The Hacker News
![zdroj The Hacker News Syndikovat obsah](/misc/feed.png)
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 7 min 57 sek zpět
HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams.
"Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News.
Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents.
"A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a PowerShell environment within AutoIt for operations," Trellix security researchers Mathanraj Thangaraju and Sijo Jacob
Kategorie: Hacking & Security
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents.
"A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a PowerShell environment within AutoIt for operations," Trellix security researchers Mathanraj Thangaraju and Sijo JacobNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).
The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1
Kategorie: Hacking & Security
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).
The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1 Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge
Kategorie: Hacking & Security
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining.
"Misconfigurations such as improperly set up authentication mechanisms expose the '/script' endpoint to attackers," Trend Micro's Shubham Singh and Sunil Bharti said in a technical write-up
Kategorie: Hacking & Security
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining.
"Misconfigurations such as improperly set up authentication mechanisms expose the '/script' endpoint to attackers," Trend Micro's Shubham Singh and Sunil Bharti said in a technical write-up Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
HUMINT: Diving Deep into the Dark Web
Discover how cybercriminals behave in Dark Web forums- what services they buy and sell, what motivates them, and even how they scam each other.
Clear Web vs. Deep Web vs. Dark Web
Threat intelligence professionals divide the internet into three main components:
Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites.
Deep Web -
Kategorie: Hacking & Security
HUMINT: Diving Deep into the Dark Web
Discover how cybercriminals behave in Dark Web forums- what services they buy and sell, what motivates them, and even how they scam each other.
Clear Web vs. Deep Web vs. Dark Web
Threat intelligence professionals divide the internet into three main components:
Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites.
Deep Web - The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo.
The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack
Kategorie: Hacking & Security
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo.
The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release.
"APT40 has previously targeted organizations in various countries, including
Kategorie: Hacking & Security
Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release.
"APT40 has previously targeted organizations in various countries, including Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack.
"This attack stands out due to the high variability across packages," Phylum said in an analysis published last week.
"The attacker has cleverly hidden the malware in the seldom-used 'end' function of
Kategorie: Hacking & Security
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack.
"This attack stands out due to the high variability across packages," Phylum said in an analysis published last week.
"The attacker has cleverly hidden the malware in the seldom-used 'end' function of Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
New APT Group "CloudSorcerer" Targets Russian Government Entities
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration.
Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but
Kategorie: Hacking & Security
New APT Group "CloudSorcerer" Targets Russian Government Entities
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration.
Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites
An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes.
"Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proof-of-concept (PoC) report published last week. "
Kategorie: Hacking & Security
- « první
- ‹ předchozí
- …
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- následující ›
- poslední »