The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said,…
Tag: The Hacker News
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in unspecified software over the past several weeks to infiltrate their machines. The findings come from Google’s Threat Analysis Group (TAG), which found the adversary setting up…
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. “Nation-state advanced…
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group’s Pegasus mercenary spyware. The issues are described as below – CVE-2023-41061 –…
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or AMOS), indicating that it’s being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to…
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024
By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity…
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious…
Mirai Botnet Variant ‘Pandora’ Hijacks Android TVs for Cyberattacks
A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware…
Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forging tokens to access Outlook by compromising an engineer’s corporate account. This enabled the adversary to access a debugging environment that contained a…
Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods…