C server via DNS traffic," the Symantec Threat Hunter Team, part ...

9.8CVSS9.9AI score0.99987EPSS
Exploits64
The Hacker News
The Hacker News
added 2024/08/20 10:6 a.m.71 views

Anatomy of an Attack

In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using...

10CVSS10AI score0.99999EPSS
Exploits355
The Hacker News
The Hacker News
added 2024/08/20 9:36 a.m.33 views

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster. "An attacker with command execution in a pod runnin...

8.8CVSS9.4AI score0.27018EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/20 9:7 a.m.27 views

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho. Enterprise security company Proofpoint is tracking the...

7.5AI score
Exploits0
Total number of security vulnerabilities20928