5 Ways to Reduce SaaS Security Risks – The Hacker News
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack…
Hacker News
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack – The Hacker News
An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and…
U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks – The Hacker News
Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year,…
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk – The Hacker News
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as…
Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity – The Hacker News
Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it…
FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms – The Hacker News
The FIDO Alliance said it’s working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online…
From Misuse to Abuse: AI Risks and Attacks – The Hacker News
AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs.…
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware – The Hacker News
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT.…
5 Techniques for Collecting Cyber Threat Intelligence – The Hacker News
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are…
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack – The Hacker News
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. “The spear-phishing…
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access – The Hacker News
GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487,…
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability – The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing…
TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns – The Hacker News
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN. “This new addition enables the…
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT – The Hacker News
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by…
New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists – The Hacker News
North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is…