The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 59 min 25 sek zpět

OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability

28 Červen, 2022 - 11:16
The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. The issue has been identified in OpenSSL version 3.0.4, which was released on June 21, 2022, and impacts x64 systems with the AVX-512 instruction set. OpenSSL 1.1.1 as well as OpenSSL forks BoringSSL and LibreSSL are not affected. <!--adsense--> Security
Kategorie: Hacking & Security

Cybersecurity Experts Warn of Emerging Threat of "Black Basta" Ransomware

28 Červen, 2022 - 06:48
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics,
Kategorie: Hacking & Security

What Are Shadow IDs, and How Are They Crucial in 2022?

27 Červen, 2022 - 12:38
Just before last Christmas, in a first-of-a-kind case, JPMorgan was fined $200M for employees using non-sanctioned applications for communicating about financial strategy. No mention of insider trading, naked shorting, or any malevolence. Just employees circumventing regulation using, well, Shadow IT. Not because they tried to obfuscate or hide anything, simply because it was a convenient tool
Kategorie: Hacking & Security

Critical Security Flaws Identified in CODESYS ICS Automation Software

27 Červen, 2022 - 12:35
CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service (DoS) condition, among others.  "These vulnerabilities are simple to exploit, and they can be successfully exploited to cause consequences such as sensitive information leakage, PLCs entering a severe fault state, and arbitrary code
Kategorie: Hacking & Security

Italy Data Protection Authority Warns Websites Against Use of Google Analytics

27 Červen, 2022 - 12:21
Following the footsteps of Austria and France, the Italian Data Protection Authority has become the latest regulator to find the use of Google Analytics to be non-compliant with E.U. data protection regulations. The Garante per la Protezione dei Dati Personali, in a press release published last week, called out a local web publisher for using the widely used analytics tool in a manner that
Kategorie: Hacking & Security

Researchers Warn of 'Matanbuchus' Malware Campaign Dropping Cobalt Strike Beacons

27 Červen, 2022 - 12:00
A malware-as-a-service (Maas) dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines. Matanbuchus, like other malware loaders such as BazarLoader, Bumblebee, and Colibri, is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected
Kategorie: Hacking & Security

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

27 Červen, 2022 - 08:14
The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region. "We're trying to do the right thing and that's more than other companies working in the industry," Chaim Gelfand, the company's general counsel and chief compliance officer, said, according to a report from Politico.
Kategorie: Hacking & Security

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

27 Červen, 2022 - 07:58
Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as
Kategorie: Hacking & Security

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

27 Červen, 2022 - 07:57
A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in malware defense service — to protect all users, Benoit Sevens and Clement Lecigne of Google Threat
Kategorie: Hacking & Security

Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack

27 Červen, 2022 - 07:55
A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a previously
Kategorie: Hacking & Security

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF

25 Červen, 2022 - 12:30
In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework — a U.S. government guideline for taking care of data. The NIST Cybersecurity & Risk Management Frameworks Course helps you
Kategorie: Hacking & Security

New 'Quantum' Builder Lets Attackers Easily Create Malicious Windows Shortcuts

25 Červen, 2022 - 06:05
A new malware tool that enables cybercriminal actors to build malicious Windows shortcut (.LNK) files has been spotted for sale on cybercrime forums. Dubbed Quantum Lnk Builder, the software makes it possible to spoof any extension and choose from over 300 icons, not to mention support UAC and Windows SmartScreen bypass as well as "multiple payloads per .LNK" file. Also offered are capabilities
Kategorie: Hacking & Security

State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks

25 Červen, 2022 - 06:04
A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze Starlight by Secureworks, involves the deployment of post-intrusion ransomware such as LockFile, Atom Silo, Rook, Night Sky, Pandora,
Kategorie: Hacking & Security

Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data

24 Červen, 2022 - 09:37
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks. "Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched,
Kategorie: Hacking & Security

Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside

24 Červen, 2022 - 05:09
A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber' tool that is most likely illegally distributed in the Chinese-speaking web," Israeli cybersecurity
Kategorie: Hacking & Security

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation

23 Červen, 2022 - 13:07
When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report.  The survey report,
Kategorie: Hacking & Security

New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers

23 Červen, 2022 - 12:34
An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at government and military entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft Exchange servers in Taiwan and Vietnam using an unknown exploit to deploy the China Chopper web shell
Kategorie: Hacking & Security

Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks

23 Červen, 2022 - 08:36
QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config," the hardware vendor said in an
Kategorie: Hacking & Security

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine

23 Červen, 2022 - 08:19
The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the "Follina" flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group tracked as APT28 (aka Fancy Bear or Sofacy), the agency said the attacks commence with a lure document titled "Nuclear Terrorism
Kategorie: Hacking & Security

Europol Busts Phishing Gang Responsible for Millions in Losses

23 Červen, 2022 - 08:18
Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities. The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, saw the arrests of nine individuals in the Dutch nation. The suspects are men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and
Kategorie: Hacking & Security