New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359) and others may be linked to China-based actors.
Read: https://thehackernews.com/2024/05/china-linked-hackers-suspected-in.html
The attacks used custom Line Runner and Line Dancer malware.
Read: https://thehackernews.com/2024/05/china-linked-hackers-suspected-in.html
The attacks used custom Line Runner and Line Dancer malware.
π₯16π13π±4
Cyberattacks can be a financial nightmare for SMBs. From operational disruptions to data loss and ransom demands, the costs can quickly drain your resources.
Discover how a managed EDR solution can help prevent these catastrophic expenses: https://thehackernews.com/2024/05/it-costs-how-much-financial-pitfalls-of.html
Discover how a managed EDR solution can help prevent these catastrophic expenses: https://thehackernews.com/2024/05/it-costs-how-much-financial-pitfalls-of.html
π12π€10π€―4π1
Russian operator of BTC-e crypto exchange pleads guilty to money laundering charges spanning 2011-2017. Alexander Vinnik admitted to facilitating transactions for cybercriminals worldwide.
Find details here: https://thehackernews.com/2024/05/russian-operator-of-btc-e-crypto.html
Find details here: https://thehackernews.com/2024/05/russian-operator-of-btc-e-crypto.html
π9π7π€―4π€2
Google is streamlining 2-factor authentication (2FA) for personal and Workspace accounts!
π No more SMS codes needed - you can now directly add authenticator apps or security keys.
Learn more: https://thehackernews.com/2024/05/google-simplifies-2-factor.html
π No more SMS codes needed - you can now directly add authenticator apps or security keys.
Learn more: https://thehackernews.com/2024/05/google-simplifies-2-factor.html
π25π₯5π3
π΅οΈββοΈ MITRE research firm reveals alarming details about a recent cyber attack that dates back to late 2023.
Adversary used backdoors, web shells, and credential harvesting to breach VMware infrastructure.
π Read details: https://thehackernews.com/2024/05/china-linked-hackers-used-rootrot.html
Adversary used backdoors, web shells, and credential harvesting to breach VMware infrastructure.
π Read details: https://thehackernews.com/2024/05/china-linked-hackers-used-rootrot.html
π16π±1
A simple "Thank you" comment hid a dangerous vulnerability that exposed customer data.
This eye-opening case study shows why robust web security measures are crucial for any site with user communities.
Learn more: https://thehackernews.com/2024/05/new-case-study-malicious-comment.html
This eye-opening case study shows why robust web security measures are crucial for any site with user communities.
Learn more: https://thehackernews.com/2024/05/new-case-study-malicious-comment.html
π17π€6π2π€―2
π¨ ALERT: Iranian hackers (APT42) posing as journalists and event organizers to launch cyber attacks on NGOs, media, academia, and activists.
Learn how they gain access here: https://thehackernews.com/2024/05/apt42-hackers-pose-as-journalists-to.html
Learn how they gain access here: https://thehackernews.com/2024/05/apt42-hackers-pose-as-journalists-to.html
π20π12β‘3π3π₯1
π¨ BREAKING!!!
Authorities have unmasked the administrator behind the prolific LockBit ransomware as 31-year-old Russian national Dmitry Yuryevich Khoroshev.
Read details here: https://thehackernews.com/2024/05/russian-hacker-dmitry-khoroshev.html
Authorities have unmasked the administrator behind the prolific LockBit ransomware as 31-year-old Russian national Dmitry Yuryevich Khoroshev.
Read details here: https://thehackernews.com/2024/05/russian-hacker-dmitry-khoroshev.html
π€―55π₯13π9π7π€7π4
β οΈ URGENT: A critical flaw in the hugely popular LiteSpeed Cache plugin for WordPress is being exploited in the wild to create rogue admin accounts, granting attackers full control of affected sites.
Details here: https://thehackernews.com/2024/05/hackers-exploiting-litespeed-cache-bug.html
Stay safe, update ASAP!
Details here: https://thehackernews.com/2024/05/hackers-exploiting-litespeed-cache-bug.html
Stay safe, update ASAP!
π₯15π10
DORA, the EU's new cybersecurity regulation for financial institutions, is more than just a compliance check. It mandates rigorous testing of operational resilience.
Learn how you can quantify risks & prioritize remediation efforts.
Read: https://thehackernews.com/expert-insights/2024/05/dora-guiding-resilience-of-digital.html
Learn how you can quantify risks & prioritize remediation efforts.
Read: https://thehackernews.com/expert-insights/2024/05/dora-guiding-resilience-of-digital.html
π24π3β‘1
π¨ Alert: The new version of HijackLoader is stealthier than ever with advanced modules designed to outsmart detection tools.
