The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger11169125
Aktualizace: 49 min 38 sek zpět

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers

2 Březen, 2023 - 13:39
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. "Underpinning this campaign was the use of transfer[.]sh," Cado Security said in a report shared with The Hacker News. "It's possible that it's an attempt at evading detections based on other common code Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comData Security / Cryptojacking37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

2 Březen, 2023 - 13:35
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser security vendor, finds that attackers are exploiting this reality and are targeting it in increasing
Kategorie: Hacking & Security

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

2 Březen, 2023 - 13:35
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser security vendor, finds that attackers are exploiting this reality and are targeting it in increasing The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comBrowser Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

2 Březen, 2023 - 13:21
A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind. "The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to an
Kategorie: Hacking & Security

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

2 Březen, 2023 - 13:21
A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind. "The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to an Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comSoftware Security / CodingSec37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

2 Březen, 2023 - 10:03
The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity company Trend Micro said
Kategorie: Hacking & Security

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

2 Březen, 2023 - 10:03
The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity company Trend Micro saidRavie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comLinux / Cyber Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack

2 Březen, 2023 - 06:17
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input. Successful
Kategorie: Hacking & Security

Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack

2 Březen, 2023 - 06:17
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input. Successful Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comEnterprise Security / Network Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

1 Březen, 2023 - 16:02
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It notably employs search engine optimization (
Kategorie: Hacking & Security

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

1 Březen, 2023 - 16:02
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It notably employs search engine optimization (Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comThreat Intelligence / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

1 Březen, 2023 - 13:32
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape. "This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled," Slovak cybersecurity company ESET said in a report shared with The Hacker News.
Kategorie: Hacking & Security

BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

1 Březen, 2023 - 13:32
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape. "This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled," Slovak cybersecurity company ESET said in a report shared with The Hacker News. Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comEndpoint Security / Cyber Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

CISOs Are Stressed Out and It's Putting Companies at Risk

1 Březen, 2023 - 13:30
Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of how employee mental health impacts business outcomes.  But for cybersecurity professionals, stress has always been a part of the job. A new survey revealed that one of the most concerning aspects of employee mental health is how it impacts cybersecurity programs and,
Kategorie: Hacking & Security

CISOs Are Stressed Out and It's Putting Companies at Risk

1 Březen, 2023 - 13:30
Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of how employee mental health impacts business outcomes.  But for cybersecurity professionals, stress has always been a part of the job. A new survey revealed that one of the most concerning aspects of employee mental health is how it impacts cybersecurity programs and, The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comThreat Detection and Response37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy

1 Březen, 2023 - 11:55
Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in late 2022. The data privacy controls enable "even more organizations to become arbiters of their own data and the sole party deciding who has access to it," Google's Ganesh Chilakapati and Andy Wen said. To that end, users can send and receive emails or
Kategorie: Hacking & Security

Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy

1 Březen, 2023 - 11:55
Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in late 2022. The data privacy controls enable "even more organizations to become arbiters of their own data and the sole party deciding who has access to it," Google's Ganesh Chilakapati and Andy Wen said. To that end, users can send and receive emails or Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comEncryption / Email Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques

1 Březen, 2023 - 08:11
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. "Once it has been successfully injected, attackers can interact with their victim via Windows Notepad that likely serves as a
Kategorie: Hacking & Security

Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques

1 Březen, 2023 - 08:11
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. "Once it has been successfully injected, attackers can interact with their victim via Windows Notepad that likely serves as a Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comCryptocurrency / Cyber Attack37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

28 Únor, 2023 - 15:59
Romanian cybersecurity company Bitdefender has released a free universal decryptor for a nascent file-encrypting malware known as MortalKombat. MortalKombat is a new ransomware strain that emerged in January 2023. It's based on a commodity ransomware dubbed Xorist and has been observed in attacks targeting entities in the U.S., the Philippines, the U.K., and Turkey. Xorist, detected since 2010,
Kategorie: Hacking & Security