how to hack

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

Jan 03, 2025Ravie LakshmananWindows Server / Threat Mitigation A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The…

Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Jan 03, 2025Ravie LakshmananDevOps / Software Development Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. “We…

Apple to Pay Siri Users Per Device in Settlement Over Accidental Siri Privacy Violations

Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations

Jan 03, 2025Ravie LakshmananTechnology / Data Privacy Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users’ privacy using its voice-activated Siri assistant.…

Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API

Jan 02, 2025Ravie LakshmananVulnerability / Data Protection Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity…

A Growing Threat to Modern Security and How to Combat Them

Jan 02, 2025The Hacker NewsCloud Security / Threat Intelligence In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints,…

Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar…

Three Russian-German Nationals Charged with Espionage for Russian Secret Service

Jan 02, 2025Ravie LakshmananCyber Espionage / Hacking German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused…

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

Jan 01, 2025Ravie LakshmananWeb Security / Vulnerability Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The…

Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics

Jan 01, 2025Ravie LakshmananGenerative AI / Election Interference The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with…

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

Dec 31, 2024Ravie LakshmananData Security / Privacy The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of…

« Previous
1
…
165
166
167
168
169
…
334
Next »