The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger10439125
Aktualizace: 15 min 27 sek zpět

Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

28 Září, 2022 - 16:00
A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. "Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through Ravie Lakshmanan
Kategorie: Hacking & Security

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware

28 Září, 2022 - 14:36
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on the dark web for €Ravie Lakshmanan
Kategorie: Hacking & Security

Improve your security posture with Wazuh, a free and open source XDR

28 Září, 2022 - 14:15
Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security posture management is a term used to describe the process of The Hacker News
Kategorie: Hacking & Security

Hackers Using PowerPoint Mouseover Trick to Infect System with Malware

28 Září, 2022 - 12:09
The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves the mouse," cybersecurity firm Cluster25 said in a technical report. "The code execution runs a Ravie Lakshmanan
Kategorie: Hacking & Security

Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China

28 Září, 2022 - 10:45
Meta Platforms on Tuesday disclosed it took steps to dismantle two covert influence operations originating from China and Russia for engaging in coordinated inauthentic behavior (CIB) so as to manipulate public debate. While the Chinese operation sets its sights on the U.S. and the Czech Republic, the Russian network primarily targeted Germany, France, Italy, Ukraine and the U.K. with themes Ravie Lakshmanan
Kategorie: Hacking & Security

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

28 Září, 2022 - 07:03
WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call. The issue impacts the WhatsApp and Ravie Lakshmanan
Kategorie: Hacking & Security

Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures

27 Září, 2022 - 15:54
The Ukrainian government on Monday warned of "massive cyberattacks" by Russia targeting critical infrastructure facilities located in the country and that of its allies. The attacks are said to be targeting the energy sector, the Main Directorate of Intelligence of the Ministry of Defense of Ukraine (GUR) said. "By the cyberattacks, the enemy will try to increase the effect of missile strikes onRavie Lakshmanan
Kategorie: Hacking & Security

New NullMixer Malware Campaign Stealing Users' Payment Data and Credentials

27 Září, 2022 - 15:19
Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called NullMixer on compromised systems. "When a user extracts and executes NullMixer, it drops a number of malware files to the compromised machine," cybersecurity firm Kaspersky said in a Monday report. "It drops a wide varietyRavie Lakshmanan
Kategorie: Hacking & Security

Experts Uncover 85 Apps with 13 Million Downloads Involved in Ad Fraud Scheme

27 Září, 2022 - 14:04
As many as 75 apps on Google Play and 10 on Apple App Store have been discovered engaging in ad fraud as part of an ongoing campaign that commenced in 2019. The latest iteration, dubbed Scylla by Online fraud-prevention firm HUMAN Security, follows similar attack waves in August 2019 and late 2020 that go by the codename Poseidon and Charybdis, respectively. Prior to their removal from the app Ravie Lakshmanan
Kategorie: Hacking & Security

Why Continuous Security Testing is a Must for Organizations Today

27 Září, 2022 - 13:39
The global cybersecurity market is flourishing. Experts at Gartner predict that the end-user spending for the information security and risk management market will grow from $172.5 billion in 2022 to $267.3 billion in 2026.  One big area of spending includes the art of putting cybersecurity defenses under pressure, commonly known as security testing. MarketsandMarkets forecasts the global The Hacker News
Kategorie: Hacking & Security

North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs

27 Září, 2022 - 11:46
The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto[.]com have been used to mount the attacks. The Ravie Lakshmanan
Kategorie: Hacking & Security

Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

27 Září, 2022 - 08:14
The Australian Federal Police (AFP) on Monday disclosed it's working to gather "crucial evidence" and that it's collaborating with overseas law enforcement authorities following the hack of telecom provider Optus. "Operation Hurricane has been launched to identify the criminals behind the alleged breach and to help shield Australians from identity fraud," the AFP said in a statement. The Ravie Lakshmanan
Kategorie: Hacking & Security

Researchers Identify 3 Hacktivist Groups Supporting Russian Interests

26 Září, 2022 - 16:33
At least three alleged hacktivist groups working in support of Russian interests are likely doing so in collaboration with state-sponsored cyber threat actors, according to Mandiant. The Google-owned threat intelligence and incident response firm said with moderate confidence that "moderators of the purported hacktivist Telegram channels 'XakNet Team,' 'Infoccentr,' and 'CyberArmyofRussia_RebornRavie Lakshmanan
Kategorie: Hacking & Security

Chinese Espionage Hackers Target Tibetans Using New LOWZERO Backdoor

26 Září, 2022 - 14:14
A China-aligned advanced persistent threat actor known as TA413 weaponized recently disclosed flaws in Sophos Firewall and Microsoft Office to deploy a never-before-seen backdoor called LOWZERO as part of an espionage campaign aimed at Tibetan entities. Targets primarily consisted of organizations associated with the Tibetan community, including enterprises associated with the Tibetan Ravie Lakshmanan
Kategorie: Hacking & Security

BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal

26 Září, 2022 - 12:33
The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach. "Among some of the more notable developments has been the use of a new version of the Exmatter data exfiltration tool, and the use of Eamfo, information-stealing malware that is designed to steal credentials stored by Veeam backup software," researchers from Symantec Ravie Lakshmanan
Kategorie: Hacking & Security

5 Network Security Threats And How To Protect Yourself

26 Září, 2022 - 12:30
Cybersecurity today matters so much because of everyone's dependence on technology, from collaboration, communication and collecting data to e-commerce and entertainment. Every organisation that needs to deliver services to their customers and employees must protect their IT 'network' - all the apps and connected devices from laptops and desktops to servers and smartphones. While traditionally, The Hacker News
Kategorie: Hacking & Security

Google to Make Account Login Mandatory for New Fitbit Users in 2023

26 Září, 2022 - 11:47
Wearable technology company Fitbit has announced a new clause that requires users to switch to a Google account "sometime" in 2023. "In 2023, we plan to launch Google accounts on Fitbit, which will enable use of Fitbit with a Google account," the Google-owned fitness devices maker said. The switch will not go live for all users in 2023. Rather, support for Fitbit accounts is Ravie Lakshmanan
Kategorie: Hacking & Security

Ukraine Arrests Cybercrime Group for Selling Data of 30 Million Accounts

26 Září, 2022 - 07:04
Ukrainian law enforcement authorities on Friday disclosed that it had "neutralized" a hacking group operating from the city of Lviv that it said acted on behalf of Russian interests. The group specialized in the sales of 30 million accounts belonging to citizens from Ukraine and the European Union on the dark web and netted a profit of $372,000 (14 million UAH) through electronic payment systemsRavie Lakshmanan
Kategorie: Hacking & Security

London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches

24 Září, 2022 - 08:37
The City of London Police on Friday revealed that it has arrested a 17-year-old teenager from Oxfordshire on suspicion of hacking. "On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking," the agency said, adding "he remains in police custody." The department said the arrest was made as part of an investigation in Ravie Lakshmanan
Kategorie: Hacking & Security

Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released

24 Září, 2022 - 07:03
Security software company Sophos has released a patch update for its firewall product after it was discovered that attackers were exploiting a new critical zero-day vulnerability to attack its customers' network. The issue, tracked as CVE-2022-3236 (CVSS score: 9.8), impacts Sophos Firewall v19.0 MR1 (19.0.1) and older and concerns a code injection vulnerability in the User Portal and Webadmin Ravie Lakshmanan
Kategorie: Hacking & Security