The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 11 min 18 sek zpět

Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF

8 hodin 23 min zpět
A first-of-its-kind security analysis of iOS Find My function has identified a novel attack surface that makes it possible to tamper with the firmware and load malware onto a Bluetooth chip that's executed while an iPhone is "off." The mechanism takes advantage of the fact that wireless chips related to Bluetooth, Near-field communication (NFC), and ultra-wideband (UWB) continue to operate while
Kategorie: Hacking & Security

Fake Clickjacking Bug Bounty Reports: The Key Facts

10 hodin 20 min zpět
Are you aware of fake clickjacking bug bounty reports? If not, you should be. This article will get you up to speed and help you to stay alert. What are clickjacking bug bounty reports? If we start by breaking up the term into its component parts, a bug bounty is a program offered by an organization, in which individuals are rewarded for finding and reporting software bugs. These programs are
Kategorie: Hacking & Security

Researchers Warn of "Eternity Project" Malware Service Being Sold via Telegram

11 hodin 46 min zpět
An unidentified threat actor has been linked to an actively in-development malware toolkit called the "Eternity Project" that lets professional and amateur cybercriminals buy stealers, clippers, worms, miners, ransomware, and a distributed denial-of-service (DDoS) bot. What makes this malware-as-a-service (MaaS) stand out is that besides using a Telegram channel to communicate updates about the
Kategorie: Hacking & Security

Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity

17 hodin 59 min zpět
The European Parliament announced a "provisional agreement" aimed at improving cybersecurity and resilience of both public and private sector entities in the European Union. The revised directive, called "NIS2" (short for network and information systems), is expected to replace the existing legislation on cybersecurity that was established in July 2016. The revamp sets ground rules, requiring
Kategorie: Hacking & Security

Ukrainian Hacker Jailed for 4-Years in U.S. for Selling Access to Hacked Servers

18 hodin 29 min zpět
A 28-year-old Ukrainian national has been sentenced to four years in prison for siphoning thousands of server login credentials and selling them on the dark web for monetary gain as part of a credential theft scheme. Glib Oleksandr Ivanov-Tolpintsev, who pleaded guilty to his offenses earlier this February, was arrested in Poland in October 2020, before being extradited to the U.S. in September
Kategorie: Hacking & Security

Get Lifetime Access to 2022 Cybersecurity Certification Prep Courses @ 95% Off

14 Květen, 2022 - 09:45
Ever thought about working full-time in cybersecurity? With millions of unfilled jobs around, now is a great time to get into the industry. Of course, there are many different roles in this field. But all of them require the same handful of professional certifications. The 2022 Ultimate Advanced CyberSecurity Professional Certification Bundle helps you collect the full house, with five
Kategorie: Hacking & Security

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

14 Květen, 2022 - 07:39
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access (SMA) 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1. The list of vulnerabilities is below - CVE-2022-22282 (CVSS score: 8.2) - Unauthenticated Access
Kategorie: Hacking & Security

Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks

14 Květen, 2022 - 07:22
A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia. Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed Cobalt Illusion (aka APT35,
Kategorie: Hacking & Security

Researchers Warn of Nerbian RAT Targeting Entities in Italy, Spain, and the U.K.

14 Květen, 2022 - 07:17
A previously undocumented remote access trojan (RAT) written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain, and the U.K. Called Nerbian RAT by enterprise security firm Proofpoint, the novel malware leverages COVID-19-themed lures to propagate as part of a low volume email-borne phishing campaign that started on April 26, 2022. "The newly
Kategorie: Hacking & Security

Google Created 'Open Source Maintenance Crew' to Help Secure Critical Projects

14 Květen, 2022 - 07:16
Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this information, developers
Kategorie: Hacking & Security

New Saitama backdoor Targeted Official from Jordan's Foreign Ministry

13 Květen, 2022 - 11:32
A spear-phishing campaign targeting Jordan's foreign ministry has been observed dropping a new stealthy backdoor dubbed Saitama. Researchers from Malwarebytes and Fortinet FortiGuard Labs attributed the campaign to an Iranian cyber espionage threat actor tracked under the moniker APT34, citing resemblances to past campaigns staged by the group. "Like many of these attacks, the email contained a
Kategorie: Hacking & Security

