The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 9 min 15 sek zpět

GitHub Token Leak Exposes Python's Core Repositories to Potential Attacks

3 hodiny 22 min zpět
Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub. "This Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit

8 hodin 48 min zpět
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that’s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. Over the last few years, the problem has grown bigger and bigger, and only now are we The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool

9 hodin 16 min zpět
A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a tenfold surge, adding it includes "mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

12 hodin 1 min zpět
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024. "Customers who have activated their digital Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection

14 hodin 30 min zpět
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. "Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection," Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis. "The passphrase needs to be provided duringNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

13 Červenec, 2024 - 07:51
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T's wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign

12 Červenec, 2024 - 16:51
Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic Script (VBS) and JavaScript files. Targets included North Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Australian Defence Force Private and Husband Charged with Espionage for Russia

12 Červenec, 2024 - 14:24
Two Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a "complex" law enforcement operation codenamed BURGAZADA. This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husband, a 62-year-old self-employed laborer. Media reports have identified them as Kira Korolev and Igor Korolev, Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar

12 Červenec, 2024 - 12:55
In today's digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility—and vulnerability. Most people don't realize their credentials have been compromised until the damage is done. Imagine waking up to drained bank accounts, stolen identities, or a company's The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments

12 Červenec, 2024 - 12:51
A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users' inboxes. The vulnerability, tracked as CVE-2024-39929, has a CVSS score of 9.1 out of 10.0. It has been addressed in version 4.98. "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypassNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation

12 Červenec, 2024 - 10:30
The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. "The social media bot farm used elements of AI to create fictitious social media profiles — often purporting to belong to individuals in the Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

11 Červenec, 2024 - 17:19
Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover. "Missing authentication Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

11 Červenec, 2024 - 17:06
Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign that began in August 2023, while also adding a new layer of stealth to evade detection. The fresh packages, about 60 in number and spanning 290 versions, demonstrate a refined approach from the previous set that came to light in October 2023, software supply Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk

11 Červenec, 2024 - 14:31
The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an "advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been designated DodgeBox by Zscaler ThreatLabz, which discovered the loader strain inNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Streamlined Security Solutions: PAM for Small to Medium-sized Businesses

11 Červenec, 2024 - 13:00
Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

11 Červenec, 2024 - 12:12
Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis, Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

11 Červenec, 2024 - 07:19
Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. ItNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

11 Červenec, 2024 - 05:51
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CE/EE affecting versions 15.8 prior to 16.11.6, 17.0 prior to Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

10 Červenec, 2024 - 15:06
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Smash-and-Grab Extortion

10 Červenec, 2024 - 13:30
The Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:  53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days. More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities. The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security