The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it’s responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack…
Tag: The Hacker News
200+ Malicious Android Apps Targeting Iranian Banks: Experts Warn
An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That’s according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious…
Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions
In a rapidly evolving digital landscape, it’s crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they’re reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay…
200+ Malicious Apps on Iranian Android Store Installed by Millions of Banking Users
An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That’s according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious…
Okta Discloses Broader Impact Linked to October 2023 Support System Breach
Identity services provider Okta has disclosed that it detected “additional threat actor activity” in connection with the October 2023 breach of its support case management system. “The threat actor downloaded the names and email addresses of all Okta customer support system users,”…
DJVU Ransomware’s Latest Variant ‘Xaro’ Disguised as Cracked Software
A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. “While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected…
Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability
Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug…
GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability
The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that’s capable of remotely commandeering the infected hosts. The attacks…
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Cybersecurity researchers have detailed a “severe design flaw” in Google Workspace’s domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. “Such exploitation could…
Transform Your Data Security Posture – Learn from SoFi’s DSPM Success
As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra’s DSPM (Data Security Posture Management) emerges as…