FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

JAVS Courtroom Recording Software Backdoored - Deploys RustDoor Malware

By: Newsroom — May 24th 2024 at 09:48
Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known implant called RustDoor. The software supply chain attack, tracked as CVE-2024-4978 (CVSS score: 8.7), impacts JAVS Viewer v8.3.7, a component of the JAVS Suite 8 that allows users to create,
☐ ☆ ✇ The Hacker News

Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses

By: Newsroom — May 21st 2024 at 09:02
 Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used desktop operating system. "Deprecating NTLM has been a huge ask from our security community as it will strengthen user authentication, and deprecation is planned in the second half of 2024," the
☐ ☆ ✇ The Hacker News

How Attackers Can Own a Business Without Touching the Endpoint

By: The Hacker News — April 19th 2024 at 11:08
Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let’s discuss why
☐ ☆ ✇ The Hacker News

Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files

By: Newsroom — April 10th 2024 at 13:10
Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script Files (WSFs) since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its distributors have experimented with other initial infection vectors," HP Wolf Security researcher Patrick
☐ ☆ ✇ The Hacker News

Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

By: Newsroom — April 10th 2024 at 09:26
Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection (BHI), can be used to leak arbitrary kernel memory at 3.5 kB/sec by bypassing existing Spectre v2/BHI mitigations, researchers from Systems and
☐ ☆ ✇ The Hacker News

Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks

By: Newsroom — April 10th 2024 at 03:05
A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments. "The Rust standard library did not properly escape
☐ ☆ ✇ The Hacker News

Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks

By: Newsroom — April 8th 2024 at 13:51
Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox
☐ ☆ ✇ The Hacker News

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

By: Newsroom — April 8th 2024 at 08:36
A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs researcher Karla Agregado said. The email message, the company said, originates from an email
☐ ☆ ✇ The Hacker News

Behind the Scenes: The Art of Safeguarding Non-Human Identities

By: The Hacker News — March 28th 2024 at 11:00
In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are not just trends but the new norm. Amidst this backdrop, a critical aspect subtly weaves into the
☐ ☆ ✇ The Hacker News

SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report Reveals

By: The Hacker News — March 27th 2024 at 10:56
As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (
☐ ☆ ✇ The Hacker News

Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice

By: Newsroom — March 27th 2024 at 07:56
A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie
☐ ☆ ✇ The Hacker News

Implementing Zero Trust Controls for Compliance

By: The Hacker News — March 22nd 2024 at 11:28
The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network footholds, and malware attacks as a direct result of user error. With the capabilities of the
☐ ☆ ✇ The Hacker News

U.S. Justice Department Sues Apple Over Monopoly and Messaging Security

By: Newsroom — March 22nd 2024 at 06:14
The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining, among other things, the security and privacy of users when messaging non-iPhone users. "Apple wraps itself in a cloak of privacy, security, and consumer preferences to justify its
☐ ☆ ✇ The Hacker News

Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management

By: The Hacker News — February 28th 2024 at 10:37
Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users. There’s a company aiming to fix the gap between traditional PAM and IdM
☐ ☆ ✇ The Hacker News

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

By: Newsroom — February 16th 2024 at 13:27
Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It's
☐ ☆ ✇ The Hacker News

Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?

By: The Hacker News — February 12th 2024 at 10:00
Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that something bad is happening, but you’re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability to discover malicious files and outbound network connections. However, the identity aspect - namely
☐ ☆ ✇ The Hacker News

Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices

By: Newsroom — February 10th 2024 at 07:12
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact initial access pathway used to propagate the implant is currently not known, although
☐ ☆ ✇ The Hacker News

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

By: Newsroom — January 30th 2024 at 13:45
The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the
☐ ☆ ✇ The Hacker News

Webinar – Leverage Zero Trust Security to Minimize Your Attack Surface

By: Newsroom — January 8th 2024 at 09:01
Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particularly firewalls and VPNs, which give attackers direct network access to execute their attacks. In fact, Gartner&
☐ ☆ ✇ The Hacker News

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

By: Newsroom — December 8th 2023 at 09:52
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit
☐ ☆ ✇ The Hacker News

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

By: Newsroom — November 24th 2023 at 10:31
Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. “Among the most prominent changes is the shift to Rust language, which indicates the malware code was entirely rewritten, while still maintaining similar
☐ ☆ ✇ The Hacker News

Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign

By: THN — September 19th 2023 at 12:05
Targets located in Azerbaijan have been singled out as part of a new campaign that's designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor or group. "The operation has at least two different initial access vectors," security researchers
☐ ☆ ✇ The Hacker News

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

By: THN — August 28th 2023 at 15:40
In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf," Phylum said in a report published last week. The names of the packages, now taken down, are as follows:
☐ ☆ ✇ The Hacker News

New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers

By: THN — August 7th 2023 at 09:52
Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week. Some of the Linux distribution SkidMap
☐ ☆ ✇ The Hacker News

Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets

By: THN — July 26th 2023 at 07:08
A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system. Written in the Rust programming language, the malware is distributed in the form of bogus blockchain games and is capable of "emptying crypto wallets and stealing stored password and
☐ ☆ ✇ The Hacker News

VirusTotal Data Leak Exposes Some Registered Customers' Details

By: THN — July 18th 2023 at 11:34
Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform. The security incident, which comprises a database of 5,600 names in a 313KB file, was first disclosed by Der Spiegel and Der Standard yesterday. Launched in 2004, VirusTotal is a
☐ ☆ ✇ The Hacker News

Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems

By: Ravie Lakshmanan — June 19th 2023 at 12:37
Cybersecurity researchers have uncovered a set of malicious artifacts that they say is part of a sophisticated toolkit targeting Apple macOS systems. "As of now, these samples are still largely undetected and very little information is available about any of them," Bitdefender researchers Andrei Lapusneanu and Bogdan Botezatu said in a preliminary report published on Friday. The Romanian firm's
☐ ☆ ✇ The Hacker News

Cyolo Product Overview: Secure Remote Access to All Environments

By: The Hacker News — May 16th 2023 at 11:43
Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations' essential systems and resources. Cybercriminals no longer break into systems, but instead log in – making access security more complex and also more important to manage and control than ever before. In an effort to solve the access-related challenges facing OT and critical infrastructure
☐ ☆ ✇ The Hacker News

New Rilide Malware Targeting Chromium-Based Browsers to Steal Cryptocurrency

By: Ravie Lakshmanan — April 4th 2023 at 13:07
Chromium-based web browsers are the target of a new malware called Rilide that masquerades itself as a seemingly legitimate extension to harvest sensitive data and siphon cryptocurrency. "Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a broad spectrum of malicious activities, including monitoring browsing history, taking screenshots, and
❌