The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 10 min 20 sek zpět

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

5 hodin 2 min zpět
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device," Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

7 hodin 42 min zpět
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which responded to Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

7 hodin 42 min zpět
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which responded to
Kategorie: Hacking & Security

What is DevSecOps and Why is it Essential for Secure Software Delivery?

8 hodin 15 min zpět
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk. The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

What is DevSecOps and Why is it Essential for Secure Software Delivery?

8 hodin 15 min zpět
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.
Kategorie: Hacking & Security

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

13 hodin 13 min zpět
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system," German
Kategorie: Hacking & Security

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

13 hodin 13 min zpět
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system," German Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

NiceRAT Malware Targets South Korean Users via Cracked Software

14 hodin 30 min zpět
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. "Due to the nature of crack programs, information sharing amongst
Kategorie: Hacking & Security

NiceRAT Malware Targets South Korean Users via Cracked Software

14 hodin 30 min zpět
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. "Due to the nature of crack programs, information sharing amongst Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

16 Červen, 2024 - 06:31
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the
Kategorie: Hacking & Security

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

16 Červen, 2024 - 06:31
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

15 Červen, 2024 - 11:51
Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage and SMS," Resecurity said in a report published earlier this week. "The goal is
Kategorie: Hacking & Security

Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

15 Červen, 2024 - 11:51
Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage and SMS," Resecurity said in a report published earlier this week. "The goal isNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

15 Červen, 2024 - 10:13
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written in Golang and is designed to infect Linux systems. "It is a modified version of the public project
Kategorie: Hacking & Security

Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks

15 Červen, 2024 - 10:13
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written in Golang and is designed to infect Linux systems. "It is a modified version of the public project Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Meta Pauses AI Training on EU User Data Amid Privacy Concerns

15 Červen, 2024 - 09:49
Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC). The company expressed disappointment at having to put its AI plans on pause, stating it had taken into account feedback from regulators and
Kategorie: Hacking & Security

Meta Pauses AI Training on EU User Data Amid Privacy Concerns

15 Červen, 2024 - 09:49
Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC). The company expressed disappointment at having to put its AI plans on pause, stating it had taken into account feedback from regulators and Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

14 Červen, 2024 - 15:21
Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users. "While the so-called 'Privacy Sandbox' is advertised as an improvement over extremely invasive third-party tracking, the tracking is now simply done
Kategorie: Hacking & Security

Learn to Secure Petabyte-Scale Data in a Webinar with Industry Titans

14 Červen, 2024 - 15:21
Data is growing faster than ever. Remember when petabytes (that's 1,000,000 gigabytes!) were only for tech giants? Well, that's so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn't just about storage anymore. This data is ALIVE—it's constantly accessed, analyzed, shared, and even used to train the next wave of AI. This creates a huge challenge: how do you
Kategorie: Hacking & Security

Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

14 Červen, 2024 - 15:21
Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb (none of your business) said the feature can still be used to track users. "While the so-called 'Privacy Sandbox' is advertised as an improvement over extremely invasive third-party tracking, the tracking is now simply done Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security