Dec 02, 2023Newsroom Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks Unit 42 researcher … [Read more...]
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
Dec 02, 2023NewsroomCybercrime / Malware A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious tools that aided in … [Read more...]
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Dec 01, 2023NewsroomMobile Security / Banking Security Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023. "Spreading primarily through messaging services, it combines app-based malware with social engineering to … [Read more...]
Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
Dec 01, 2023The Hacker NewsMalware / Cyber Threat The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in disrupting this long-running threat, concerns have arisen as it appears that Qakbot may still pose a danger in a reduced form. This article discusses the … [Read more...]
Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
Dec 01, 2023NewsroomMalware / Cyber Espionage A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The activity, which commenced no later than August 2023, leverages two different infection sequences to deliver the malware, which is a … [Read more...]
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
Dec 01, 2023The Hacker NewsNetwork Security / Cyber Attack The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries. At the beginning of 2023, the average strength of attacks reached 800 Gbps, but now, even a peak as high as 1.5+ Tbps is unsurprising. To try and break through Gcore's defenses, perpetrators made two … [Read more...]
WhatsApp's New Secret Code Feature Lets Users Protect Private Chats with Password
Dec 01, 2023NewsroomPrivacy / Data Protection Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an "additional way to protect those chats and make them harder to find if someone has access to your phone or you share a phone with someone else." Secret Code … [Read more...]
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign Agents
Dec 01, 2023NewsroomCyber Espionage / Cryptocurrency The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion. The agents, the Treasury said, helped in "revenue generation and missile-related … [Read more...]
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Dec 01, 2023NewsroomFirewall / Network Security Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below - CVE-2023-35138 (CVSS score: 9.8) - A command injection vulnerability … [Read more...]
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Dec 01, 2023NewsroomSpyware / Threat Analysis Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue … [Read more...]
Google Unveils RETVec – Gmail's New Defense Against Spam and Malicious Emails
Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET … [Read more...]
North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks
Nov 30, 2023NewsroomCryptocurrency / Cyberattacks Threat actors from the Democratic People's Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. "Even though movement in and out of and within the country is heavily restricted, and its general population is … [Read more...]
This Free Solution Provides Essential Third-Party Risk Management for SaaS
Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage the third-party risks associated with SaaS, but first... What exactly is … [Read more...]
7 Uses for Generative AI to Enhance Security Operations
Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention in recent years due to its ability to generate realistic and diverse outputs. When it comes to security operations, Generative AI can play a … [Read more...]
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
Nov 30, 2023NewsroomRansomware / Vulnerability A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities … [Read more...]
U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers
Nov 30, 2023NewsroomHacking / Cryptocurrency The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. "Sinbad has processed millions of dollars' worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists," the … [Read more...]
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
Nov 29, 2023NewsroomCyber Attack / Hacking The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective … [Read more...]
200+ Malicious Apps on Iranian Android Store Installed by Millions of Banking Users
Nov 29, 2023NewsroomMobile Security / Malware An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That's according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious operation, with the threat actor also observed carrying out phishing attacks … [Read more...]
Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions
In a rapidly evolving digital landscape, it's crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they're reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay ahead of emerging threats. To learn more, download the full report here. The New Paradigm If you've been relying … [Read more...]
Okta Discloses Broader Impact Linked to October 2023 Support System Breach
Nov 29, 2023NewsroomCyber Attack / Data Breach Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system. "The threat actor downloaded the names and email addresses of all Okta customer support system users," the company said in a statement shared with The Hacker News. "All … [Read more...]
- 1
- 2
- 3
- …
- 68
- Next Page »