The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger10932125
Aktualizace: 12 min 29 sek zpět

Gootkit Malware Continues to Evolve with New Components and Obfuscations

12 hodin 56 min zpět
The threat actors associated with the Gootkit malware have made "notable changes" to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is "exclusive to this group." Gootkit, also called Gootloader, is spread through compromised websites that
Kategorie: Hacking & Security

Gootkit Malware Continues to Evolve with New Components and Obfuscations

12 hodin 56 min zpět
The threat actors associated with the Gootkit malware have made "notable changes" to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is "exclusive to this group." Gootkit, also called Gootloader, is spread through compromised websites that Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Threat / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Microsoft Urges Customers to Secure On-Premises Exchange Servers

28 Leden, 2023 - 11:42
Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. "Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post. "There are too many
Kategorie: Hacking & Security

Microsoft Urges Customers to Secure On-Premises Exchange Servers

28 Leden, 2023 - 11:42
Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. "Attackers looking to exploit unpatched Exchange servers are not going to go away," the tech giant's Exchange Team said in a post. "There are too many Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comEmail Security / Cyber Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge

28 Leden, 2023 - 11:41
The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task. Understanding the risks that
Kategorie: Hacking & Security

Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge

28 Leden, 2023 - 11:41
The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task. Understanding the risks that The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

28 Leden, 2023 - 08:55
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures," the U.S. Cybersecurity
Kategorie: Hacking & Security

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

28 Leden, 2023 - 08:55
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures," the U.S. Cybersecurity Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comServer Security / DNS37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack

28 Leden, 2023 - 06:49
Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). "Once executed it deletes shadow
Kategorie: Hacking & Security

Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack

28 Leden, 2023 - 06:49
Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). "Once executed it deletes shadow Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Threat / Cyber War37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service

27 Leden, 2023 - 14:50
Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona "badbullzvenom." eSentire's Threat Response Unit (TRU), in an exhaustive report published following a 16-month-long investigation, said it "found multiple mentions of the badbullzvenom account being shared between two people." The
Kategorie: Hacking & Security

Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service

27 Leden, 2023 - 14:50
Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona "badbullzvenom." eSentire's Threat Response Unit (TRU), in an exhaustive report published following a 16-month-long investigation, said it "found multiple mentions of the badbullzvenom account being shared between two people." The Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comThreat Response / Cyber Crime37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

27 Leden, 2023 - 12:53
Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn 
Kategorie: Hacking & Security

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

27 Leden, 2023 - 12:53
Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Windows operating file system," Palo Alto Networks Unit 42 researchers Mike Harbison and Jen Miller-Osborn Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comEndpoint Security / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox

27 Leden, 2023 - 11:55
Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.RUN’s top malware types in 2022 That's why you'll definitely come across this type in your practice, and the Orcus
Kategorie: Hacking & Security

3 Lifehacks While Analyzing Orcus RAT in a Malware Sandbox

27 Leden, 2023 - 11:55
Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous malicious program in its class. RAT is quite a stable type that always makes it to the top. ANY.RUN’s top malware types in 2022 That's why you'll definitely come across this type in your practice, and the Orcus The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comMalware Analyzing37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries

27 Leden, 2023 - 11:37
The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. "The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists and activists," the
Kategorie: Hacking & Security

British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries

27 Leden, 2023 - 11:37
The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. "The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists and activists," the Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comNation-State-Sponsored Attacks37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

26 Leden, 2023 - 17:20
In what's a case of hacking the hackers, the darknet infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," Europol 
Kategorie: Hacking & Security

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

26 Leden, 2023 - 17:20
In what's a case of hacking the hackers, the darknet infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," Europol Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comEncryption / Ransomware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security