The Hacker News

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

July 18, 2023 add comment
The financially motivated threat actor known as FIN8 has been observed using a “revamped” version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team,... Read more »

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

July 18, 2023 add comment
Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score:... Read more »

Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges

July 18, 2023 add comment
Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum as well as having child pornography... Read more »

JumpCloud Blames ‘Sophisticated Nation-State’ Actor for Security Breach

July 18, 2023 add comment
A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The... Read more »

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

July 17, 2023 add comment
Threat actors are taking advantage of Android’s WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. “The attack... Read more »

Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware

July 17, 2023 add comment
Cyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023,  That’s according to new findings from... Read more »

These 6 Questions Will Help You Choose the Best Attack Surface Management Platform

July 17, 2023 add comment
The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but... Read more »

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

July 17, 2023 add comment
Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. “LokiBot, also known as Loki PWS, has been... Read more »

CERT-UA Uncovers Gamaredon’s Rapid Data Exfiltration Tactics Following Initial Compromise

July 17, 2023 add comment
The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. “As a vector of primary compromise, for the... Read more »

Defend Against Insider Threats: Join this Webinar on SaaS Security Posture Management

July 16, 2023 add comment
As security practices continue to evolve, one primary concern persists in the minds of security professionals—the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating... Read more »
Subscribe to our Newsletter