hacker news

Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers

Dec 05, 2024Ravie LakshmananThreat Intelligence / Cyber Espionage A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According to Broadcom-owned Symantec, the first evidence of…

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

Dec 05, 2024Ravie LakshmananCyber Espionage / Malware The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of…

NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions

Dec 05, 2024Ravie LakshmananCryptocurrency / Financial Crime The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and…

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

Dec 05, 2024Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV)…

Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its…

Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown

Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that’s created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes…

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud’s flexibility, scalability, and efficiency come with significant risk — an expanded attack surface.…

How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges

Many organizations struggle with password policies that look strong on paper but fail in practice because they’re too rigid to follow, too vague to enforce, or disconnected from real security needs. Some are so tedious…

Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library

Dec 04, 2024Ravie LakshmananSupply Chain Attack Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users’ private keys with…

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks

Dec 04, 2024Ravie Lakshmanan A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications…

« Previous
1
…
176
177
178
179
180
…
333
Next »