The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and [email protected]
Aktualizace: 9 min 40 sek zpět

QEMU Emulator Exploited as Tunneling Tool to Breach Company Network

8 Březen, 2024 - 08:48
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first QEMU that has been
Kategorie: Hacking & Security

QEMU Emulator Exploited as Tunneling Tool to Breach Company Network

8 Březen, 2024 - 08:48
Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first QEMU that has beenNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

8 Březen, 2024 - 07:13
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a complete
Kategorie: Hacking & Security

CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

8 Březen, 2024 - 07:13
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a completeNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks

7 Březen, 2024 - 14:45
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity is part of a&
Kategorie: Hacking & Security

Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks

7 Březen, 2024 - 14:45
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity is part of a&Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks

7 Březen, 2024 - 14:22
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. The findings come from ESET,
Kategorie: Hacking & Security

Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks

7 Březen, 2024 - 14:22
The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end goal of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. The findings come from ESET, Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Human vs. Non-Human Identity in SaaS

7 Březen, 2024 - 12:11
In today's rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and permissions, monitoring of privileged users, their level of activity (dormant, active, hyperactive), their type (internal/ external), whether they are joiners, movers, or leavers, and more.  Not
Kategorie: Hacking & Security

Human vs. Non-Human Identity in SaaS

7 Březen, 2024 - 12:11
In today's rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and permissions, monitoring of privileged users, their level of activity (dormant, active, hyperactive), their type (internal/ external), whether they are joiners, movers, or leavers, and more.  Not The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China

7 Březen, 2024 - 11:19
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, "transferred sensitive Google trade secrets and other confidential
Kategorie: Hacking & Security

Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China

7 Březen, 2024 - 11:19
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, "transferred sensitive Google trade secrets and other confidential Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Python-Based Snake Info Stealer Spreading Through Facebook Messages

7 Březen, 2024 - 08:39
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and other sensitive data. “The credentials harvested from unsuspecting users are transmitted to different platforms such as Discord, GitHub, and Telegram,” Cybereason researcher Kotaro Ogino said in a technical report. Details about the
Kategorie: Hacking & Security

New Python-Based Snake Info Stealer Spreading Through Facebook Messages

7 Březen, 2024 - 08:39
Facebook messages are being used by threat actors to distribute a Python-based information stealer dubbed Snake that’s designed to capture credentials and other sensitive data. “The credentials harvested from unsuspecting users are transmitted to different platforms such as Discord, GitHub, and Telegram,” Cybereason researcher Kotaro Ogino said in a technical report. Details about the Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Watch Out for Spoofed Zoom, Skype, Google Meet Sites Delivering Malware

7 Březen, 2024 - 07:11
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023. “The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, and NjRAT and DCRat for Windows
Kategorie: Hacking & Security

Watch Out for Spoofed Zoom, Skype, Google Meet Sites Delivering Malware

7 Březen, 2024 - 07:11
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023. “The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, and NjRAT and DCRat for Windows Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining

6 Březen, 2024 - 17:58
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. “The attackers leverage these tools to issue exploit code, taking advantage of common misconfigurations and
Kategorie: Hacking & Security

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining

6 Březen, 2024 - 17:58
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access. “The attackers leverage these tools to issue exploit code, taking advantage of common misconfigurations and Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout

6 Březen, 2024 - 16:03
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is blatantly obvious when you check the source code of the new takedown notice." "There
Kategorie: Hacking & Security

Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout

6 Březen, 2024 - 16:03
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is blatantly obvious when you check the source code of the new takedown notice." "There Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security