The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 34 min 3 sek zpět

BlackCat Ransomware Gang Targeting Unpatched Microsoft Exchange Servers

17 Červen, 2022 - 04:32
Microsoft is warning that the BlackCat ransomware crew is leveraging exploits for unpatched Exchange server vulnerabilities to gain access to targeted networks. Upon gaining an entry point, the attackers swiftly moved to gather information about the compromised machines, followed by carrying out credential theft and lateral movement activities, before harvesting intellectual property and
Kategorie: Hacking & Security

MaliBot: A New Android Banking Trojan Spotted in the Wild

17 Červen, 2022 - 04:32
A new strain of Android malware has been spotted in the wild targeting online banking and cryptocurrency wallet customers in Spain and Italy, just weeks after a coordinated law enforcement operation dismantled FluBot. The information stealing trojan, codenamed MaliBot by F5 Labs, is as feature-rich as its counterparts, allowing it to steal credentials and cookies, bypass multi-factor
Kategorie: Hacking & Security

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

16 Červen, 2022 - 15:39
Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 (CVSS score: 8.1), the issue relates to a case of deserialization of untrusted data in a supported feature called "AutoType." It was patched by the project maintainers in 
Kategorie: Hacking & Security

Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning

16 Červen, 2022 - 13:06
For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning is a must, while network-based scanning is an optional extra. This article will go in-depth on the
Kategorie: Hacking & Security

New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials

16 Červen, 2022 - 05:13
A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially escalate their access to targeted organizations and gain access to various internal services and steal
Kategorie: Hacking & Security

Technical Details Released for 'SynLapse' RCE Vulnerability Reported in Microsoft Azure

16 Červen, 2022 - 05:13
Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The latest safeguards include moving the shared integration runtimes to sandboxed ephemeral instances and using scoped tokens to prevent adversaries from using a client
Kategorie: Hacking & Security

Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens

16 Červen, 2022 - 05:13
An unpatched security issue in the Travis CI API has left tens of thousands of developers' user tokens exposed to potential attacks, effectively allowing threat actors to breach cloud infrastructures, make unauthorized code changes, and initiate supply chain attacks. "More than 770 million logs of free tier users are available, from which you can easily extract tokens, secrets, and other
Kategorie: Hacking & Security

New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs

16 Červen, 2022 - 05:12
A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack. Dubbed Hertzbleed by a group of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, the issue is rooted in dynamic voltage and frequency scaling (DVFS), a power and
Kategorie: Hacking & Security

Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers

16 Červen, 2022 - 05:12
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to maximize spreadability and execute malware modules" and "harvests SSH keys to perform lateral movement." <!--adsense--> The feature-packed
Kategorie: Hacking & Security

Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability

16 Červen, 2022 - 05:10
Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five more shortcomings were resolved in the Microsoft Edge browser. <!--adsense-->
Kategorie: Hacking & Security

Comprehensive, Easy Cybersecurity for Lean IT Security Teams Starts with XDR

15 Červen, 2022 - 11:46
Breaches don't just happen to large enterprises. Threat actors are increasingly targeting small businesses. In fact, 43% of data breaches involved small to medium-sized businesses. But there is a glaring discrepancy. Larger businesses typically have the budget to keep their lights on if they are breached. Most small businesses (83%), however, don't have the financial resources to recover if they
Kategorie: Hacking & Security

Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second

15 Červen, 2022 - 08:16
Cloudflare on Tuesday disclosed that it had acted to prevent a record-setting 26 million request per second (RPS) distributed denial-of-service (DDoS) attack last week, making it the largest HTTPS DDoS attack detected to date. The web performance and security company said the attack was directed against an unnamed customer website using its Free plan and emanated from a "powerful" botnet of
Kategorie: Hacking & Security

What is the Essential Eight (And Why Non-Aussies Should Care)

14 Červen, 2022 - 16:51
In 2017, The Australian Cyber Security Center (ACSC) published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as the Essential Eight, are designed specifically for use on Windows networks, although variations of these strategies are commonly applied to other platforms. What is
Kategorie: Hacking & Security

Chinese 'Gallium' Hackers Using New PingPull Malware in Cyberespionage Attacks

14 Červen, 2022 - 12:16
A Chinese advanced persistent threat (APT) known as Gallium has been observed using a previously undocumented remote access trojan in its espionage attacks targeting companies operating in Southeast Asia, Europe, and Africa. Called PingPull, the "difficult-to-detect" backdoor is notable for its use of the Internet Control Message Protocol (ICMP) for command-and-control (C2) communications,
Kategorie: Hacking & Security

New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets"

14 Červen, 2022 - 10:54
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. "The Syslogk rootkit is heavily based on Adore-Ng but incorporates new functionalities making the user-mode application and the kernel rootkit hard to detect," Avast security
Kategorie: Hacking & Security

Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier

14 Červen, 2022 - 10:31
As many as eight zero-day vulnerabilities have been disclosed in Carrier's LenelS2 HID Mercury access control system that's used widely in healthcare, education, transportation, and government facilities. "The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and lock doors, subvert alarms and undermine logging and notification systems," Trellix security
Kategorie: Hacking & Security

Researchers Detail PureCrypter Loader Cyber Criminals Using to Distribute Malware

14 Červen, 2022 - 10:02
Cybersecurity researchers have detailed the workings of a fully-featured malware loader dubbed PureCrypter that's being purchased by cyber criminals to deliver remote access trojans (RATs) and information stealers. "The loader is a .NET executable obfuscated with SmartAssembly and makes use of compression, encryption, and obfuscation to evade antivirus software products," Zscaler's Romain Dumont
Kategorie: Hacking & Security

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

14 Červen, 2022 - 08:59
A novel hardware attack dubbed PACMAN has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems. It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT
Kategorie: Hacking & Security

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

14 Červen, 2022 - 08:58
Cybersecurity researchers have disclosed details of two medium-security flaws in Mitel 6800/6900 desk phones that, if successfully exploited, could allow an attacker to gain root privileges on the devices. Tracked as CVE-2022-29854 and CVE-2022-29855 (CVSS score: 6.8), the access control issues were discovered by German penetration testing firm SySS, following which patches were shipped in May
Kategorie: Hacking & Security

Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks

13 Červen, 2022 - 15:56
The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom .NET-based backdoor in recent campaigns directed against the Middle East. "The new malware is a .NET based DNS Backdoor which is a customized version of the open source tool 'DIG.net,'" Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a report published last week. "
Kategorie: Hacking & Security