πŸ”’
There are new articles available, click to refresh the page.
Before yesterdayThe Hacker News

Attackers Behind Trickbot Expanding Malware Distribution Channels

15 October 2021 at 14:40
The operators behind the pernicious TrickBot malware have resurfaced with new tricks that aim to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked under the monikers ITG23 and Wizard Spider, has been found to partner with other cybercrime gangs known Hive0105, Hive0106 (aka TA551 or Shathak),

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages

15 October 2021 at 14:23
A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva. The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers connected to an

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems

15 October 2021 at 14:10
The U.S. Cybersecurity Infrastructure and Security Agency (CISA) on Thursday warned of continued ransomware attacks aimed at disrupting water and wastewater facilities (WWS), highlighting five incidents that occurred between March 2019 and August 2021. "This activityβ€”which includes attempts to compromise system integrity via unauthorized accessβ€”threatens the ability of WWS facilities to provide

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

14 October 2021 at 16:30
Google's Threat Analysis Group (TAG) on ThursdayΒ saidΒ it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33% increase from 2020, the internet giant said, with the spike largelyΒ stemmingΒ from "blocking an

Critical Remote Hacking Flaws Disclosed in Linphone and MicroSIP Softphones

14 October 2021 at 16:16
Multiple security vulnerabilities have been disclosed in softphone software from Linphone and MicroSIP that could be exploited by an unauthenticated remote adversary to crash the client and even extract sensitive information like password hashes by simply making a malicious call. The vulnerabilities, which were discovered by Moritz Abrell of German pen-testing firm SySS GmbH, have since been

VirusTotal Releases Ransomware Report Based on Analysis of 80 Million Samples

14 October 2021 at 14:48
As many as 130 different ransomware families have been found to be active in 2020 and the first half of 2021, with Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran, and the U.K. emerging as the most affected territories, a comprehensive analysis of 80 million ransomware-related samples has revealed. Google's cybersecurity arm VirusTotal attributed a

The Ultimate SaaS Security Posture Management (SSPM) Checklist

14 October 2021 at 16:20
Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously assess security risk and manage the SaaS applications’ security posture. With enterprises having 1,000 or more employees relying on dozens to hundreds of apps, the need for deep visibility and remediation for SaaS security

Experts Warn of Unprotected Prometheus Endpoints Exposing Sensitive Information

14 October 2021 at 14:27
A large-scale unauthenticated scraping of publicly available and non-secured endpoints from older versions of Prometheus event monitoring and alerting solution could be leveraged to inadvertently leak sensitive information, according to the latest research. "Due to the fact that authentication and encryption support is relatively new, many organizations that use Prometheus haven't yet enabled

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets

13 October 2021 at 13:06
A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token (NFT) marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation. The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following

[eBook] The Guide for Reducing SaaS Applications Risk for Lean IT Security Teams

13 October 2021 at 12:52
The Software-as-a-service (SaaS) industry has gone from novelty to an integral part of today’s business world in just a few years. While the benefits to most organizations are clear – more efficiency, greater productivity, and accessibility – the risks that the SaaS model poses are starting to become visible. It’s not an overstatement to say that most companies today run on SaaS. This poses an

Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack

13 October 2021 at 05:49
Microsoft on Tuesday rolled outΒ security patchesΒ to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems. Two of the addressed security flaws are rated Critical, 68 are rated Important

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

12 October 2021 at 09:02
The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a trusted source. The list of the three flaws is as follows β€” CVE-2021-41830Β /Β CVE-2021-25633Β - Content and Macro Manipulation with

GitHub Revoked Insecure SSH Keys Generated by a Popular git Client

12 October 2021 at 07:57
Code hosting platform GitHub hasΒ revokedΒ weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys. As an added precautionary measure, the Microsoft-owned company also said it's building safeguards to prevent vulnerable versions of GitKraken from adding newly generated

Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers

12 October 2021 at 07:16
Microsoft on Monday revealed that its Azure cloud platform mitigated a 2.4 Tbps distributed denial-of-service (DDoS) attack in the last week of August targeting an unnamed customer in Europe, surpassing aΒ 2.3 Tbps attackΒ stopped by Amazon Web Services in February 2020. "This is 140 percent higher thanΒ 2020's 1 Tbps attackΒ and higher than any network volumetric event previously detected on Azure,

Microsoft Warns of Iran-Linked Hackers Targeting US and Israeli Defense Firms

12 October 2021 at 06:09
An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting US, EU, and Israeli defense technology companies, with additional activity observed against regional ports of entry in the Persian Gulf as well as maritime and cargo transportation companies focused in the Middle East. Microsoft is tracking the hacking crew under the

Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices

12 October 2021 at 03:02
Ukrainian law enforcement authorities on Monday disclosed the arrest of a hacker responsible for the creation and management of a "powerful botnet" consisting of over 100,000 enslaved devices that was used to carry out distributed denial-of-service (DDoS) and spam attacks on behalf of paid customers. The unnamed individual, from the Ivano-Frankivsk region of the country, is also said to have

Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability

12 October 2021 at 02:41
Apple on Monday released a security update for iOS and iPad to address a critical vulnerability that it says is being exploited in the wild, making it the 17th zero-day flaw the company has addressed in its products since the start of the year.' The weakness, assigned the identifierΒ CVE-2021-30883, concerns a memory corruption issue in the "IOMobileFrameBuffer" component that could allow an

Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack

11 October 2021 at 14:20
Although organizations commonly go to great lengths to address security vulnerabilities that may exist within their IT infrastructure, an organization's helpdesk might pose a bigger threat due to social engineering attacks. Social engineering is "the art of manipulating people so they give up confidential information," according toΒ Webroot. There are many different types of social engineering

Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo

11 October 2021 at 09:21
A prominent Togolese human rights defender has been targeted with spyware by a threat actor known for striking victims in South Asia, marking the hacking group's first foray into digital surveillance in Africa. Amnesty International tied the covert attack campaign to a collective tracked as "Donot Team" (aka APT-C-35), which has been linked to cyber offensives in India and Pakistan, while also
❌