In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers' favorite targe...
https://thehackernews.com/2024/04/10-critical-endpoint-security-tips-you.html
Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remo...
https://thehackernews.com/2024/04/new-brokewell-android-malware-spread.html
Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CV...
https://thehackernews.com/2024/04/palo-alto-networks-outlines-remediation.html
Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, ...
https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT as part of attacks targeting spe...
https://thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html
Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multip...
https://thehackernews.com/2024/04/network-threats-step-by-step-attack.html
The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 bi...
https://thehackernews.com/2024/04/doj-arrests-founders-of-crypto-mixer.html
Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its ...
https://thehackernews.com/2024/04/google-postpones-third-party-cookie.html
A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the�...
https://thehackernews.com/2024/04/state-sponsored-hackers-exploit-two.html
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the I...
https://thehackernews.com/2024/04/us-treasury-sanctions-iranian-firms-and.html
Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, ...
https://thehackernews.com/2024/04/researchers-detail-multistage-attack.html
Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovere...
https://thehackernews.com/2024/04/major-security-flaws-expose-keystrokes.html
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the secu...
https://thehackernews.com/2024/04/ciso-perspectives-on-complying-with.html
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat coden...
https://thehackernews.com/2024/04/escan-antivirus-update-mechanism.html
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains s...
https://thehackernews.com/2024/04/coralraider-malware-campaign-exploits.html
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that�...
https://thehackernews.com/2024/04/apache-cordova-app-harness-targeted-in.html
In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-par...
https://thehackernews.com/2024/04/webinar-learn-proactive-supply-chain.html
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the indu...
https://thehackernews.com/2024/04/police-chiefs-call-for-solutions-to.html
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a ...
https://thehackernews.com/2024/04/unmasking-true-cost-of-cyberattacks.html
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federa...
https://thehackernews.com/2024/04/german-authorities-issue-arrest.html
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or w...
https://thehackernews.com/2024/04/us-imposes-visa-restrictions-on-13.html
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called Go...
https://thehackernews.com/2024/04/russias-apt28-exploited-windows-print.html
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky ch...
https://thehackernews.com/2024/04/russian-hacker-group-toddycat-uses.html
Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises d...
https://thehackernews.com/2024/04/penteras-2024-report-reveals-hundreds.html
The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion ...
https://thehackernews.com/2024/04/mitre-corporation-breached-by-nation.html
Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some...
https://thehackernews.com/2024/04/ransomware-double-dip-re-victimization.html
New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and proce...
https://thehackernews.com/2024/04/researchers-uncover-windows-flaws.html
Microsoft has revealed that North Korea-linked state-sponsored cyber actors have begun to use artificial intelligence (AI) to make their operations more effective and efficient. "They are learnin...
https://thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of ...
https://thehackernews.com/2024/04/new-redline-stealer-variant-disguised.html
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulne...
https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation i...
https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html
Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way...
https://thehackernews.com/2024/04/blacktech-targets-tech-research-and-gov.html
Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without...
https://thehackernews.com/2024/04/showcasing-networkless-identity-attacks.html
Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since Mar...
https://thehackernews.com/2024/04/akira-ransomware-gang-extorts-42.html
Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it di...
https://thehackernews.com/2024/04/hackers-target-middle-east-governments.html
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents ...
https://thehackernews.com/2024/04/offlrouter-malware-evades-detection-in.html
The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). "FIN7...
https://thehackernews.com/2024/04/fin7-cybercrime-group-targeting-us-auto.html
Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-...
https://thehackernews.com/2024/04/recover-from-ransomware-in-5-minuteswe.html
Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in ...
https://thehackernews.com/2024/04/how-to-conduct-advanced-static-analysis.html
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "not...
https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html
As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials fro...
https://thehackernews.com/2024/04/global-police-operation-disrupts.html
Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's acc...
https://thehackernews.com/2024/04/hackers-exploit-openmetadata-flaws-to.html
A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. "The threat actor reg...
https://thehackernews.com/2024/04/malicious-google-ads-pushing-fake-ip.html
A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. T...
https://thehackernews.com/2024/04/russian-apt-deploys-new-kapeka-backdoor.html
The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools wi...
https://thehackernews.com/2024/04/genai-new-headache-for-saas-security.html
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security ...
https://thehackernews.com/2024/04/critical-atlassian-flaw-exploited-to.html
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun ...
https://thehackernews.com/2024/04/hackers-exploit-fortinet-flaw-deploy.html
Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH servic...
https://thehackernews.com/2024/04/cisco-warns-of-global-surge-in-brute.html
Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source ...
https://thehackernews.com/2024/04/openjs-foundation-targeted-in-potential.html
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot, G...
https://thehackernews.com/2024/04/ta558-hackers-weaponize-images-for-wide.html