The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger10711125
Aktualizace: 52 min 15 sek zpět

LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities

18 Listopad, 2022 - 13:53
The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities," Cisco Talos researcher Chris Neal said in a write-up published Thursday. Aside from being dropped Ravie Lakshmanan
Kategorie: Hacking & Security

Threat hunting with MITRE ATT&CK and Wazuh

18 Listopad, 2022 - 13:07
Threat hunting is the process of looking for malicious activity and its artifacts in a computer system or network. Threat hunting is carried out intermittently in an environment regardless of whether or not threats have been discovered by automated security solutions. Some threat actors may stay dormant in an organization's infrastructure, extending their access while waiting for the right The Hacker News
Kategorie: Hacking & Security

Hive Ransomware Attackers Extorted $100 Million from Over 1,300 Companies Worldwide

18 Listopad, 2022 - 08:47
The threat actors behind the Hive ransomware-as-a-service (RaaS) scheme have launched attacks against over 1,300 companies across the world, netting the gang $100 million in illicit payments as of November 2022. "Hive ransomware has targeted a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information Ravie Lakshmanan
Kategorie: Hacking & Security

W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack

18 Listopad, 2022 - 06:06
An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. "The threat actor is still active and is releasing more malicious packages," Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. "The attack seems related to cybercrime as the attacker Ravie Lakshmanan
Kategorie: Hacking & Security

Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign

17 Listopad, 2022 - 13:36
A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, dubbed Fangxiao by Cyjax, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017. "It targets businesses in multiple verticals including retail, banking,Ravie Lakshmanan
Kategorie: Hacking & Security

FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva

17 Listopad, 2022 - 11:11
A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims' bank accounts using malware called Zeus. Vyacheslav Igorevich Penchukov, who went by online pseu­do­nyms "tank" and "father," is alleged to have been involved in the day-to-day operations of the Ravie Lakshmanan
Kategorie: Hacking & Security

100 Apps, Endless Security Checks

17 Listopad, 2022 - 11:00
On average, organizations report using 102 business-critical SaaS applications, enabling operations of most departments across an organization, such as IT and Security, Sales, Marketing, R&D, Product Management, HR, Legal, Finance, and Enablement. An attack can come from any app, no matter how robust the app is.Without visibility and control over a critical mass of an organization’s entire SaaS The Hacker News
Kategorie: Hacking & Security

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

17 Listopad, 2022 - 07:58
Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems. Cybersecurity firm Rapid7 said the flaws could be abused to remote access to the devices and defeat security constraints. The issues impact BIG-IP versions 13.x, 14.x, 15.x, 16.x, and 17.x, and BIG-IQ Centralized Management versions 7.xRavie Lakshmanan
Kategorie: Hacking & Security

Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit

17 Listopad, 2022 - 07:22
Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), come in response to incident response efforts undertaken by the authority from mid-June through mid-July 2022Ravie Lakshmanan
Kategorie: Hacking & Security

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

17 Listopad, 2022 - 06:56
Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey, and the U.S. "Dtrack allows criminals to upload, download, start or delete files on the victim host," Kaspersky researchers Konstantin Zykov and Jornt van der Wiel Ravie Lakshmanan
Kategorie: Hacking & Security

Researchers Discover Hundreds of Amazon RDS Instances Leaking Users' Personal Data

16 Listopad, 2022 - 14:04
Hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident response company, show. "Leaking PII in this manner provides a potential treasure trove for threat actors – either during the reconnaissance phase of the cyber kill chain or extortionware/ransomware campaigns," researchers ArielRavie Lakshmanan
Kategorie: Hacking & Security

7 Reasons to Choose an MDR Provider

16 Listopad, 2022 - 13:19
According to a recent survey, 90% of CISOs running teams in small to medium-sized enterprises (SMEs) use a managed detection and response (MDR) service. That’s a 53% increase from last year. Why the dramatic shift to MDR? CISOs at organizations of any size, but especially SMEs, are realizing that the threat landscape and the way we do cybersecurity are among the many things that will never lookThe Hacker News
Kategorie: Hacking & Security

Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers

16 Listopad, 2022 - 08:35
Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service (DDoS) attacks against game servers. "In fact, it turns out that this campaign is less like RapperBot than an older campaign that appeared in February and then mysteriously disappeared in the middle of April," Fortinet Ravie Lakshmanan
Kategorie: Hacking & Security

Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023

16 Listopad, 2022 - 06:24
Internet behemoth Google on Tuesday said it plans to roll out Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year. "The Privacy Sandbox Beta will be available for ad tech and app developers who wish to test the ads-related APIs as part of their solutions," the company said. To that end, developers will need to complete an enrollment process in order Ravie Lakshmanan
Kategorie: Hacking & Security

Critical RCE Flaw Reported in Spotify's Backstage Software Catalog and Developer Platform

15 Listopad, 2022 - 18:01
Spotify's Backstage has been discovered as vulnerable to a severe security flaw that could be exploited to gain remote code execution by leveraging a recently disclosed bug in a third-party module. The vulnerability (CVSS score: 9.8), at its core, takes advantage of a critical sandbox escape in vm2, a popular JavaScript sandbox library (CVE-2022-36067 aka Sandbreak), that came to light last Ravie Lakshmanan
Kategorie: Hacking & Security

PCspooF: New Vulnerability Affects Networking Tech Used by Spacecraft and Aircraft

15 Listopad, 2022 - 17:33
Credit: Marina Minkin A novel attack method has been disclosed against a crucial piece of technology called time-triggered ethernet (TTE) that's used in safety-critical infrastructure, potentially causing the failure of systems powering spacecraft and aircraft. Dubbed PCspooF by a group of academics and researchers from the University of Michigan, the University of Pennsylvania, and the NASA Ravie Lakshmanan
Kategorie: Hacking & Security

Researchers Reported Critical SQLi and Access Flaws in Zendesk Analytics Service

15 Listopad, 2022 - 14:49
Cybersecurity researchers have disclosed details of now-patched flaws in Zendesk Explore that could have been exploited by an attacker to gain unauthorized access to information from customer accounts that have the feature turned on. "Before it was patched, the flaw would have allowed threat actors to access conversations, email addresses, tickets, comments, and other information from Zendesk Ravie Lakshmanan
Kategorie: Hacking & Security

Deep Packet Inspection vs. Metadata Analysis of Network Detection & Response (NDR) Solutions

15 Listopad, 2022 - 13:58
Today, most Network Detection and Response (NDR) solutions rely on traffic mirroring and Deep Packet Inspection (DPI). Traffic mirroring is typically deployed on a single-core switch to provide a copy of the network traffic to a sensor that uses DPI to thoroughly analyze the payload. While this approach provides detailed analysis, it requires large amounts of processing power and is blind when The Hacker News
Kategorie: Hacking & Security

Researchers Say China State-backed Hackers Breached a Digital Certificate Authority

15 Listopad, 2022 - 12:03
A suspected Chinese state-sponsored actor breached a digital certificate authority as well as government and defense agencies located in different countries in Asia as part of an ongoing campaign since at least March 2022. Symantec, by Broadcom Software, linked the attacks to an adversarial group it tracks under the name Billbug, citing the use of tools previously attributed to this actor. The Ravie Lakshmanan
Kategorie: Hacking & Security

Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location

15 Listopad, 2022 - 07:11
Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. "Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information," Oregon Attorney General Ellen Ravie Lakshmanan
Kategorie: Hacking & Security