The Hacker News

The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger11192125
Aktualizace: 33 min 23 sek zpět
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts.
The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was originally Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comBrowser Security / Artificial Intelligence37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud.
"Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week.
"Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals and
Kategorie: Hacking & Security
Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud.
"Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week.
"Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals and Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comMobile Security / Banking37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication of attacks and the number of cybersecurity solutions introduced into the market. With this rise in threats, budgets, and solutions, how prepared are industries
Kategorie: Hacking & Security
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication of attacks and the number of cybersecurity solutions introduced into the market. With this rise in threats, budgets, and solutions, how prepared are industriesThe Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023.
The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps.
"The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy
Kategorie: Hacking & Security
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023.
The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps.
"The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCritical Infrastructure Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
German and South Korean Agencies Warn of Kimsuky's Expanding Cyber Attack Tactics
German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users' Gmail inboxes.
The joint advisory comes from Germany's domestic intelligence apparatus, the Federal Office for the Protection of the Constitution (BfV), and South Korea's National Intelligence Service (NIS).
The intrusions are
Kategorie: Hacking & Security
German and South Korean Agencies Warn of Kimsuky's Expanding Cyber Attack Tactics
German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users' Gmail inboxes.
The joint advisory comes from Germany's domestic intelligence apparatus, the Federal Office for the Protection of the Constitution (BfV), and South Korea's National Intelligence Service (NIS).
The intrusions are Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Attack / Browser Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation.
This includes 13 security vulnerabilities in Delta Electronics' InfraSuite Device Master, a real-time device monitoring software. All versions prior to 1.0.5 are
Kategorie: Hacking & Security
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation.
This includes 13 security vulnerabilities in Delta Electronics' InfraSuite Device Master, a real-time device monitoring software. All versions prior to 1.0.5 are Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comICS/SCADA Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware onto targeted machines.
According to multiple reports from AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler, the development is illustrative of the group's continuous efforts to refine and retool its tactics
Kategorie: Hacking & Security
ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware onto targeted machines.
According to multiple reports from AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler, the development is illustrative of the group's continuous efforts to refine and retool its tactics Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Threat Intelligence37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
Preventing Insider Threats in Your Active Directory
Active Directory (AD) is a powerful authentication and directory service used by organizations worldwide. With this ubiquity and power comes the potential for abuse. Insider threats offer some of the most potentials for destruction. Many internal users have over-provisioned access and visibility into the internal network.
Insiders' level of access and trust in a network leads to unique
Kategorie: Hacking & Security
Preventing Insider Threats in Your Active Directory
Active Directory (AD) is a powerful authentication and directory service used by organizations worldwide. With this ubiquity and power comes the potential for abuse. Insider threats offer some of the most potentials for destruction. Many internal users have over-provisioned access and visibility into the internal network.
Insiders' level of access and trust in a network leads to unique The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comPassword Security / Active Directory37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware
The NuGet repository is the target of a new "sophisticated and highly-malicious attack" aiming to infect .NET developer systems with cryptocurrency stealer malware.
The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down.
"The packages contained a PowerShell script that would execute upon installation and trigger a download of a '
Kategorie: Hacking & Security
Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware
The NuGet repository is the target of a new "sophisticated and highly-malicious attack" aiming to infect .NET developer systems with cryptocurrency stealer malware.
The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down.
"The packages contained a PowerShell script that would execute upon installation and trigger a download of a 'Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comDevOpsSec / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection
The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia.
The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C# and is designed to evade "network-based forms of detection."
REF2924 is the moniker assigned to an activity cluster linked to attacks against an entity
Kategorie: Hacking & Security
NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection
The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia.
The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C# and is designed to evade "network-based forms of detection."
REF2924 is the moniker assigned to an activity cluster linked to attacks against an entityRavie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comNetwork Security / Cyber Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security
BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum
In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023, that the hacking forum has been officially taken down but emphasized that "it's not the end."
"You are allowed to hate me, and disagree with my decision but I promise what is to come will be better for us all," Baphomet noted in a message posted on the BreachForums Telegram
Kategorie: Hacking & Security
- « první
- ‹ předchozí
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- …
- následující ›
- poslední »