Skip to content
hacker news Page 9

hacker news

This ,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

Dec 05, 2024Ravie LakshmananCryptocurrency / Mobile Security As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. “DroidBot is… 

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

Dec 05, 2024Ravie LakshmananVulnerability / IoT Security Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker… 

Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers

Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers

Dec 05, 2024Ravie LakshmananOnline Fraud / Cybercrime Europol on Thursday announced the shutdown of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale. The operation, led by German authorities, has… 

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs. “Earth Minotaur uses MOONSHINE… 

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious… 

Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers

Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers

Dec 05, 2024Ravie LakshmananThreat Intelligence / Cyber Espionage A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According to Broadcom-owned Symantec, the first evidence of… 

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

Dec 05, 2024Ravie LakshmananCyber Espionage / Malware The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of… 

NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions

NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions

Dec 05, 2024Ravie LakshmananCryptocurrency / Financial Crime The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and… 

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

Dec 05, 2024Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV)… 

Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities

Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its…