Normal view

There are new articles available, click to refresh the page.
Today — 19 March 2024The Hacker News

Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In

19 March 2024 at 10:37
In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers (CISOs)—articulate the value and urgency of cybersecurity investments to their boards.&

Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks

By: Newsroom
19 March 2024 at 10:32
Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends. "Hosting phishing lures on DDP sites increases the likelihood

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices

By: Newsroom
19 March 2024 at 09:59
A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X. "The new variant [...] is an ELF binary compiled for x86 (not MIPS) and while it refers to similar devices/

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT

By: Newsroom
19 March 2024 at 05:28
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu. "The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT’s typical delivery mechanism by leveraging OLE (Object

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials

By: Newsroom
19 March 2024 at 04:47
A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized

Yesterday — 18 March 2024The Hacker News

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

By: Newsroom
18 March 2024 at 17:56
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky. "The malware payloads used in the DEEP#GOSU represent a

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

By: Newsroom
18 March 2024 at 12:58
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

By: Newsroom
18 March 2024 at 12:35
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs

WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw

By: Newsroom
18 March 2024 at 09:46
WordPress users of miniOrange's Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system and discovered by Stiofan. It impacts the following versions of the two plugins - Malware Scanner (

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

By: Newsroom
18 March 2024 at 05:59
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated

Before yesterdayThe Hacker News

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

By: Newsroom
16 March 2024 at 12:31
Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

By: Newsroom
15 March 2024 at 17:46
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions. "All the common synchronization primitives implemented

Third-Party ChatGPT Plugins Could Lead to Account Takeovers

By: Newsroom
15 March 2024 at 11:34
Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could allow attackers to install malicious plugins without users' consent

❌
❌