The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 11 min 1 sek zpět

Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware

26 Listopad, 2021 - 14:20
An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector with the likely goal of
Kategorie: Hacking & Security

Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

26 Listopad, 2021 - 11:32
A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even LockBit ransomware,
Kategorie: Hacking & Security

CronRAT: A New Linux Malware That’s Scheduled to Run on February 31st

26 Listopad, 2021 - 09:08
Researchers have unearthed a new remote access trojan (RAT) for Linux that employs a never-before-seen stealth technique that involves masking its malicious actions by scheduling them for execution on February 31st, a non-existent calendar day. Dubbed CronRAT, the sneaky malware "enables server-side Magecart data theft which bypasses browser-based security solutions," Sansec Threat Research said
Kategorie: Hacking & Security

Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries

26 Listopad, 2021 - 06:10
Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist, now only includes 37 countries, down from the previous 102:
Kategorie: Hacking & Security

Product Releases Should Not Be Scary

25 Listopad, 2021 - 18:52
Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great. The landscape is changing fast, especially in IT. Change isn't just necessary, but more often than
Kategorie: Hacking & Security

This New Stealthy JavaScript Loader Infecting Computers with Malware

25 Listopad, 2021 - 12:57
Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans (RATs) and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for deploying at least eight different malware families in 2021. Around 155 samples of this new malware
Kategorie: Hacking & Security

Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

25 Listopad, 2021 - 12:33
A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. "[T]he stealer is a PowerShell script, short with powerful collection capabilities — in only ~150 lines, it provides the
Kategorie: Hacking & Security

If You're Not Using Antivirus Software, You're Not Paying Attention

25 Listopad, 2021 - 10:24
Stop tempting fate and take a look at our picks for the best antivirus programs on the market today. Every year there are billions of malware attacks worldwide. And these threats are constantly evolving. So if you are not currently using antivirus software, or you still rely on some free software you downloaded back in 2017, you are putting your cybersecurity in serious jeopardy.  Need help
Kategorie: Hacking & Security

Warning — Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild

25 Listopad, 2021 - 09:10
Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos disclosed that it "detected malware samples in the wild that are attempting to take advantage of this
Kategorie: Hacking & Security

VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client

25 Listopad, 2021 - 06:09
VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Tracked as CVE-2021-21980, the bug has been rated 7.5 out of a maximum of 10 on the CVSS scoring system,
Kategorie: Hacking & Security

GoDaddy Data Breach Exposes Over 1 Million WordPress Customers' Data

25 Listopad, 2021 - 05:52
Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar said that a malicious third-party managed to gain
Kategorie: Hacking & Security

Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally

25 Listopad, 2021 - 05:50
Multiple security weaknesses have been disclosed in MediaTek system-on-chips (SoCs) that could have enabled a threat actor to elevate privileges and execute arbitrary code in the firmware of the audio processor, effectively allowing the attackers to carry out a "massive eavesdrop campaign" without the users' knowledge. The discovery of the flaws is the result of reverse-engineering the Taiwanese
Kategorie: Hacking & Security

Apple Sues Israel's NSO Group for Spying on iPhone Users With Pegasus Spyware

24 Listopad, 2021 - 13:10
Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. federal court holding it accountable for illegally targeting users with its Pegasus surveillance tool, marking yet another setback for the Israeli spyware vendor. The Cupertino-based tech giant painted NSO Group as "notorious hackers — amoral 21st century mercenaries who have created highly sophisticated
Kategorie: Hacking & Security

APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users

24 Listopad, 2021 - 09:49
A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar. The new variants have "incorporated new features into their malicious apps that make them more resilient to actions by users, who might try
Kategorie: Hacking & Security

Webinar and eBook: The Dark Side of EDR. Are You Prepared?

24 Listopad, 2021 - 08:54
Endpoint Detection and Response (EDR) platforms have received incredible attention as the platform for security teams. Whether you're evaluating an EDR for the first time or looking to replace your EDR, as an information security professional, you need to be aware of the gaps prior already to implementation so you can best prepare how to close the gaps. It's important to understand that each
Kategorie: Hacking & Security

Over 9 Million Android Phones Running Malware Apps from Huawei's AppGallery

24 Listopad, 2021 - 08:40
At least 9.3 million Android devices have been infected by a new class of malware that disguises itself as dozens of arcade, shooter, and strategy games on Huawei's AppGallery marketplace to steal device information and victims' mobile phone numbers. The mobile campaign was disclosed by researchers from Doctor Web, who classified the trojan as "Android.Cynos.7.origin," owing to the fact that the
Kategorie: Hacking & Security

Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox

24 Listopad, 2021 - 07:54
A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition. "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox," the advisory reads. "Successful attacks of
Kategorie: Hacking & Security

What Avengers Movies Can Teach Us About Cybersecurity

23 Listopad, 2021 - 13:26
Marvel has been entertaining us for the last 20 years. We have seen gods, super-soldiers, magicians, and other irradiated heroes fight baddies at galactic scales. The eternal fight of good versus evil. A little bit like in cybersecurity, goods guys fighting cybercriminals.If we choose to go with this fun analogy, is there anything useful we can learn from those movies? World-ending baddies
Kategorie: Hacking & Security

More Stealthier Version of BrazKing Android Malware Spotted in the Wild

23 Listopad, 2021 - 12:23
Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan (RAT) that's capable of carrying out financial fraud attacks by stealing two-factor authentication (2FA) codes and initiating rogue transactions from infected devices to transfer money from victims' accounts to an account operated by the threat actor. IBM X-Force dubbed the
Kategorie: Hacking & Security

The Importance of IT Security in Your Merger Acquisition

23 Listopad, 2021 - 11:34
In the business world, mergers and acquisitions are commonplace as businesses combine, acquire, and enter various partnerships. Mergers and Acquisitions (M&A) are filled with often very complicated and complex processes to merge business processes, management, and a whole slew of other aspects of combining two businesses into a single logical entity. In the modern business world before and after
Kategorie: Hacking & Security