Skip to content
hacker news Page 173

hacker news

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

Dec 13, 2024The Hacker NewsLinux / Vulnerability A security flaw has been disclosed in OpenWrt‘s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked… 

Read More »Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection
DoJ Indicts 14 North Koreans for M IT Worker Fraud Scheme Over Six Years

DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years

The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People’s Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit… 

Read More »DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

Dec 13, 2024The Hacker NewsIoT Security / Operational Technology Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States.… 

Read More »Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms
New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection

New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection

Dec 13, 2024Ravie LakshmananLinux / Threat Analysis Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while… 

Read More »New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection
FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth 5K Seized

FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized

The U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox (“rydox.ru” and “rydox[.]cc”) for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud.… 

Read More »FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized
Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States

Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States

Dec 12, 2024Ravie LakshmananMobile Security / Cyber Espionage The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary… 

Read More »Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Dec 12, 2024Ravie LakshmananVulnerability / Device Security Details have emerged about a now-patched security vulnerability in Apple’s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result… 

Read More »Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS