The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 44 min 2 sek zpět

OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers

5 Červenec, 2024 - 14:20
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020. The 840 Mpps DDoS attack is said to have been a combination of a TCP
Kategorie: Hacking & Security

OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers

5 Červenec, 2024 - 14:20
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020. The 840 Mpps DDoS attack is said to have been a combination of a TCP Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Blueprint for Success: Implementing a CTEM Operation

5 Červenec, 2024 - 13:00
The attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you’ve clicked on this article, there’s a good chance you’re looking for solutions to manage this risk. In 2022, a new framework was coined by Gartner
Kategorie: Hacking & Security

Blueprint for Success: Implementing a CTEM Operation

5 Červenec, 2024 - 13:00
The attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you’ve clicked on this article, there’s a good chance you’re looking for solutions to manage this risk. In 2022, a new framework was coined by GartnerThe Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

5 Červenec, 2024 - 10:40
The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week. "While some of the particulars of GootLoader payloads have
Kategorie: Hacking & Security

GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks

5 Červenec, 2024 - 10:40
The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week. "While some of the particulars of GootLoader payloads have Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

5 Červenec, 2024 - 06:18
The supply chain attack targeting the widely-used Polyfill[.]io JavaScript library is broader in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack
Kategorie: Hacking & Security

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

5 Červenec, 2024 - 06:18
The supply chain attack targeting the widely-used Polyfill[.]io JavaScript library is broader in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks

5 Červenec, 2024 - 05:52
Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers ("ootheca[.]pw" and "ootheca[.]top"). "Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six
Kategorie: Hacking & Security

New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks

5 Červenec, 2024 - 05:52
Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers ("ootheca[.]pw" and "ootheca[.]top"). "Functionally, Zergeca is not just a typical DDoS botnet; besides supporting sixNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

4 Červenec, 2024 - 11:10
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device," security researcher
Kategorie: Hacking & Security

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

4 Červenec, 2024 - 11:10
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device," security researcher Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Brazil Halts Meta's AI Data Processing Amid Privacy Concerns

4 Červenec, 2024 - 08:58
Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence (AI) algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to
Kategorie: Hacking & Security

Brazil Halts Meta's AI Data Processing Amid Privacy Concerns

4 Červenec, 2024 - 08:58
Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence (AI) algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike

4 Červenec, 2024 - 05:59
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike tool.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flagged
Kategorie: Hacking & Security

Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike

4 Červenec, 2024 - 05:59
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike tool.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flaggedNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Twilio's Authy App Attack Exposes Millions of Phone Numbers

4 Červenec, 2024 - 05:37
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters
Kategorie: Hacking & Security

Twilio's Authy App Breach Exposes Millions of Phone Numbers

4 Červenec, 2024 - 05:37
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

The Emerging Role of AI in Open-Source Intelligence

3 Červenec, 2024 - 13:00
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential growth of digital data in recent years has overwhelmed many traditional OSINT
Kategorie: Hacking & Security

The Emerging Role of AI in Open-Source Intelligence

3 Červenec, 2024 - 13:00
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential growth of digital data in recent years has overwhelmed many traditional OSINT The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security