The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 10 min 43 sek zpět

The Drop in Ransomware Attacks in 2024 and What it Means

8 Duben, 2024 - 13:23
The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048 cases. This is a 22% decrease in ransomware attacks compared to Q4 2023. Figure The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

8 Duben, 2024 - 10:36
A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs researcher Karla Agregado said. The email message, the company said, originates from an email
Kategorie: Hacking & Security

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

8 Duben, 2024 - 10:36
A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs researcher Karla Agregado said. The email message, the company said, originates from an email Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Google Sues App Developers Over Fake Crypto Investment App Scam

8 Duben, 2024 - 07:25
Google has filed a lawsuit in the U.S. against two app developers for allegedly engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam
Kategorie: Hacking & Security

Google Sues App Developers Over Fake Crypto Investment App Scam

8 Duben, 2024 - 07:25
Google has filed a lawsuit in the U.S. against two app developers for allegedly engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals in question are Yunfeng Sun (aka Alphonse Sun) and Hongnam Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

6 Duben, 2024 - 11:43
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution. It was addressed by the company as part of
Kategorie: Hacking & Security

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

6 Duben, 2024 - 11:43
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution. It was addressed by the company as part of Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

5 Duben, 2024 - 16:08
New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. "Malicious models represent a major risk to AI systems,
Kategorie: Hacking & Security

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

5 Duben, 2024 - 16:08
New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. "Malicious models represent a major risk to AI systems, Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

CISO Perspectives on Complying with Cybersecurity Regulations

5 Duben, 2024 - 13:18
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and
Kategorie: Hacking & Security

CISO Perspectives on Complying with Cybersecurity Regulations

5 Duben, 2024 - 13:18
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

5 Duben, 2024 - 11:40
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet FortiGuard Labs, clicking the URL
Kategorie: Hacking & Security

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

5 Duben, 2024 - 11:40
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet FortiGuard Labs, clicking the URL Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

5 Duben, 2024 - 09:48
Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week. "It employs the .NET (de)serialization feature to interact with a core
Kategorie: Hacking & Security

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

5 Duben, 2024 - 09:48
Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week. "It employs the .NET (de)serialization feature to interact with a core Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

5 Duben, 2024 - 09:15
Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the uncategorized monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Also previously linked to the exploitation spree is a Chinese
Kategorie: Hacking & Security

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

5 Duben, 2024 - 09:15
Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the uncategorized monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Also previously linked to the exploitation spree is a Chinese Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

4 Duben, 2024 - 17:42
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia,
Kategorie: Hacking & Security

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

4 Duben, 2024 - 17:42
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia,Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

4 Duben, 2024 - 17:30
An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. "The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions a significant fine for the incident," Cofense researcher Dylan Duncan said. The
Kategorie: Hacking & Security