Threats & Malware, Vulnerabilities
August 8, 2023
Via: The Hacker NewsNew research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. “Cloudflared is functionally very similar to ngrok,” Nic Finn, a senior threat intelligence analyst at GuidePoint Security, […]
Threats & Malware, Virus & Malware
August 3, 2023
Via: DataBreach TodayA Russia-linked hacking group is shifting its online infrastructure likely in response to public disclosures about its activity. Recorded Future’s Insikt Group traced over the last five months the revamped infrastructure of a group it tracks as “BlueCharlie,” which overlaps […]
June 30, 2023
Via: Panda SecurityClickjacking can be described as a dangerous form of online hide-and-seek. Hackers hide malicious links behind recognizable or appealing webpages and wait for users to unintentionally seek them out. Unlike the childhood version of hide-and-seek, the seeker in these UI […]
June 19, 2023
Via: The Hacker NewsGovernmental entities in the Middle East and Africa have been at the receiving end of sustained cyber-espionage attacks that leverage never-before-seen and rare credential theft and Exchange email exfiltration techniques. “The main goal of the attacks was to obtain highly […]
May 23, 2023
Via: The Hacker NewsThe North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. “Lately, Kimsuky has been consistently distributing custom malware as […]
May 8, 2023
Via: The Hacker NewsDigital storage giant Western Digital confirmed that an “unauthorized third party” gained access to its systems and stole personal information belonging to the company’s online store customers. “This information included customer names, billing and shipping addresses, email addresses and telephone […]
May 4, 2023
Via: Natalie DunnArtificial intelligence (AI) is rapidly transforming, bringing many benefits to our daily lives, from personalized recommendations to self-driving cars. At the same time, hackers also leverage AI to make their attacks more sophisticated and challenging to detect. In recent years, […]
April 24, 2023
Via: The Hacker NewsThreat actors are employing a previously undocumented “defense evasion tool” dubbed AuKill that’s designed to disable endpoint detection and response (EDR) software by means of a Bring Your Own Vulnerable Driver (BYOVD) attack. “The AuKill tool abuses an outdated version […]
April 14, 2023
Via: The Hacker NewsThe Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland’s Military Counterintelligence Service and […]
Threats & Malware, Virus & Malware
April 5, 2023
Via: The Hacker NewsAn unknown threat actor used a malicious self-extracting archive (SFX) file in an attempt to establish persistent backdoor access to a victim’s environment, new findings from CrowdStrike show. SFX files are capable of extracting the data contained within them without […]
Threats & Malware, Vulnerabilities
March 21, 2023
Via: The Hacker NewsBitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. “The attacker was able to upload his own java application remotely via the master service interface […]
March 10, 2023
Via: The Hacker NewsGoogle-owned Mandiant said the threat cluster shares “multiple overlaps” with a long-running operation dubbed “Dream Job” that employs job recruitment lures in email messages to trigger the infection sequence. UNC2970 is the new moniker designated by the threat intelligence firm […]
Threats & Malware, Vulnerabilities
March 6, 2023
Via: Security WeekThe vulnerabilities were discovered by Ryan Pickren from the Georgia Institute of Technology’s Cyber-Physical Security Lab. The issues were identified by the researcher as part of a PhD project on the security of industrial control systems (ICS). Pickren previously earned […]
February 27, 2023
Via: The Hacker NewsThe Dutch police announced the arrest of three individuals in connection with a “large-scale” criminal operation involving data theft, extortion, and money laundering. The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent […]
February 20, 2023
Via: Help Net SecurityThe number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to Critical Insight. Healthcare industry sees a decrease in data breaches A deeper dive […]
February 13, 2023
Via: The Hacker NewsA previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to steal confidential information. Enterprise security company Proofpoint, which is tracking the activity cluster under the name Screentime, said the group, dubbed […]
February 13, 2023
Via: The Hacker NewsThe advanced persistent threat (APT) actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its […]
February 7, 2023
Via: The Hacker NewsThreat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control (C2) framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center (ASEC), which found that security vulnerabilities in Sunlogin, a remote […]
February 1, 2023
Via: The Hacker NewsMicrosoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations’ cloud environments and steal email. “The applications […]
January 17, 2023
Via: The Hacker NewsNew research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems. GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and […]