The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 29 min 48 sek zpět

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

12 Listopad, 2024 - 15:00
Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses from public GitHub
Kategorie: Hacking & Security

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

12 Listopad, 2024 - 15:00
Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses from public GitHub Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

North Korean Hackers Target macOS Using Flutter-Embedded Malware

12 Listopad, 2024 - 14:00
Threat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said the Flutter-built
Kategorie: Hacking & Security

North Korean Hackers Target macOS Using Flutter-Embedded Malware

12 Listopad, 2024 - 14:00
Threat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said the Flutter-built Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

5 Ways Behavioral Analytics is Revolutionizing Incident Response

12 Listopad, 2024 - 12:00
Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more
Kategorie: Hacking & Security

5 Ways Behavioral Analytics is Revolutionizing Incident Response

12 Listopad, 2024 - 12:00
Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

12 Listopad, 2024 - 07:00
Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said. "Threat actors leveraged an unconventional blend
Kategorie: Hacking & Security

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

12 Listopad, 2024 - 07:00
Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said. "Threat actors leveraged an unconventional blend Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

11 Listopad, 2024 - 12:57
⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,
Kategorie: Hacking & Security

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

11 Listopad, 2024 - 12:57
⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways, Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

11 Listopad, 2024 - 12:55
In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike,
Kategorie: Hacking & Security

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

11 Listopad, 2024 - 12:55
In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?,'" Sophos researchers Trang Tang, Hikaru Koike,Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

The ROI of Security Investments: How Cybersecurity Leaders Prove It

11 Listopad, 2024 - 12:30
Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.
Kategorie: Hacking & Security

The ROI of Security Investments: How Cybersecurity Leaders Prove It

11 Listopad, 2024 - 12:30
Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

11 Listopad, 2024 - 11:11
Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week. The server-side weaknesses "allow attackers to hijack important servers in the
Kategorie: Hacking & Security

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

11 Listopad, 2024 - 11:11
Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week. The server-side weaknesses "allow attackers to hijack important servers in the Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

11 Listopad, 2024 - 10:57
Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 - AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.x:
Kategorie: Hacking & Security

HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

11 Listopad, 2024 - 10:57
Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 - AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.x: Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware

11 Listopad, 2024 - 07:13
Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. "However, threat actors have
Kategorie: Hacking & Security

Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware

11 Listopad, 2024 - 07:13
Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. "However, threat actors have Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security