Skip to content
the hacker news Page 32

the hacker news

Guide:  The Ultimate Pentest Checklist for Full-Stack Security

Guide:  The Ultimate Pentest Checklist for Full-Stack Security

Oct 21, 2024The Hacker NewsPenetration Testing / API Security Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have… 

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Oct 21, 2024Ravie LakshmananEncryption / Data Protection Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. “The vulnerabilities range in severity:… 

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal… 

Acronym Overdose – Navigating the Complex Data Security Landscape

Acronym Overdose – Navigating the Complex Data Security Landscape

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can… 

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

Oct 19, 2024Ravie LakshmananNetwork Security / Data Breach A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the… 

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

Oct 18, 2024Ravie LakshmananInsider Threat / Cyber Espionage North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by… 

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Oct 18, 2024Ravie LakshmananCyber Intelligence / Critical Infrastructure Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via…