The Hacker News

Researchers Uncover Connection b/w Moses Staff and Emerging Abraham’s Ax Hacktivists Group

January 26, 2023 add comment
New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham’s Ax that emerged in November 2022. This is... Read more »

Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA

January 26, 2023 add comment
Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security... Read more »

Is Once-Yearly Pen Testing Enough for Your Organization?

January 26, 2023 add comment
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to... Read more »

PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration

January 26, 2023 add comment
Cybersecurity researchers have unearthed a new Python-based attack campaign that leverages a Python-based remote access trojan (RAT) to gain control over compromised systems since at least August 2022. “This... Read more »

U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software

January 26, 2023 add comment
At least two federal agencies in the U.S. fell victim to a “widespread cyber campaign” that involved the use of legitimate remote monitoring and management (RMM) software to perpetuate... Read more »

Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages

January 25, 2023 add comment
A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that’s been believed to be active since at least 2017. According to GoDaddy-owned Sucuri,... Read more »

The Definitive Browser Security Checklist

January 25, 2023 add comment
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While... Read more »

North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks

January 25, 2023 add comment
A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a “sprawling” credential harvesting activity targeting... Read more »

LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised

January 25, 2023 add comment
LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers’ data along with an encryption key for some of... Read more »

VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities

January 25, 2023 add comment
VMware on Tuesday released software to remediate four security vulnerabilities affecting vRealize Log Insight (aka Aria Operations for Logs) that could expose users to remote code execution attacks. Two of the... Read more »
Subscribe to our Newsletter