The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger11196125
Aktualizace: 25 sek zpět

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

17 Březen, 2023 - 12:22
Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware. "All of them are after victims' cryptocurrency funds, with several targeting cryptocurrency wallets," ESET researchers Lukáš Štefanko and Peter Strýček said in a new analysis. While the first instance of Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCryptocurrency / Mobile Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

17 Březen, 2023 - 09:06
The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report shared with The
Kategorie: Hacking & Security

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

17 Březen, 2023 - 09:06
The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report shared with The Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Attack / Cyber Espionage37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

17 Březen, 2023 - 08:53
Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo, Google, wearables using the Exynos W920 chipset, and vehicles equipped with the Exynos Auto T5123
Kategorie: Hacking & Security

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

17 Březen, 2023 - 08:53
Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo, Google, wearables using the Exynos W920 chipset, and vehicles equipped with the Exynos Auto T5123 Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comMobile Security / Firmware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

16 Březen, 2023 - 17:30
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL side-loading techniques to deliver the commercial adversary simulation software. The development comes as 
Kategorie: Hacking & Security

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

16 Březen, 2023 - 17:30
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL side-loading techniques to deliver the commercial adversary simulation software. The development comes as Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Threat Intelligence37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

16 Březen, 2023 - 15:39
The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aimed at containerized environments to ultimately steal proprietary data and software. Specifically, the
Kategorie: Hacking & Security

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

16 Březen, 2023 - 15:39
The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aimed at containerized environments to ultimately steal proprietary data and software. Specifically, the Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCryptojacking / Cyber Attack37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

16 Březen, 2023 - 11:46
A coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began its operations in August 2017. "The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking,
Kategorie: Hacking & Security

Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

16 Březen, 2023 - 11:46
A coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began its operations in August 2017. "The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Crime / Cryptocurrency37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

What's Wrong with Manufacturing?

16 Březen, 2023 - 09:12
In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also the most represented Industry in our CyberSOC dataset – contributing more Incidents than any other
Kategorie: Hacking & Security

What's Wrong with Manufacturing?

16 Březen, 2023 - 09:12
In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also the most represented Industry in our CyberSOC dataset – contributing more Incidents than any other The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency

16 Březen, 2023 - 08:34
Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC).
Kategorie: Hacking & Security

Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency

16 Březen, 2023 - 08:34
Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC). Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Attack / Vulnerability37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild

16 Březen, 2023 - 06:47
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 (CVSS score: 8.6), which could be exploited by a threat actor to achieve arbitrary code execution. "Adobe ColdFusion
Kategorie: Hacking & Security

CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild

16 Březen, 2023 - 06:47
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 (CVSS score: 8.6), which could be exploited by a threat actor to achieve arbitrary code execution. "Adobe ColdFusion Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comZero-Day / Vulnerability37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

15 Březen, 2023 - 15:49
A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials from multiple applications, browser histories and cookies, system information and screenshots," Cisco
Kategorie: Hacking & Security

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

15 Březen, 2023 - 15:49
A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials from multiple applications, browser histories and cookies, system information and screenshots," Cisco Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCyber Espionage / Data Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

15 Březen, 2023 - 12:11
Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023. "The novel Dero cryptojacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening on non-standard ports accessible from the internet," CrowdStrike said in a new report shared with The
Kategorie: Hacking & Security