The Hacker News

JumpCloud Blames ‘Sophisticated Nation-State’ Actor for Security Breach

July 18, 2023 add comment
A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The... Read more »

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

July 17, 2023 add comment
Threat actors are taking advantage of Android’s WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. “The attack... Read more »

Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware

July 17, 2023 add comment
Cyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023,  That’s according to new findings from... Read more »

These 6 Questions Will Help You Choose the Best Attack Surface Management Platform

July 17, 2023 add comment
The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but... Read more »

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

July 17, 2023 add comment
Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. “LokiBot, also known as Loki PWS, has been... Read more »

CERT-UA Uncovers Gamaredon’s Rapid Data Exfiltration Tactics Following Initial Compromise

July 17, 2023 add comment
The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. “As a vector of primary compromise, for the... Read more »

Defend Against Insider Threats: Join this Webinar on SaaS Security Posture Management

July 16, 2023 add comment
As security practices continue to evolve, one primary concern persists in the minds of security professionals—the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating... Read more »

WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks

July 15, 2023 add comment
With generative artificial intelligence (AI) becoming all the rage these days, it’s perhaps not surprising that the technology has been repurposed by malicious actors to their own advantage, enabling... Read more »

Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens

July 15, 2023 add comment
Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a... Read more »

Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services

July 14, 2023 add comment
Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system (DCS) and QuickBlox, that, if successfully exploited, could result in severe compromise of affected... Read more »
Subscribe to our Newsletter