πŸ”’
There are new articles available, click to refresh the page.
βœ‡ The Hacker News

Latest Report Uncovers Supply Chain Attacks by North Korean Hackers

By: Ravie Lakshmanan β€”
Lazarus Group, the advanced persistent threat (APT) group attributed to the North Korean government, has been observed waging two separate supply chain attack campaigns as a means to gain a foothold into corporate networks and target a wide range of downstream entities. The latest intelligence-gathering operation involved the use of MATA malware framework as well as backdoors dubbedΒ BLINDINGCANΒ 
βœ‡ The Hacker News

Over 10 Million Android Users Targeted With Premium SMS Scam Apps

By: Ravie Lakshmanan β€”
A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. TheΒ premium SMS scamΒ campaign β€” dubbed "UltimaSMS" β€” is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, video and photo
βœ‡ The Hacker News

Malicious Firefox Add-ons Block Browser From Downloading Security Updates

By: Ravie Lakshmanan β€”
Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser. The two extensions in question, named Bypass and Bypass XM, "interfered with Firefox in a way that prevented users who had installed them from downloading updates, accessing updated blocklists, and updating remotely
βœ‡ The Hacker News

New Attack Lets Hackers Collect and Spoof Browser's Digital Fingerprints

By: Ravie Lakshmanan β€”
A "potentially devastating and hard-to-detect threat" could be abused by attackers to collect users' browser fingerprinting information with the goal of spoofing the victims without their knowledge, thus effectively compromising their privacy. Academics from Texas A&M University dubbed the attack system "Gummy Browsers," likening it to a nearly 20-year-old "Gummy Fingers" technique that can
βœ‡ The Hacker News

Hardware-grade enterprise authentication without hardware: new SIM security solution for IAM

By: The Hacker News β€”
The average cost of a data breach, according to the latest research by IBM, now stands atΒ USD 4.24 million, the highest reported. The leading cause? Compromised credentials, often caused by human error. Although these findings continue to show an upward trend in the wrong direction, the challenge itself is not new. What is new is the unprecedented and accelerated complexity of securing the
βœ‡ The Hacker News

Microsoft Warns of Continued Supply-Chain Attacks by the Nobelium Hacker Group

By: Ravie Lakshmanan β€”
Nobelium, theΒ threat actorΒ behind the SolarWinds compromise in December 2020, has been behind an ongoing wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"
βœ‡ The Hacker News

Hackers Exploited Popular BillQuick Billing Software to Deploy Ransomware

By: Ravie Lakshmanan β€”
Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that's being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns anΒ SQL-based injectionΒ attack that allows for remote code execution and was successfully
βœ‡ The Hacker News

NYT Journalist Repeatedly Hacked with Pegasus after Reporting on Saudi Arabia

By: Ravie Lakshmanan β€”
The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group's Pegasus spyware tool over a three-year period stretching between June 2018 to June 2021, resulting in infections twice in July 2020 and June 2021. The University of Toronto's Citizen Lab, whichΒ publicizedΒ the findings on Sunday, said the "targeting took place while he was reporting on Saudi Arabia, and
βœ‡ The Hacker News

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

By: Ravie Lakshmanan β€”
Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in
βœ‡ The Hacker News

Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

By: Ravie Lakshmanan β€”
The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked andΒ taken offlineΒ for a second time earlier this week, in what's theΒ latest actionΒ taken by governments to disrupt the lucrative ecosystem. The takedown was first reported byΒ Reuters, quoting multiple private-sector cyber experts working with the
βœ‡ The Hacker News

Popular NPM Package Hijacked to Publish Crypto-mining Malware

By: Ravie Lakshmanan β€”
The U.S. Cybersecurity and Infrastructure Security Agency on FridayΒ warnedΒ of crypto-mining and password-stealing malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source
βœ‡ The Hacker News

'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs

By: Ravie Lakshmanan β€”
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a "lone wolf" threat actor operating a Lahore-based fake IT company called Bunse
βœ‡ The Hacker News

Hackers Set Up Fake Company to Get IT Experts to Launch Ransomware Attacks

By: Ravie Lakshmanan β€”
The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme. "With FIN7's latest fake company, the criminal group leveraged true, publicly available information from various legitimate cybersecurity
βœ‡ The Hacker News

Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild

By: Ravie Lakshmanan β€”
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware "FiveSys," calling out its possible credential theft and in-game-purchase hijacking
βœ‡ The Hacker News

Before and After a Pen Test: Steps to Get Through It

By: The Hacker News β€”
An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can also help validate remedial
βœ‡ The Hacker News

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

By: Ravie Lakshmanan β€”
A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version of the software running version 5.70. "This
βœ‡ The Hacker News

Product Overview: Cynet SaaS Security Posture Management (SSPM)

By: The Hacker News β€”
Software-as-a-service (SaaS) applications have gone from novelty to business necessity in a few short years, and its positive impact on organizations is clear. It’s safe to say that most industries today run on SaaS applications, which is undoubtedly positive, but it does introduce some critical new challenges to organizations.Β  As SaaS application use expands, as well as the number of
βœ‡ The Hacker News

Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices

By: Ravie Lakshmanan β€”
Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question β€” namedΒ okhsa,Β klow, andΒ klownΒ β€” were published by the same
βœ‡ The Hacker News

U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes

By: Ravie Lakshmanan β€”
The U.S. Commerce Department on Wednesday announced new rules barring the sales of hacking software and equipment to authoritarian regimes and potentially facilitate human rights abuse for national security (NS) and anti-terrorism (AT) reasons. TheΒ mandate, which is set to go into effect in 90 days, will forbid the export, reexport and transfer of "cybersecurity items" to countries of "national
❌