Zyxel Releases Patch for Critical Firewall OS Command Injection Vulnerability

13 Květen, 2022 - 10:16
Zyxel has moved to address a critical security vulnerability affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution. "A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device," the company said in an advisory
Kategorie: Hacking & Security

E.U. Proposes New Rules for Tech Companies to Combat Online Child Sexual Abuse

13 Květen, 2022 - 07:23
The European Commission on Wednesday proposed new regulation that would require tech companies to scan for child sexual abuse material (CSAM) and grooming behavior, raising worries that it could undermine end-to-end encryption (E2EE). To that end, online service providers, including hosting services and communication apps, are expected to proactively scan their platforms for CSAM as well as
Kategorie: Hacking & Security

Android and Chrome Users Can Soon Generate Virtual Credit Cards to Protect Real Ones

13 Květen, 2022 - 07:23
Google on Wednesday took to its annual developer conference to announce a host of privacy and security updates, including support for virtual credit cards on Android and Chrome. "When you use autofill to enter your payment details at checkout, virtual cards will add an additional layer of security by replacing your actual card number with a distinct, virtual number," Google's Jen Fitzpatrick 
Kategorie: Hacking & Security

CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability

12 Květen, 2022 - 15:47
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the recently disclosed F5 BIG-IP flaw to its Known Exploited Vulnerabilities Catalog following reports of active abuse in the wild. The flaw, assigned the identifier CVE-2022-1388 (CVSS score: 9.8), concerns a critical bug in the BIG-IP iControl REST endpoint that provides an unauthenticated adversary with a method to
Kategorie: Hacking & Security

Thousands of WordPress Sites Hacked to Redirect Visitors to Scam Sites

12 Květen, 2022 - 12:09
Cybersecurity researchers have disclosed a massive campaign that's responsible for injecting malicious JavaScript code into compromised WordPress websites that redirects visitors to scam pages and other malicious websites to generate illegitimate traffic. "The websites all shared a common issue — malicious JavaScript had been injected within their website's files and the database, including
Kategorie: Hacking & Security

Everything We Learned From the LAPSUS$ Attacks

12 Květen, 2022 - 09:27
In recent months, a cybercriminal gang known as LAPSUS$ has claimed responsibility for a number of high-profile attacks against technology companies, including: T-Mobile (April 23, 2022) Globant  Okta Ubisoft Samsung Nvidia Microsoft Vodafone In addition to these attacks, LAPSUS$ was also able to successfully launch a ransomware attack against the Brazilian Ministry of Health. While
Kategorie: Hacking & Security

Government Agencies Warn of Increase in Cyberattacks Targeting MSPs

12 Květen, 2022 - 08:43
Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers (MSPs) and their customers. Key among the recommendations include identifying and disabling accounts that are no longer in use, enforcing multi-factor authentication (MFA) on MSP accounts that access customer
Kategorie: Hacking & Security

Hackers Deploy IceApple Exploitation Framework on Hacked MS Exchange Servers

12 Květen, 2022 - 07:36
Researchers have detailed a previously undocumented .NET-based post-exploitation framework called IceApple that has been deployed on Microsoft Exchange server instances to facilitate reconnaissance and data exfiltration. "Suspected to be the work of a state-nexus adversary, IceApple remains under active development, with 18 modules observed in use across a number of enterprise environments, as
Kategorie: Hacking & Security

Malicious NPM Packages Target German Companies in Supply Chain Attack

12 Květen, 2022 - 03:28
Cybersecurity researchers have discovered a number of malicious packages in the NPM registry specifically targeting a number of prominent media, logistics, and industrial firms based in Germany to carry out supply chain attacks. "Compared with most malware found in the NPM repository, this payload seems particularly dangerous: a highly-sophisticated, obfuscated piece of malware that acts as a
Kategorie: Hacking & Security