πŸ”’
❌
There are new articles available, click to refresh the page.
Today β€” 18 August 2022The Hacker News

Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware

18 August 2022 at 17:11
A .NET-based evasive crypter namedΒ DarkTortillaΒ has been used by threat actors to distribute a broad array of commodity malware as well as targeted payloads like Cobalt Strike and Metasploit, likelyΒ since 2015. "It can also deliver 'add-on packages' such as additional malicious payloads, benign decoy documents, and executables," cybersecurity firm SecureworksΒ saidΒ in a Wednesday report. "It

China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year

18 August 2022 at 13:33
The Chinese advanced persistent threat (APT) actor tracked as Winnti (aka APT41) has targeted at least 13 organizations geographically spanning across the U.S, Taiwan, India, Vietnam, and China against the backdrop of four different campaigns in 2021. "The targeted industries included the public sector, manufacturing, healthcare, logistics, hospitality, education, as well as the media and

Hackers Using Bumblebee Loader to Compromise Active Directory Services

18 August 2022 at 09:20
The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. "Bumblebee operators conduct intensive reconnaissance activities and redirect the output of executed commands to files for exfiltration," Cybereason researchers Meroujan Antonyan and

Penetration Testing or Vulnerability Scanning? What's the Difference?

18 August 2022 at 09:10
Pentesting and vulnerability scanning are often confused for the same service. The problem is, business owners often use one when they really need the other. Let's dive in and explain the differences. People frequently confuse penetration testing and vulnerability scanning, and it's easy to see why. Both look for weaknesses in your IT infrastructure by exploring your systems in the same way an

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

18 August 2022 at 03:08
Apple on Wednesday released security updates forΒ iOS, iPadOS, andΒ macOSΒ platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893Β - An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894Β - An
Yesterday β€” 17 August 2022The Hacker News

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

17 August 2022 at 13:59
In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development. "This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerousΒ XenomorphΒ banking trojan, allowing criminals

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

17 August 2022 at 12:02
Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked asΒ CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input inΒ Intents. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on

Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers

17 August 2022 at 10:59
A Chinese state-sponsored threat activity group named RedAlpha has been attributed to a multi-year mass credential theft campaign aimed at global humanitarian, think tank, and government organizations. "In this activity, RedAlpha very likely sought to gain access to email accounts and other online communications of targeted individuals and organizations," Recorded FutureΒ disclosedΒ in a new

Lean Security 101: 3 Tips for Building Your Framework

17 August 2022 at 10:50
Cobalt, Lazarus, MageCart, Evil, Revil β€” cybercrime syndicates spring up so fast it's hard to keep track. Until…they infiltrateΒ yourΒ system. But you know what's even more overwhelming than rampant cybercrime? Building your organization's security framework.Β  CIS, NIST, PCI DSS, HIPAA, HITrust, and the list goes on. Even if you had the resources to implement every relevant industry standard and

Malicious Browser Extensions Targeted Over a Million Users So Far This Year

17 August 2022 at 08:44
More than 1.31 million users attempted to install malicious or unwanted web browser extensions at least once, new findings from cybersecurity firm Kaspersky show. "From January 2020 to June 2022, more than 4.3 million unique users were attacked by adware hiding in browser extensions, which is approximately 70% of all users affected by malicious and unwanted add-ons," the companyΒ said. As many as

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware

17 August 2022 at 06:20
The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. Slovak cybersecurity firm ESET linked it to a campaign dubbed "Operation In(ter)ception" that was first disclosed in June 2020 and involved using social engineering tactics to trick employees working in the aerospace and military sectors into

RubyGems Makes Multi-Factor Authentication Mandatory for Top Package Maintainers

17 August 2022 at 04:46
RubyGems, the official package manager for the Ruby programming language, has become the latest platform to mandate multi-factor authentication (MFA) for popular package maintainers, following the footsteps ofΒ NPMΒ andΒ PyPI. To that end, owners of gems with over 180 million total downloads are mandated to turn on MFA effective August 15, 2022. <!--adsense--> "Users in this category who do not
Before yesterdayThe Hacker News

Γ†PIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

16 August 2022 at 14:58
A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. DubbedΒ Γ†PIC Leak, the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner that's akin to an "uninitialized memory read in the CPU itself." "In contrast to transient execution

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks

16 August 2022 at 10:57
Cybersecurity researchers have elaborated a novel attack technique that weaponizes programmable logic controllers (PLCs) to gain an initial foothold in engineering workstations and subsequently invade the operational technology (OT) networks. Dubbed "Evil PLC" attack by industrial security firm Claroty, the issue impacts engineering workstation software from Rockwell Automation, Schneider

Unified Threat Management: The All-in-One Cybersecurity Solution

16 August 2022 at 10:50
UTM (Unified threat management) is thought to be an all-in-one solution for cybersecurity. In general, it is a versatile software or hardware firewall solution integrated with IPS (Intrusion Prevention System) and other security services. A universal gateway allows the user to manage network security with one comprehensive solution, which makes the task much easier. In addition, compared to a

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

16 August 2022 at 09:35
Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "highly persistent threat actor" whose objectives align closely with Russian state interests. The company is tracking the espionage-oriented activity cluster under its chemical element-themed monikerΒ SEABORGIUM, which it said overlaps with a hacking group also known asΒ Callisto,Β COLDRIVER, and TA446. "

Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware

16 August 2022 at 06:36
Russian state-sponsored actors are continuing to strike Ukrainian entities with information-stealing malware as part of what's suspected to be an espionage operation. Symantec, a division of Broadcom Software,Β attributedΒ the malicious campaign to a threat actor trackedΒ Shuckworm, also known asΒ Actinium,Β Armageddon, Gamaredon, Primitive Bear, and Trident Ursa. The findings have beenΒ corroboratedΒ 

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

16 August 2022 at 05:42
Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users. "For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal," the companyΒ said. "All users can rest assured that

Credential Theft Is (Still) A Top Attack Method

15 August 2022 at 16:26
Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication,Β passwordΒ stealing remains a top attack method used by cyber criminals. The latestΒ reportΒ from the Ponemon Institute shares that 54% of security incidents were caused by credential theft, followed by ransomware and DDoS attacks. 59% of organizations
❌