The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 17 min 7 sek zpět

Researchers Disclose 56 Vulnerabilities Impacting OT Devices from 10 Vendors

23 Červen, 2022 - 08:18
Nearly five dozen security vulnerabilities have been disclosed in devices from 10 operational technology (OT) vendors due to what researchers call are "insecure-by-design practices." Collectively dubbed OT:ICEFALL by Forescout, the 56 issues span as many as 26 device models from Bently Nevada, Emerson, Honeywell, JTEKT, Motorola, Omron, Phoenix Contact, Siemens, and Yokogawa. "Exploiting these
Kategorie: Hacking & Security

Researchers Uncover Ways to Break the Encryption of 'MEGA' Cloud Storage Service

22 Červen, 2022 - 17:05
A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data. In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers point out how MEGA's system does not protect its users against a malicious server, thereby enabling a
Kategorie: Hacking & Security

Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign

22 Červen, 2022 - 12:08
A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021. To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — "scanalytic[.]org" and "js.staticounter[.]net" — are part of a broader infrastructure used to carry out the intrusions, Malwarebytes said in a Tuesday analysis
Kategorie: Hacking & Security

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

22 Červen, 2022 - 07:41
The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily closing the project after one of its team members responsible for critical operations passed away in
Kategorie: Hacking & Security

Former Amazon Employee Found Guilty in 2019 Capital One Data Breach

21 Červen, 2022 - 15:05
A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach. Paige Thompson, who operated under the online alias "erratic" and worked for the tech giant till 2016, was found guilty of wire fraud, five counts of unauthorized access to a protected
Kategorie: Hacking & Security

Mitigate Ransomware in a Remote-First World

21 Červen, 2022 - 13:34
Ransomware has been a thorn in the side of cybersecurity teams for years. With the move to remote and hybrid work, this insidious threat has become even more of a challenge for organizations everywhere. 2021 was a case study in ransomware due to the wide variety of attacks, significant financial and economic impact, and diverse ways that organizations responded. These attacks should be seen as a
Kategorie: Hacking & Security

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

21 Červen, 2022 - 11:05
A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay [Domain Controller authentication to [Active Directory
Kategorie: Hacking & Security

Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild

21 Červen, 2022 - 08:18
A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to
Kategorie: Hacking & Security

A Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage

21 Červen, 2022 - 08:18
A "dangerous piece of functionality" has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to mount attacks on cloud infrastructure and ransom files stored on SharePoint and OneDrive. The cloud ransomware attack makes it possible to launch file-encrypting malware to "encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable
Kategorie: Hacking & Security

Do You Have Ransomware Insurance? Look at the Fine Print

20 Červen, 2022 - 15:34
Insurance exists to protect the insured party against catastrophe, but the insurer needs protection so that its policies are not abused – and that's where the fine print comes in. However, in the case of ransomware insurance, the fine print is becoming contentious and arguably undermining the usefulness of ransomware insurance. In this article, we'll outline why, particularly given the current
Kategorie: Hacking & Security

BRATA Android Malware Gains Advanced Mobile Threat Capabilities

20 Červen, 2022 - 08:18
The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy. "In fact, the modus operandi now fits into an Advanced Persistent Threat (APT) activity pattern," Italian cybersecurity firm Cleafy said in a report last week. "This term is used to describe an attack campaign in which
Kategorie: Hacking & Security

Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication

20 Červen, 2022 - 07:11
Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance (ESA) and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication. Assigned the CVE identifier CVE-2022-20798, the bypass vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring system and stems from improper
Kategorie: Hacking & Security

Over a Dozen Flaws Found in Siemens' Industrial Network Management System

20 Červen, 2022 - 07:11
Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system (NMS), some of which could be chained by an attacker to achieve remote code execution on affected systems. "The vulnerabilities, if exploited, pose a number of risks to Siemens devices on the network including denial-of-service attacks, credential leaks, and remote code execution
Kategorie: Hacking & Security

Learn Cybersecurity with Palo Alto Networks Through this PCCSA Course @ 93% OFF

19 Červen, 2022 - 08:11
In the world of cybersecurity, reputation is everything. Most business owners have little understanding of the technical side, so they have to rely on credibility. Founded back in 2005, Palo Alto Networks is a cybersecurity giant that has earned the trust of the business community thanks to its impressive track record. The company now provides services to over 70,000 organizations in 150
Kategorie: Hacking & Security

Authorities Shut Down Russian RSOCKS Botnet That Hacked Millions of Devices

18 Červen, 2022 - 08:11
The U.S. Department of Justice (DoJ) on Thursday disclosed that it took down the infrastructure associated with a Russian botnet known as RSOCKS in collaboration with law enforcement partners in Germany, the Netherlands, and the U.K. The botnet, operated by a sophisticated cybercrime organization, is believed to have ensnared millions of internet-connected devices, including Internet of Things (
Kategorie: Hacking & Security

Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners

18 Červen, 2022 - 06:11
A recently patched critical security flaw in Atlassian Confluence Server and Data Center products is being actively weaponized in real-world attacks to drop cryptocurrency miners and ransomware payloads. In at least two of the Windows-related incidents observed by cybersecurity vendor Sophos, adversaries exploited the vulnerability to deliver Cerber ransomware and a crypto miner called z0miner
Kategorie: Hacking & Security

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

18 Červen, 2022 - 05:43
A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks
Kategorie: Hacking & Security

Researchers Uncover 'Hermit' Android Spyware Used in Kazakhstan, Syria, and Italy

18 Červen, 2022 - 05:43
An enterprise-grade surveillanceware dubbed Hermit has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years since 2019, new research has revealed. Lookout attributed the spy software, which is equipped to target both Android and iOS, to an Italian company named RCS Lab S.p.A and Tykelab Srl, a telecom services provider which it suspects to be a front
Kategorie: Hacking & Security

Reimagine Hybrid Work: Same CyberSec in Office and at Home

17 Červen, 2022 - 16:22
It was first the pandemic that changed the usual state of work - before, it was commuting, working in the office & coming home for most corporate employees. Then, when we had to adapt to the self-isolation rules, the work moved to home offices, which completely changed the workflow for many businesses.As the pandemic went down, we realized success never relied on where the work was done. Whether
Kategorie: Hacking & Security

Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability

17 Červen, 2022 - 11:10
WordPress websites using a widely used plugin named Ninja Forms have been updated automatically to remediate a critical security vulnerability that's suspected of having been actively exploited in the wild. The issue, which relates to a case of code injection, is rated 9.8 out of 10 for severity and affects multiple versions starting from 3.0. It has been fixed in 3.0.34.2, 3.1.10, 3.2.28,
Kategorie: Hacking & Security