It can now:
β Exclude Windows Defender
β Bypass UAC
β Evade API hooking
β Employ process hollowing
Read: https://thehackernews.com/2024/05/hijack-loader-malware-employs-process.html
It can now:
β Exclude Windows Defender
β Bypass UAC
β Evade API hooking
β Employ process hollowing
Read: https://thehackernews.com/2024/05/hijack-loader-malware-employs-process.html
π14π₯13π€8π4β‘2
π Researchers found a new attack called "Pathfinder" that extracts encryption keys and data from Intel CPUs.
This technique bypasses current Spectre mitigations by manipulating the CPU's branch prediction system.
Details here: https://thehackernews.com/2024/05/new-spectre-style-pathfinder-attack.html
This technique bypasses current Spectre mitigations by manipulating the CPU's branch prediction system.
Details here: https://thehackernews.com/2024/05/new-spectre-style-pathfinder-attack.html
π€15π12π±9π5π2β‘1
Get Certificate in Cybersecurity Risk Management!
With a graduate certificate from Georgetown, youβll develop strategic knowledge of cyber strategies that increase security.
Learn more: https://thn.news/georgetown-cybersec-cert-insta
With a graduate certificate from Georgetown, youβll develop strategic knowledge of cyber strategies that increase security.
Learn more: https://thn.news/georgetown-cybersec-cert-insta
scs.georgetown.edu
Graduate Certificate in Cybersecurity Risk Management |
Georgetown SCS
Georgetown SCS
Led by a faculty of industry experts, the Graduate Certificate in Cybersecurity Risk Management equips students with the best practices that add value to any organization.
π23π₯4π±3β‘2π€1
π¨ Researchers found 2 CRITICAL vulnerabilities in F5 Next Central Manager that could let attackers create secret backdoor ADMIN accounts for full control, evading detection even after patching.
Read details here: https://thehackernews.com/2024/05/critical-f5-central-manager.html
Read details here: https://thehackernews.com/2024/05/critical-f5-central-manager.html
π₯15π8π±2π1
Cloud Security isn't just the provider's responsibility. Did you know that as an org, you're responsible for securing everything you create in the cloud?
π Discover the must-know cloud pentesting building blocks - read on: https://thehackernews.com/2024/05/the-fundamentals-of-cloud-security.html
π Discover the must-know cloud pentesting building blocks - read on: https://thehackernews.com/2024/05/the-fundamentals-of-cloud-security.html
π₯17π14
Researchers have uncovered a sophisticated attack chain targeting Ivanti Connect Secure devices.
Two vulnerabilities (CVE-2023-46805 and CVE-2024-21887) are being exploited to deliver the infamous Mirai botnet payload.
More details: https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html
Two vulnerabilities (CVE-2023-46805 and CVE-2024-21887) are being exploited to deliver the infamous Mirai botnet payload.
More details: https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html
π27π€1
π‘οΈ Did you know a centralized permissions inventory can significantly reduce your SaaS attack surface?
By identifying and removing unnecessary user permissions, it minimizes the avenues for malicious actors to exploit.
Learn more: https://thehackernews.com/2024/05/a-saas-security-challenge-getting.html
By identifying and removing unnecessary user permissions, it minimizes the avenues for malicious actors to exploit.
Learn more: https://thehackernews.com/2024/05/a-saas-security-challenge-getting.html
π24
π΅π± Polish government bodies were hit by a sophisticated malware attack orchestrated by the infamous APT28 hacking group.
The campaign employed cunning tactics like email lures and legitimate service abuse to evade detection.
Details: https://thehackernews.com/2024/05/kremlin-backed-apt28-targets-polish.html
The campaign employed cunning tactics like email lures and legitimate service abuse to evade detection.
Details: https://thehackernews.com/2024/05/kremlin-backed-apt28-targets-polish.html
π22π€6β‘4π3π₯1
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
Named "TunnelVision," the attack works by abusing a DHCP option to alter your device's routing table.
Details here: https://thehackernews.com/2024/05/new-tunnelvision-attack-allows.html
Named "TunnelVision," the attack works by abusing a DHCP option to alter your device's routing table.
Details here: https://thehackernews.com/2024/05/new-tunnelvision-attack-allows.html
π€―22π₯10π6π±6β‘2π2
π¨ Researchers have uncovered a new attack called "LLMjacking" that targets large language models (LLMs) hosted on cloud services.
Attackers steal cloud credentials to gain unauthorized access and sell it to other threat actors.
Read: https://thehackernews.com/2024/05/researchers-uncover-llmjacking-scheme.html
Attackers steal cloud credentials to gain unauthorized access and sell it to other threat actors.
Read: https://thehackernews.com/2024/05/researchers-uncover-llmjacking-scheme.html
π₯17π7π€4β‘1π1
π Malicious Android apps are using the icons of well-known appsβlike Google, WhatsApp, and Instagramβto deceive users into installing them and steal their credentials.
Learn how these apps trick users into giving away control: https://thehackernews.com/2024/05/malicious-android-apps-pose-as-google.html
Learn how these apps trick users into giving away control: https://thehackernews.com/2024/05/malicious-android-apps-pose-as-google.html
π16π₯13