Found 66 bookmarks
Custom sorting
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files
Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024. #attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
#thehackernews#2024#EN#Raspberry-Robin#WSF#return
·thehackernews.com·
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin
A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been described as a case of SQL injection impacting versions from 7.9.11 through 7.10.0. The issue has been addressed in version 7.10.1 released on March 27, 2024, following responsible disclosure on March 25. "This update includes important security fixes," the maintainers of LayerSlider said in their release notes. LayerSlider is a visual web content editor, a graphic design software, and a digital visual effects that allows users to create animations and rich content for their websites. According to its own site, the plugin is used by "millions of users worldwide."
#thehackernews#EN#2024#WordPress#LayerSlider#CVE-2024-2879
·thehackernews.com·
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin
China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations
China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations
A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today.
#thehackernews#EN#2024#China-linked#UNAPIMON#APT41Malware
·thehackernews.com·
China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations
Key Lesson from Microsoft's Password Spray Hack: Secure Every Account
Key Lesson from Microsoft's Password Spray Hack: Secure Every Account
In January 2024, Microsoft discovered they'd been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn't a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of an old, inactive account. This serves as a stark reminder of the importance of password security and why organizations need to protect every user account.
#thehackernews#EN#2024#Microsoft#MidnightBlizzard#lesson-learned#password-spray
·thehackernews.com·
Key Lesson from Microsoft's Password Spray Hack: Secure Every Account
U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions
U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (TOEP).
#thehackernews#EN#2024#sanctions#US#cryptocurrency#Russia#exchanges#Bitpapa
·thehackernews.com·
U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production," IBM X-Force said in a report published last week.
#thehackernews#EN#2024#APT28#Russia-linked#Widespread#Phishing#Scheme
·thehackernews.com·
APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure
Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. "Structured as a ransomware-as-a-service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars," the government said.
#thehackernews#EN#2024#Phobos#Ransomware#CISA#US#Critical-infrastructure
·thehackernews.com·
Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly Nobelium), which is also known as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, and The Dukes.
#thehackernews#en#2024#Microsoft#APT29#Russia#theft#mail#executives#attack#MidnightBlizzard
·thehackernews.com·
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the Citizen Lab said, attributing the attack with high confidence to the Egyptian government owing to it being a known customer of the commercial spying tool.
#thehackernews#EN#2023#0-day#0-days#Predator#Egypt#Apple#CitizenLab#CVE-2023-41991#CVE-2023-41992#CVE-2023-41993
·thehackernews.com·
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode
New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode
Cybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and maintain access to an Apple device even when the victim believes it is offline. The method "tricks the victim into thinking their device's Airplane Mode works when in reality the attacker (following successful device exploit) has planted an artificial Airplane Mode which edits the UI to display Airplane Mode icon and cuts internet connection to all apps except the attacker application," Jamf Threat Labs researchers Hu Ke and Nir Avraham said in a report shared with The Hacker News.
#thehackernews#EN#2023#iOS#apple#airplanemode#exploit
·thehackernews.com·
New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode