The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 22 min 22 sek zpět

MrbMiner Crypto-Mining Malware Links to Iranian Software Company

21 Leden, 2021 - 15:58
A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an operational security oversight, said researchers from cybersecurity firm Sophos, that led to the company's name inadvertently making its way into the
Kategorie: Hacking & Security

Here's How SolarWinds Hackers Stayed Undetected for Long Enough

21 Leden, 2021 - 15:05
Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated attacks in recent history. Calling the threat actor "skillful and methodic operators who follow
Kategorie: Hacking & Security

Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

21 Leden, 2021 - 15:05
A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the attacks aimed specifically at energy and construction companies, said researchers from Check Point
Kategorie: Hacking & Security

Importance of Application Security and Customer Data Protection to a Startup

21 Leden, 2021 - 12:09
When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do list. One other reason to ignore web application protectioncould be your belief that only large
Kategorie: Hacking & Security

Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps

20 Leden, 2021 - 17:58
In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group
Kategorie: Hacking & Security

SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

20 Leden, 2021 - 12:27
Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by "abusing applications
Kategorie: Hacking & Security

Researchers Discover Raindrop — 4th Malware Linked to the SolarWinds Attack

19 Leden, 2021 - 16:04
Cybersecurity researchers have unearthed a fourth new malware strain—designed to spread the malware onto other computers in victims' networks—which was deployed as part of the SolarWinds supply chain attack disclosed late last year. Dubbed "Raindrop" by Broadcom-owned Symantec, the malware joins the likes of other malicious implants such as Sunspot, Sunburst (or Solorigate), and Teardrop that
Kategorie: Hacking & Security

A Set of Severe Flaws Affect Popular DNSMasq DNS Forwarder

19 Leden, 2021 - 14:43
Cybersecurity researchers have uncovered multiple vulnerabilities in Dnsmasq, a popular open-source software used for caching Domain Name System (DNS) responses, thereby potentially allowing an adversary to mount DNS cache poisoning attacks and remotely execute malicious code. The seven flaws, collectively called "DNSpooq" by Israeli research firm JSOF, echoes previously disclosed weaknesses in
Kategorie: Hacking & Security

FreakOut! Ongoing Botnet Attack Exploiting Recent Linux Vulnerabilities

19 Leden, 2021 - 14:40
An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in network-attached storage (NAS) devices running on Linux systems to co-opt the machines into an IRC botnet for launching distributed denial-of-service (DDoS) attacks and mining Monero cryptocurrency. The attacks deploy a new  malware variant called "FreakOut" by leveraging critical flaws fixed in Laminas
Kategorie: Hacking & Security

New Educational Video Series for CISOs with Small Security Teams

19 Leden, 2021 - 12:05
Cybersecurity is hard. For a CISO that faces the cyber threat landscape with a small security team, the challenge is compounded. Compared to CISOs at large enterprises, CISOs small to medium-sized enterprises (SMEs) have smaller teams with less expertise, smaller budgets for technology and outside services, and are more involved in day-to-day protection activities. CISOs at SMEs are
Kategorie: Hacking & Security

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security

18 Leden, 2021 - 07:42
Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called "ContentFilterExclusionList," it included a list of as many as 50 Apple apps like iCloud, Maps, Music, FaceTime, HomeKit, the App Store, and its software update service that were routed through Network
Kategorie: Hacking & Security

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

18 Leden, 2021 - 07:07
Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A
Kategorie: Hacking & Security

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers

16 Leden, 2021 - 18:11
The U.S. National Security Agency (NSA) on Friday said DNS over HTTPS (DoH) — if configured appropriately in enterprise environments — can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used by threat actors. "DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by
Kategorie: Hacking & Security

WhatsApp Delays Controversial 'Data-Sharing' Privacy Policy Update By 3 Months

16 Leden, 2021 - 18:10
WhatsApp said on Friday that it wouldn't enforce its recently announced controversial data sharing policy update until May 15. Originally set to go into effect next month on February 8, the three-month delay comes following "a lot of misinformation" about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the exact kind of
Kategorie: Hacking & Security

Joker's Stash, The Largest Carding Marketplace, Announces Shutdown

16 Leden, 2021 - 06:35
Joker's Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021. In a message board post on a Russian-language underground cybercrime forum, the operator of the site — who goes by the name "JokerStash" — said "it's time for us to leave forever" and that "we will never ever open again,"
Kategorie: Hacking & Security

Experts Uncover Malware Attacks Against Colombian Government and Companies

14 Leden, 2021 - 10:10
Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubbed "Operation Spalax" — began in 2020, with the modus operandi sharing some similarities to an APT
Kategorie: Hacking & Security

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips

13 Leden, 2021 - 11:07
Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker's newly announced 11th generation Core vPro business-class processors. The hardware-based security enhancements are baked into Intel's vPro platform via its Hardware Shield and Threat Detection Technology (TDT), enabling profiling and detection of ransomware and other threats that have an impact on the CPU
Kategorie: Hacking & Security

Hackers Steal Mimecast Certificate Used to Securely Connect with Microsoft 365

13 Leden, 2021 - 09:41
Mimecast said on Tuesday that "a sophisticated threat actor" had compromised a digital certificate it provided to certain customers to securely connect its products to Microsoft 365 (M365) Exchange. The discovery was made after the breach was notified by Microsoft, the London-based company said in an alert posted on its website, adding it's reached out to the impacted organizations to remediate
Kategorie: Hacking & Security

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team

13 Leden, 2021 - 09:37
Ensuring the cybersecurity of your internal environment when you have a small security team is challenging. If you want to maintain the highest security level with a small team, your strategy has to be 'do more with less,' and with the right technology, you can leverage your team and protect your internal environment from breaches. The "buyer's guide for securing the internal environment with a
Kategorie: Hacking & Security

Authorities Take Down World's Largest Illegal Dark Web Marketplace

13 Leden, 2021 - 08:49
Europol on Tuesday said it shut down DarkMarket, the world's largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.'s National Crime Agency (NCA), and the U.S. Federal Bureau of Investigation (FBI). At the time of closure, DarkMarket is believed to have had 500,000 users and more than 2,400 vendors,
Kategorie: Hacking & Security