πŸ”’
There are new articles available, click to refresh the page.
Yesterday β€” 23 October 2021The Hacker News

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

23 October 2021 at 16:25
Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in

Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

23 October 2021 at 08:22
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked andΒ taken offlineΒ for a second time earlier this week, in what's theΒ latest actionΒ taken by governments to disrupt the lucrative ecosystem. The takedown was first reported byΒ Reuters, quoting multiple private-sector cyber experts working with the

Popular NPM Package Hijacked to Publish Crypto-mining Malware

23 October 2021 at 04:42
The U.S. Cybersecurity and Infrastructure Security Agency on FridayΒ warnedΒ of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source library saw three
Before yesterdayThe Hacker News

'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs

22 October 2021 at 15:01
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a "lone wolf" threat actor operating a Lahore-based fake IT company called Bunse

Hackers Set Up Fake Company to Get IT Experts to Launch Ransomware Attacks

22 October 2021 at 13:28
The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme. "With FIN7's latest fake company, the criminal group leveraged true, publicly available information from various legitimate cybersecurity

Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild

22 October 2021 at 12:41
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware "FiveSys," calling out its possible credential theft and in-game-purchase hijacking

Before and After a Pen Test: Steps to Get Through It

21 October 2021 at 17:52
An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can also help validate remedial

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

21 October 2021 at 13:16
A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version of the software running version 5.70. "This

Product Overview: Cynet SaaS Security Posture Management (SSPM)

21 October 2021 at 13:07
Software-as-a-service (SaaS) applications have gone from novelty to business necessity in a few short years, and its positive impact on organizations is clear. It’s safe to say that most industries today run on SaaS applications, which is undoubtedly positive, but it does introduce some critical new challenges to organizations.Β  As SaaS application use expands, as well as the number of

Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices

21 October 2021 at 11:00
Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question β€” namedΒ okhsa,Β klow, andΒ klownΒ β€” were published by the same

U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes

21 October 2021 at 07:43
The U.S. Commerce Department on Wednesday announced new rules barring the sales of hacking software and equipment to authoritarian regimes and potentially facilitate human rights abuse for national security (NS) and anti-terrorism (AT) reasons. TheΒ mandate, which is set to go into effect in 90 days, will forbid the export, reexport and transfer of "cybersecurity items" to countries of "national

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts

21 October 2021 at 07:03
Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's Threat Analysis Group (TAG), which said it disrupted financially motivated phishing campaigns targeting

Two Eastern Europeans Sentenced for Providing Bulletproof Hosting to Cyber Criminals

21 October 2021 at 03:42
Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, have been each sentenced to 24 months and 48 months in prison,

Researchers Break Intel SGX With New 'SmashEx' CPU Attack Technique

20 October 2021 at 13:27
A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems. The vulnerability (CVE-2021-0186, CVSS score: 8.2) was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense

OWASP's 2021 List Shuffle: A New Battle Plan and Primary Foe

20 October 2021 at 08:16
Code injection attacks, the infamous king of vulnerabilities, have lost the top spot to broken access control as the worst of the worst, and developers need to take notice. In this increasingly chaotic world, there have always been a few constants that people could reliably count on: The sun will rise in the morning and set again at night, Mario will always be cooler than Sonic the Hedgehog, and

LightBasin Hackers Breach at Least 13 Telecom Service Providers Since 2019

20 October 2021 at 08:01
A highly sophisticated adversary named LightBasin has been identified as behind a string of attacks targeting the telecom sector with the goal of collecting "highly specific information" from mobile communication infrastructure, such as subscriber information and call metadata.Β  "The nature of the data targeted by the actor aligns with information likely to be of significant interest to signals

Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices

20 October 2021 at 07:20
Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism. Tracked asΒ CVE-2021-42299Β (CVSS score: 5.6), the issue has been codenamed "TPM Carte Blanche" by Google software engineer Chris

Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services

19 October 2021 at 15:07
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine.Β  Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used

A New Variant of FlawedGrace Spreading Through Mass Email Campaigns

19 October 2021 at 12:03
Cybersecurity researchers on Tuesday took the wraps off a mass volume email attack staged by a prolific cybercriminal gang affecting a wide range of industries, with one of its region-specific operations notably targeting Germany and Austria. Enterprise security firm Proofpoint tied the malware campaign with high confidence toΒ TA505, which is the name assigned to the financially motivated threat
❌