A previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. “The threat actor created a hidden underground market, named W3LL Store, that served a closed community…
Tag: The Hacker News
Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to…
New BLISTER Malware Update Fuelling Stealthy Network Infiltration
An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to distribute an open-source command-and-control (C2) framework called Mythic. “New BLISTER update includes keying feature that allows for precise targeting of victim…
Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there are numerous…
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
IBM’s 2023 installment of their annual “Cost of a Breach” report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What’s interesting is the difference in how organizations respond to threats…
Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface
In today’s digital age, it’s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions…
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. “It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive…
Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia
Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform. “It targeted more than 50 apps, including Facebook, Instagram, X…
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available…
X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation
X, the social media site formerly known as Twitter, has updated its privacy policy to collect users’ biometric data to tackle fraud and impersonation on the platform. “Based on your consent, we may collect and use your biometric information for…