There are new articles available, click to refresh the page.
Today β€” 8 August 2022The Hacker News

Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook

8 August 2022 at 07:00
Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first set of activities is what the company described as "persistent and well-resourced" and undertaken by a hacking group tracked under the moniker Bitter APT (aka APT-C-08 or T-APT-17) targeting
Yesterday β€” 7 August 2022The Hacker News

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

7 August 2022 at 04:29
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the originalΒ Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai,"
Before yesterdayThe Hacker News

Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

6 August 2022 at 09:10
Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted an email address or phone number to Twitter's systems, Twitter's systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any,"

Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users

6 August 2022 at 08:44
Slack said it took the step of resetting passwords for about 0.5% of its users after a flaw exposed salted password hashes when creating or revoking shared invitation links for workspaces. "When a user performed either of these actions, Slack transmitted a hashed version of their password to other workspace members," the enterprise communication and collaboration platformΒ saidΒ in an alert on 4th

Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government

5 August 2022 at 14:37
A threat actor working to further Iranian goals is said to have been behind a set of damaging cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm MandiantΒ saidΒ the malicious activity against a NATO state represented a "geographic expansion of Iranian disruptive cyber operations." TheΒ July 17 attacks, according to Albania's National Agency of Information Society

Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages

5 August 2022 at 10:24
The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. If left unpatched, the issues could allow an adversary to issue fraudulent emergency alerts over TV, radio, and cable networks. The August 1 advisory comes courtesy of DHS' Federal Emergency Management Agency (FEMA). CYBIR security researcher Ken

Resolving Availability vs. Security, a Constant Conflict in IT

5 August 2022 at 10:20
Conflicting business requirements is a common problem – and you find it in every corner of an organization, including in information technology. Resolving these conflicts is a must, but it isn’t always easy – though sometimes there is a novel solution that helps. In IT management there is a constant struggle between security and operations teams. Yes, both teams ultimately want to have secure

A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'

5 August 2022 at 10:06
A nascent service called Dark Utilities has already attracted 3,000 users for its ability to provide command-and-control (C2) services with the goal of commandeering compromised systems. "It is marketed as a means to enable remote access, command execution, distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations on infected systems," Cisco TalosΒ saidΒ in a report shared

CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

5 August 2022 at 05:54
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to itsΒ Known Exploited Vulnerabilities Catalog, citingΒ evidence of active exploitation. The issue in question isΒ CVE-2022-27924Β (CVSS score: 7.5), a command injection flaw in the platform that could lead to the execution of arbitrary

Who Has Control: The SaaS App Admin Paradox

4 August 2022 at 15:50
Imagine this: a company-wide lockout to the company CRM, like Salesforce, because the organization's external admin attempts to disable MFA for themselves. They don't think to consult with the security team and don't consider the security implications, only the ease which they need for their team to use their login.Β  This CRM, however, defines MFA as a top-tier security setting; for example,

Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers

4 August 2022 at 13:10
As many as 29 different router models from DrayTek have been identified as affected by a new critical, unauthenticated remote code execution vulnerability that, if successfully exploited, could lead to full compromise of the devices and unauthorized access to the broader network. "The attack can be performed without user interaction if the management interface of the device has been configured

New Woody RAT Malware Being Used to Target Russian Organizations

4 August 2022 at 12:55
An unknown threat actor has been targeting Russian entities with a newly discovered remote access trojan called Woody RAT for at least a year as part of a spear-phishing campaign. The advanced custom backdoor is said to be delivered via either of two methods: archive files or Microsoft Office documents leveraging the now-patched "Follina" support diagnostic tool vulnerability (CVE-2022-30190) in

Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage

4 August 2022 at 10:24
A threat actor is said to have "highly likely" exploited a security flaw in an outdated Atlassian Confluence server to deploy a never-before-seen backdoor against an unnamed organization in the research and technical services sector. The attack, which transpired over a seven-day-period during the end of May, has been attributed to a threat activity cluster tracked by cybersecurity firm Deepwatch

Three Common Mistakes That May Sabotage Your Security Training

4 August 2022 at 07:58
Phishing incidents are on the rise. A report from IBM shows that phishing was the most popular attack vector in 2021, resulting in one in five employees falling victim to phishing hacking techniques. The Need for Security Awareness TrainingΒ  Although technical solutions protect against phishing threats, no solution is 100% effective. Consequently, companies have no choice but to involve their

Cisco Business Routers Found Vulnerable to Critical Remote Hacking Flaws

4 August 2022 at 05:11
Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution (RCE) or cause a denial-of-service (DoS) condition on affected devices. The most critical of the flaws impact Cisco Small Business RV160, RV260, RV340, and RV345 Series routers. Tracked as CVE-2022-20842 (CVSS score: 9.8)

Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

3 August 2022 at 16:09
A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in an hour's time. The algorithm in question is SIKE β€” short for Supersingular Isogeny Key Encapsulation β€” which made it to theΒ fourth roundΒ of the Post-Quantum Cryptography (PQC) standardization

VirusTotal Reveals Most Impersonated Software in Malware Attacks

3 August 2022 at 12:36
Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering attack. Other most impersonated legitimate apps by icon include 7-Zip, TeamViewer, CCleaner, Microsoft Edge, Steam, Zoom, and WhatsApp, an analysis from VirusTotal has revealed. "One of the

On-Demand Webinar: New CISO Survey Reveals Top Challenges for Small Cyber Security Teams

3 August 2022 at 12:13
The only threat more persistent to organizations than cyber criminals? The cyber security skills crisis.Β  NearlyΒ 60% of enterprisesΒ can’t find the staff to protect their data (and reputations!) from new and emerging breeds of cyber-attacks, reports the Information Systems Security Association (ISSA) in its 5th annual global industry study.Β  The result?Β Heavier workloads, unfilled positions, and

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

3 August 2022 at 09:03
A new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts. "It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing multi-factor authentication," Zscaler researchers Sudeep Singh and Jagadeeswar RamanukolanuΒ saidΒ in a Tuesday report. "The campaign is