The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger10713125
Aktualizace: 40 min 55 sek zpět

Re-Focusing Cyber Insurance with Security Validation

10 Listopad, 2022 - 08:30
The rise in the costs of data breaches, ransomware, and other cyber attacks leads to rising cyber insurance premiums and more limited cyber insurance coverage. This cyber insurance situation increases risks for organizations struggling to find coverage or facing steep increases. Some Akin Gump Strauss Hauer & Feld LLP's law firm clients, for example, reported a three-fold increase in insurance The Hacker News
Kategorie: Hacking & Security

New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models

10 Listopad, 2022 - 07:36
PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. "The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS," Slovak cybersecurity firm ESET explained in a series of tweets. UEFI Ravie Lakshmanan
Kategorie: Hacking & Security

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network

9 Listopad, 2022 - 14:47
The Russia-linked APT29 nation-state actor has been found leveraging a "lesser-known" Windows feature called Credential Roaming following a successful phishing attack against an unnamed European diplomatic entity. "The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting," Mandiant researcher Thibault Van Geluwe de Berlaere said in a Ravie Lakshmanan
Kategorie: Hacking & Security

Several Cyber Attacks Observed Leveraging IPFS Decentralized Network

9 Listopad, 2022 - 14:06
A number of phishing campaigns are leveraging the decentralized InterPlanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure, and facilitate other attacks. "Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks," Cisco Talos researcher Edmund Brumaghin said in an analysis shared with The Hacker News. Ravie Lakshmanan
Kategorie: Hacking & Security

Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network

9 Listopad, 2022 - 12:01
The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet. Called Cloud9 by security firm Zimperium, the malicious browser add-on comes with a wide range of features that enables it to siphon cookies, log keystrokes, inject Ravie Lakshmanan
Kategorie: Hacking & Security

Top 5 API Security Myths That Are Crushing Your Business

9 Listopad, 2022 - 11:18
There are several myths and misconceptions about API security. These myths about securing APIs are crushing your business.  Why so? Because these myths are widening your security gaps. This is making it easier for attackers to abuse APIs. And API attacks are costly. Of course, you will have to bear financial losses. But there are other consequences too:  Reputational damage  Customer attritionThe Hacker News
Kategorie: Hacking & Security

New IceXLoader Malware Loader Variant Infected Thousands of Victims Worldwide

9 Listopad, 2022 - 11:15
An updated version of a malware loader codenamed IceXLoader is suspected of having compromised thousands of personal and enterprise Windows machines across the world. IceXLoader is a commodity malware that's sold for $118 on underground forums for a lifetime license. It's chiefly employed to download and execute additional malware on breached hosts. This past June, Fortinet FortiGuard Labs said Ravie Lakshmanan
Kategorie: Hacking & Security

VMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software

9 Listopad, 2022 - 07:04
VMware has patched five security flaws affecting its Workspace ONE Assist solution, some of which could be exploited to bypass authentication and obtain elevated permissions. Topping the list are three critical vulnerabilities tracked as CVE-2022-31685, CVE-2022-31686, and CVE-2022-31687. All the shortcomings are rated 9.8 on the CVSS vulnerability scoring system. CVE-2022-31685 is an Ravie Lakshmanan
Kategorie: Hacking & Security

Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days

9 Listopad, 2022 - 06:16
Microsoft's latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days. 12 of the issues are rated Critical, two are rated High, and 55 are rated Important in severity. This also includes the weaknesses that were closed out by OpenSSL the previous week. Also separately Ravie Lakshmanan
Kategorie: Hacking & Security

Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines

8 Listopad, 2022 - 15:52
The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned. "Amadey bot, the malware that is used to install LockBit, is being distributed through two methods: one using a malicious Word document file, and the other using an executable that takes the disguise of the Word file icon," AhnLab Security Emergency Response Center (ASEC) said in a Ravie Lakshmanan
Kategorie: Hacking & Security

New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader

8 Listopad, 2022 - 14:40
Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader. SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts as a conduit for other commodity trojans like SystemBC and Raccoon Stealer 2.0, according to an analysis from Cyble. Observed in Ravie Lakshmanan
Kategorie: Hacking & Security

U.S. Seizes Over 50K Bitcoin Worth $3.3 Billion Linked to Silk Road Dark Web

8 Listopad, 2022 - 12:37
The U.S. Department of Justice (DoJ) on Monday said it seized 50,676 Bitcoin in November 2021 that was stolen in the 2012 hack of the now-defunct Silk Road dark web marketplace. The bitcoin, which was obtained in 2012 and valued at $3.36 billion when it was discovered last year, is now worth $1.04 billion. Additionally recovered were $661,900 in cash, 25 Casascius coins with an approximate valueRavie Lakshmanan
Kategorie: Hacking & Security

5 Reasons to Consolidate Your Tech Stack

8 Listopad, 2022 - 12:30
The news surrounding the slowing economy has many wondering how much of an impact it will have on their businesses – and lives. And there's good reason to start preparing.  A recent survey by McKinsey & Company found that 85% of small and midsize businesses plan to increase their security spending heading into 2023, while Gartner recently projected that 2022 IT spending will only grow by 3%, The Hacker News
Kategorie: Hacking & Security

Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack

7 Listopad, 2022 - 16:24
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was "consistent with the precursors to a ransomware event," prompting it to isolate its systems, but not Ravie Lakshmanan
Kategorie: Hacking & Security

This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others

7 Listopad, 2022 - 15:46
Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. The existence of the tool, which is buried inside a Help Center page about "Friending," was first reported by Business Insider last week. It's offered as a way for "Non-users" to "exercise their rights under applicable laws."
Kategorie: Hacking & Security

Experts Find URLScan Security Scanner Inadvertently Leaks Sensitive URLs and Data

7 Listopad, 2022 - 11:49
Security researchers are warning of "a trove of sensitive information" leaking through, a website scanner for suspicious and malicious URLs. "Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable," Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022. The Ravie Lakshmanan
Kategorie: Hacking & Security

Robin Banks Phishing Service for Cybercriminals Returns with Russian Server

7 Listopad, 2022 - 08:36
A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after "Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day disruption to operations," according to a report from cybersecurity company IronNet. Robin Banks was Ravie Lakshmanan
Kategorie: Hacking & Security

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

5 Listopad, 2022 - 09:35
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers' machines with a malware called W4SP Stealer. "The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22," software supply chain Ravie Lakshmanan
Kategorie: Hacking & Security

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

5 Listopad, 2022 - 07:00
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has "observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability," making it imperative that Ravie Lakshmanan
Kategorie: Hacking & Security

Researchers Detail New Malware Campaign Targeting Indian Government Employees

4 Listopad, 2022 - 14:43
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. "This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications," Zscaler ThreatLabz researcher Sudeep Singh said Ravie Lakshmanan
Kategorie: Hacking & Security