Skip to content
the hacker news Page 15

the hacker news

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Sep 20, 2024Ravie LakshmananEncryption / Digital Security Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. “This PIN adds an… 

Read More »Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Sep 20, 2024Ravie LakshmananEnterprise Security / Network Security Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE… 

Read More »Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Sep 19, 2024Ravie LakshmananCyber Attack / Hacking Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software… 

Read More »Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. “Threat actors usually try to cast a wide net to maximize… 

Read More »New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

Sep 19, 2024Ravie LakshmananCryptojacking / Cloud Security The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. “The… 

Read More »New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

Sep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted… 

Read More »GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide

New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or… 

Read More »New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide