The Hacker News

RunC Flaws Enable Container Escapes, Granting Attackers Host Access

February 4, 2024 add comment
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on... Read more »

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

February 3, 2024 add comment
Cybersecurity researchers have detailed an updated version of the malware HeadCrab that’s known to target Redis database servers across the world since early September 2021. The development, which comes exactly a... Read more »

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

December 8, 2023 add comment
A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. “This... Read more »

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

November 23, 2023 add comment
A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws... Read more »

QakBot Malware Operators Expand C2 Network with 15 New Servers

August 8, 2023 add comment
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the... Read more »

Hackers Abusing Cloudflare Tunnels for Covert Communications

August 8, 2023 add comment
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. “Cloudflared is functionally very similar to... Read more »

Understanding Active Directory Attack Paths to Improve Security

August 8, 2023 add comment
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With... Read more »

New Yashma Ransomware Variant Targets Multiple English-Speaking Countries

August 8, 2023 add comment
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023.... Read more »

LOLBAS in the Wild: 11 Living-Off-The-Land Binaries Used for Malicious Purposes

August 8, 2023 add comment
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities.  “LOLBAS is an attack method that... Read more »

New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs

August 7, 2023 add comment
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT)... Read more »
Subscribe to our Newsletter