The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 6 min 28 sek zpět

Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk

11 Červenec, 2024 - 14:31
The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an "advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been designated DodgeBox by Zscaler ThreatLabz, which discovered the loader strain inNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Streamlined Security Solutions: PAM for Small to Medium-sized Businesses

11 Červenec, 2024 - 13:00
Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit
Kategorie: Hacking & Security

Streamlined Security Solutions: PAM for Small to Medium-sized Businesses

11 Červenec, 2024 - 13:00
Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

11 Červenec, 2024 - 12:12
Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis,
Kategorie: Hacking & Security

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

11 Červenec, 2024 - 12:12
Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis, Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

11 Červenec, 2024 - 07:19
Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. It
Kategorie: Hacking & Security

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

11 Červenec, 2024 - 07:19
Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. ItNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

11 Červenec, 2024 - 05:51
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CE/EE affecting versions 15.8 prior to 16.11.6, 17.0 prior to
Kategorie: Hacking & Security

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

11 Červenec, 2024 - 05:51
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CE/EE affecting versions 15.8 prior to 16.11.6, 17.0 prior to Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

10 Červenec, 2024 - 15:06
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target
Kategorie: Hacking & Security

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

10 Červenec, 2024 - 15:06
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Smash-and-Grab Extortion

10 Červenec, 2024 - 13:30
The Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:  53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days. More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities.
Kategorie: Hacking & Security

Smash-and-Grab Extortion

10 Červenec, 2024 - 13:30
The Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:  53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days. More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities. The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited

10 Červenec, 2024 - 13:05
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser
Kategorie: Hacking & Security

Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited

10 Červenec, 2024 - 13:05
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

True Protection or False Promise? The Ultimate ITDR Shortlisting Guide

10 Červenec, 2024 - 13:00
It’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The
Kategorie: Hacking & Security

True Protection or False Promise? The Ultimate ITDR Shortlisting Guide

10 Červenec, 2024 - 13:00
It’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

10 Červenec, 2024 - 12:06
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on
Kategorie: Hacking & Security

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

10 Červenec, 2024 - 12:06
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia

10 Červenec, 2024 - 09:20
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News.
Kategorie: Hacking & Security