The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 54 min 24 sek zpět

Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices

24 Červen, 2024 - 07:04
Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps. "It provides malicious actors with a powerful toolkit for remote administration and control, enabling a range of malicious activities Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor

22 Červen, 2024 - 13:28
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies researchers Vladislav Lunin and Alexander Badayev said in a technical report
Kategorie: Hacking & Security

ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor

22 Červen, 2024 - 13:28
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies researchers Vladislav Lunin and Alexander Badayev said in a technical report Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Warning: New Adware Campaign Targets Meta Quest App Seekers

22 Červen, 2024 - 13:03
A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes," cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month. "
Kategorie: Hacking & Security

Warning: New Adware Campaign Targets Meta Quest App Seekers

22 Červen, 2024 - 13:03
A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes," cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month. "Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban

22 Červen, 2024 - 08:00
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber
Kategorie: Hacking & Security

U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban

22 Červen, 2024 - 08:00
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign

21 Červen, 2024 - 15:42
A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries' Ministries
Kategorie: Hacking & Security

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign

21 Červen, 2024 - 15:42
A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries' Ministries Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Military-themed Email Scam Spreads Malware to Infect Pakistani Users

21 Červen, 2024 - 15:01
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence. "While there are many methods used today to deploy malware, the threat actors
Kategorie: Hacking & Security

Military-themed Email Scam Spreads Malware to Infect Pakistani Users

21 Červen, 2024 - 15:01
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence. "While there are many methods used today to deploy malware, the threat actors Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

How to Use Tines's SOC Automation Capability Matrix

21 Červen, 2024 - 13:00
Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it's
Kategorie: Hacking & Security

How to Use Tines's SOC Automation Capability Matrix

21 Červen, 2024 - 13:00
Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it's The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

21 Červen, 2024 - 11:51
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing. The
Kategorie: Hacking & Security

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

21 Červen, 2024 - 11:51
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing. TheNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately

21 Červen, 2024 - 10:54
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine. Affecting all versions of the software prior to and including Serv-U 15.4.2
Kategorie: Hacking & Security

SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately

21 Červen, 2024 - 10:54
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine. Affecting all versions of the software prior to and including Serv-U 15.4.2Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

U.S. Bans Kaspersky Software, Citing National Security Risks

21 Červen, 2024 - 06:25
The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's affiliates, subsidiaries and parent companies, the department said, adding the action is based on
Kategorie: Hacking & Security

U.S. Bans Kaspersky Software, Citing National Security Risks

21 Červen, 2024 - 06:25
The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's affiliates, subsidiaries and parent companies, the department said, adding the action is based on Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

20 Červen, 2024 - 16:22
Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform
Kategorie: Hacking & Security