There are new articles available, click to refresh the page.
Before yesterdayThe Hacker News

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups

20 August 2021 at 15:44
ShadowPad, an infamous Windows backdoor that allows attackers to download further malicious modules or steal data, has been put to use by five different Chinese threat clusters since 2017. "The adoption of ShadowPad significantly reduces the costs of development and maintenance for threat actors," SentinelOne researchers Yi-Jhen Hsieh and Joey ChenΒ saidΒ in a detailed overview of the malware,

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps

20 August 2021 at 16:02
Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service (DDoS) attack recorded to date. The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industry last month. "Within seconds, the botnet bombarded the Cloudflare edge with over 330 million

WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws

22 August 2021 at 09:51
The U.S. Cybersecurity and Infrastructure Security Agency is warning of active exploitation attempts that leverage the latest line of "ProxyShell" Microsoft Exchange vulnerabilities that were patched earlier this May, including deploying LockFile ransomware on compromised systems. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, the vulnerabilities enable adversaries to bypass ACL

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems

23 August 2021 at 13:27
Close to 14 million Linux-based systems are directly exposed to the Internet, making them a lucrative target for an array of real-world attacks that could result in the deployment of malicious web shells, coin miners, ransomware, and other trojans. That's according to an in-depth look at the Linux threat landscape published by U.S.-Japanese cybersecurity firm Trend Micro, detailing the top

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

23 August 2021 at 13:48
ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed. "Primarily operating on Raid Forums, the collective's moniker and motivation can partly be

Navigating Vendor Risk Management as IT Professionals

23 August 2021 at 14:09
One of the great resources available to businesses today is the large ecosystem of value-added services and solutions. Especially in technology solutions, there is no end to the services of which organizations can avail themselves. In addition, if a business needs a particular solution or service they don't handle in-house, there is most likely a third-party vendor that can take care of that for

38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations

24 August 2021 at 09:58
More than 38 million records from 47 different entities that rely on Microsoft's Power Apps portals platform were inadvertently left exposed online, bringing into sharp focus a "new vector of data exposure." "The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants,

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

24 August 2021 at 11:06
Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more profitable in extracting payouts from victims. "While the ransomware crisis appears poised to get worse

Bahraini Activists Targeted Using a New iPhone Zero-Day Exploit From NSO Group

24 August 2021 at 12:08
A previously undisclosed "zero-click" exploit in Apple's iMessage was abused by Israeli surveillance vendor NSO Group to circumvent iOS security protections and target nine Bahraini activists. "The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq

Modified Version of WhatsApp for Android Spotted Installing Triada Trojan

24 August 2021 at 12:28
A modified version of the WhatsApp messaging app for Android has been trojanized to intercept text messages, serve malicious payloads, display full-screen ads, and sign up device owners for unwanted premium subscriptions without their knowledge. "The Trojan Triada snuck into one of these modified versions of the messenger called FMWhatsApp 16.80.0 together with the advertising software

New SideWalk Backdoor Targets U.S.-based Computer Retail Business

25 August 2021 at 07:27
A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a Chinese advanced persistent threat group primarily known for singling out entities in East and Southeast Asia. Slovak cybersecurity firm ESET attributed the malware to an advanced persistent threat it tracks under the moniker SparklingGoblin

B. Braun Infusomat Pumps Could Let Attackers Remotely Alter Medication Dosages

25 August 2021 at 10:28
Cybersecurity researchers have disclosed five previously unreported security vulnerabilities affecting B. Braun's Infusomat Space Large Volume Pump and SpaceStation that could be abused by malicious parties to tamper with medication doses without any prior authentication. McAfee, which discovered and reported the flaws to the German medical and pharmaceutical device company on January 11, 2021,Β 

Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions

25 August 2021 at 13:00
A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and stay under the radar. The previously undocumented malware has been dubbed "Sardonic" by Romanian

Preventing your Cloud 'Secrets' from Public Exposure: An IDE plugin solution

25 August 2021 at 13:12
I'm sure you would agree that, in today's digital world, the majority of applications we work on require some type of credentials – to connect to a database with a username/password, to access computer programs via authorized tokens, or API keys to invoke services for authentication. Credentials, or sometimes just referred to as 'Secrets,' are pieces of user or system-level confidential

Critical Flaw Discovered in Cisco APIC for Switches β€” Patch Released

26 August 2021 at 05:58
Cisco Systems on Wednesday issued patches to address a critical security vulnerability affecting the Application Policy Infrastructure Controller (APIC) interface used in its Nexus 9000 Series Switches that could be potentially abused to read or write arbitrary files on a vulnerable system. Tracked asΒ CVE-2021-1577Β (CVSS score: 9.1), the issue β€” which is due to improper access control β€” could

VMware Issues Patches to Fix New Flaws Affecting Multiple Products

26 August 2021 at 07:40
VMware on Wednesday shippedΒ security updatesΒ to address vulnerabilities in multiple products that could be potentially exploited by an attacker to take control of an affected system. The six security weaknesses (from CVE-2021-22022 through CVE-2021-22027, CVSS scores: 4.4 - 8.6) affect VMware vRealize Operations (prior to version 8.5.0), VMware Cloud Foundation (versions 3.x and 4.x), and

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access

26 August 2021 at 09:47
Forget watercooler conspiracies or boardroom battles. There's a new war in the office. As companies nudge their staff to return to communal workspaces, many workers don't actually want to – more than 50 percent of employees would rather quit, according toΒ research by EY.Β  While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft –

F5 Releases Critical Security Patch for BIG-IP and BIG-IQ Devices

26 August 2021 at 11:51
Enterprise security and network appliance vendor F5 has released patches for more thanΒ two dozen security vulnerabilitiesΒ affecting multiple versions of BIG-IP and BIG-IQ devices that could potentially allow an attacker to perform a wide range of malicious actions, including accessing arbitrary files, escalating privileges, and executing JavaScript code. Of the 29 bugs addressed, 13 are

The Increased Liability of Local In-home Propagation

26 August 2021 at 12:25
Today I discuss an attack vector conducive to cross-organizational spread, in-home local propagation. Though often overlooked, this vector is especially relevant today, as many corporate employees remain working from home. In this post, I contrast in-home local propagation with traditional vectors through which a threat (ransomware in particular) spreads throughout an organization. I discuss the