Global Cyber Security News
Keep up to date with some of the latest news articles in the cyber security landscape, worldwide.
- Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sitesby [email protected] (The Hacker News) on April 26, 2024 at 5:49 am
Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0. "This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as
- North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Luresby [email protected] (The Hacker News) on April 25, 2024 at 4:47 pm
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT as part of attacks targeting specific individuals in the Asia region in summer 2023. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL
- Network Threats: A Step-by-Step Attack Demonstrationby [email protected] (The Hacker News) on April 25, 2024 at 11:13 am
Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit
- DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactionsby [email protected] (The Hacker News) on April 25, 2024 at 10:21 am
The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds. To that end, Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged
- Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutinyby [email protected] (The Hacker News) on April 25, 2024 at 6:37 am
Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it's working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year. As part of the
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionageby [email protected] (The Hacker News) on April 25, 2024 at 5:50 am
A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft). "UAT4356
- U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacksby [email protected] (The Hacker News) on April 24, 2024 at 1:43 pm
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh
- Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strikeby [email protected] (The Hacker News) on April 24, 2024 at 1:36 pm
Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. "SSLoad is designed to stealthily infiltrate systems, gather sensitive
- Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Usersby [email protected] (The Hacker News) on April 24, 2024 at 9:36 am
Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi. The only vendor whose keyboard app did not have any security
- CISO Perspectives on Complying with Cybersecurity Regulationsby [email protected] (The Hacker News) on April 24, 2024 at 9:24 am
Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and
- eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Minersby [email protected] (The Hacker News) on April 24, 2024 at 7:02 am
A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group dubbed
- CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealersby [email protected] (The Hacker News) on April 24, 2024 at 4:50 am
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin
- Apache Cordova App Harness Targeted in Dependency Confusion Attackby [email protected] (The Hacker News) on April 23, 2024 at 2:00 pm
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This&
- Webinar: Learn Proactive Supply Chain Threat Hunting Techniquesby [email protected] (The Hacker News) on April 23, 2024 at 11:28 am
In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc? We invite you to join us for an
- Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Casesby [email protected] (The Hacker News) on April 23, 2024 at 10:45 am
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and governments to take urgent action to ensure public safety across social media platforms. "Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies
- Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recoveryby [email protected] (The Hacker News) on April 23, 2024 at 10:22 am
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question: What is the true financial impact of a cyberattack? According to research by Cybersecurity Ventures, the global cost of cybercrime is projected to reach
- German Authorities Issue Arrest Warrants for Three Suspected Chinese Spiesby [email protected] (The Hacker News) on April 23, 2024 at 10:16 am
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects are strongly suspected of working for a Chinese secret service since an unspecified
- U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuseby [email protected] (The Hacker News) on April 23, 2024 at 6:43 am
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated or derived financial benefit from the misuse of this technology, which
- Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malwareby [email protected] (The Hacker News) on April 23, 2024 at 4:23 am
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a now-patched flaw that allowed for
- ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theftby [email protected] (The Hacker News) on April 22, 2024 at 3:11 pm
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from primarily governmental organizations, some of them defense related, located in