- LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damagesby info@thehackernews.com (The Hacker News) (The Hacker News) on December 21, 2024 at 9:22 am
A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation […]
- Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malwareby info@thehackernews.com (The Hacker News) (The Hacker News) on December 20, 2024 at 10:44 am
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least […]
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attackby info@thehackernews.com (The Hacker News) (The Hacker News) on December 20, 2024 at 8:39 am
The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious […]
- Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitationby info@thehackernews.com (The Hacker News) (The Hacker News) on December 20, 2024 at 8:13 am
Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system […]
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Toolsby info@thehackernews.com (The Hacker News) (The Hacker News) on December 20, 2024 at 6:25 am
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software […]
- CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities Listby info@thehackernews.com (The Hacker News) (The Hacker News) on December 20, 2024 at 4:30 am
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support […]
- Thousands Download Malicious npm Libraries Impersonating Legitimate Toolsby info@thehackernews.com (The Hacker News) (The Hacker News) on December 19, 2024 at 1:56 pm
Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on […]
- Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwordsby info@thehackernews.com (The Hacker News) (The Hacker News) on December 19, 2024 at 1:37 pm
Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet […]
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploitsby info@thehackernews.com (The Hacker News) (The Hacker News) on December 19, 2024 at 10:31 am
Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The […]
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01by info@thehackernews.com (The Hacker News) (The Hacker News) on December 19, 2024 at 10:00 am
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud […]
- Dutch DPA Fines Netflix β¬4.75 Million for GDPR Violations Over Data Transparencyby info@thehackernews.com (The Hacker News) (The Hacker News) on December 19, 2024 at 9:26 am
The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix β¬4.75 million ($4.93 million) for not giving consumers enough information […]
- UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ Appby info@thehackernews.com (The Hacker News) (The Hacker News) on December 19, 2024 at 8:40 am
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military […]
- HubPhish Abuses HubSpot Tools to Target 20,000 European Users for Credential Theftby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 2:10 pm
Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ […]
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detectedby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 1:36 pm
Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as […]
- Not Your Old ActiveState: Introducing our End-to-End OS Platformby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 11:55 am
Having been at ActiveState for nearly eight years, Iβve seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source […]
- APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDPby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 11:15 am
The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop […]
- ONLY Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Evaluationby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 10:30 am
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard […]
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Productsby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 9:15 am
BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access (PRA) and Remote Support (RS) products that could potentially lead to the execution of […]
- INTERPOL Pushes for “Romance Baiting” to Replace “Pig Butchering” in Scam Discourseby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 9:10 am
INTERPOL is calling for a linguistic shift that aims to put to an end to the term “pig butchering,” instead advocating for the use of “romance baiting” to refer to online scams […]
- Meta Fined β¬251 Million for 2018 Data Breach Impacting 29 Million Accountsby info@thehackernews.com (The Hacker News) (The Hacker News) on December 18, 2024 at 5:43 am
Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined β¬251 million (around $263 million) for a 2018 data breach that impacted millions […]
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malwareby info@thehackernews.com (The Hacker News) (The Hacker News) on December 17, 2024 at 4:35 pm
A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via […]
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacksby info@thehackernews.com (The Hacker News) (The Hacker News) on December 17, 2024 at 2:11 pm
A new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, […]
- Even Great Companies Get Breached β Find Out Why and How to Stop Itby info@thehackernews.com (The Hacker News) (The Hacker News) on December 17, 2024 at 12:05 pm
Even the best companies with the most advanced tools can still get hacked. Itβs a frustrating reality: youβve invested in the right solutions, trained your team, and […]
- Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malwareby info@thehackernews.com (The Hacker News) (The Hacker News) on December 17, 2024 at 11:07 am
A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as […]
- 5 Practical Techniques for Effective Cyber Threat Huntingby info@thehackernews.com (The Hacker News) (The Hacker News) on December 17, 2024 at 10:52 am
Addressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of […]