Category: Cyber Security

Mar 04, 2025The Hacker NewsCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – […]

Mar 04, 2025Ravie LakshmananVulnerability / Mobile Security Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-43093 – A privilege escalation flaw in the Framework […]

Mar 03, 2025Ravie LakshmananCloud Security / Email Security Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which […]

Mar 03, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph […]

Mar 03, 2025Ravie LakshmananData Privacy / Compliance The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country. To that end, the watchdog said it’s probing how the ByteDance-owned […]

Mar 03, 2025Ravie LakshmananRansomware / Vulnerability Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC). “These […]

Mar 03, 2025Ravie Lakshmanan This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was […]

In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of […]

Mar 03, 2025Ravie LakshmananMobile Security / Botnet Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d has been found to encompass 800,000 daily active IP addresses, with the botnet scaling a peak of […]

Mar 01, 2025Ravie LakshmananPrivacy / Data Protection Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states – You give Mozilla the rights […]

Feb 28, 2025Ravie LakshmananMobile Security / Zero-Day A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. “The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android […]

Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true […]

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites. “The attacker uses SEO to […]

Feb 28, 2025Ravie LakshmananFinancial Fraud / Cyber Espionage The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which […]

Feb 28, 2025Ravie LakshmananAPI Security / AI Security Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, called LLMjacking, has targeted various AI offerings, including […]

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices […]

Feb 27, 2025Ravie LakshmananMalware / Threat Intelligence A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country’s National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications. […]

Feb 27, 2025Ravie LakshmananMalware / Network Security The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It’s tracking […]

Feb 27, 2025The Hacker NewsArtificial Intelligence / Browser Security Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce. The “Enterprise GenAI Data Security Report 2025” by […]

Feb 27, 2025Ravie LakshmananCybercrime / Android Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting. “The modifications seen in the TgToxic payloads reflect the actors’ ongoing surveillance of open source intelligence and demonstrate […]

Feb 27, 2025Ravie LakshmananVulnerability / Network Security A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a […]

Feb 27, 2025Ravie LakshmananCybercrime / Cryptocurrency The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company’s CEO Ben Zhou declared a “war against Lazarus.” The agency said the Democratic People’s Republic of Korea (North Korea) was responsible for the theft of the […]

A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with the goal of manipulating search results and fueling a spam ads campaign at scale. Security researcher Oleg Zaytsev, in a report shared with The Hacker News, said the campaign – […]

More than a year’s worth of internal chat logs from a ransomware gang known as Black Basta have been published online in a leak that provides unprecedented visibility into their tactics and internal conflicts among its members. The Russian-language chats on the Matrix messaging platform between September 18, 2023, and September 28, 2024, were initially […]

Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, it’s clear this isn’t just a human problem—it’s a math problem. There are simply too many threats and security tasks for any SOC to manually handle in a reasonable timeframe. Yet, there […]

Feb 26, 2025Ravie LakshmananLinux / Endpoint Security Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color between November and December 2024, according to new findings from Palo Alto Networks Unit 42. “Once installed, Auto-color allows threat actors full remote access to compromised machines, making […]

Feb 26, 2025The Hacker NewsIdentity Protection / Password Security Passwords are rarely appreciated until a security breach occurs; suffice to say, the importance of a strong password becomes clear only when faced with the consequences of a weak one. However, most end users are unaware of just how vulnerable their passwords are to the most […]

Feb 26, 2025Ravie LakshmananNetwork Security / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat (aka DarkCrystal RAT). The Ukrainian cybersecurity authority said it observed the latest attack […]

Feb 26, 2025Ravie LakshmananEnterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are as follows – CVE-2024-49035 (CVSS score: […]

Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that’s capable of infecting both Windows and Apple systems with an aim to […]