Tag: hacker
-
Chinese Espionage Group Targeting Legacy Ivanti VPN Devices
by
in SecurityNewsMore Evidence Surfaces of Chinese Hackers Targeting Ivanti Products. A suspected Chinese cyberespionage operation is behind a spate of malware left on VPN appliances made by Ivanti. The threat actor used a critical security vulnerability the Utah company patched in February. We are aware of a limited number of customers whose appliances have been exploited.…
-
CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers
by
in SecurityNewsResearchers attributed exploitation of the vulnerability to a suspected China-based cyberespionage group tracked as UNC5221. First seen on therecord.media Jump to article: therecord.media/cisa-ivanti-firewall-bug-exploitation
-
Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks
by
in SecurityNewsAs the United States approaches Tax Day on April 15, cybersecurity experts have uncovered a series of sophisticated phishing campaigns leveraging tax-related themes to exploit unsuspecting users. Microsoft has identified these campaigns as employing advanced redirection techniques such as URL shorteners and QR codes embedded in malicious attachments to evade detection. By abusing legitimate services…
-
CISA, FBI warn of fast flux technique used to hide malicious servers
by
in SecurityNewsCriminal and state-linked hackers use fast-changing DNS records to make it harder for defenders to detect or disrupt malicious activity. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-fbi-fast-flux-hide-malicious-servers/744486/
-
DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns
Hackers now use AI and botnets to launch powerful DDoS attacks, bypassing security and overwhelming servers as law enforcement struggles to keep up. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ddos-cyberattacks-political-conflicts-netscout/
-
Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads
by
in SecurityNewsIvanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This buffer overflow vulnerability enables attackers to achieve remote code execution when exploited successfully. Security researchers from Mandiant and Ivanti have confirmed active exploitation of this vulnerability in the wild, targeting ICS 9.X (end-of-life) and earlier…
-
Hackers Exploit Fast Flux to Evade Detection and Obscure Malicious Servers
by
in SecurityNews
Tags: advisory, control, cyber, cybersecurity, detection, exploit, hacker, infrastructure, malicious, threatCybersecurity agencies worldwide have issued a joint advisory warning against the growing threat posed by >>fast flux,
-
Cybercriminals are trying to loot Australian pension accounts in new campaign
by
in SecurityNewsHackers over the weekend targeted Australian superannuation funds, investment accounts into which portions of employees’ wages are compulsorily placed. First seen on therecord.media Jump to article: therecord.media/cybercriminals-australia-hacking-campaign-pension
-
Europcar GitLab breach exposes data of up to 200,000 customers
A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/europcar-gitlab-breach-exposes-data-of-up-to-200-000-customers/
-
Royal Mail untersucht Datenleck
by
in SecurityNewsDer britische Postdienst Royal Mail untersucht Hinweise auf ein Datenleck. Hintergrund könnte der gleiche wie bei dem Fall von Samsung Deutschland sein.Rund zwei Jahre nach der massiven Ransomware-Attacke auf Royal Mail kursieren aktuell Hinweise auf einen neuen Cybervorfall. Am 31. März behauptete ein Hacker namens ‘GHNA” in einem Darknet-Forum, dass er 144 Gigabyte Daten bei…
-
Russia jails hacker for two years over cyberattack on local tech company
by
in SecurityNewsA Russian citizen has been sentenced to two years in a penal colony for launching a distributed denial-of-service (DDoS) attack against a local tech company. First seen on therecord.media Jump to article: therecord.media/russia-jails-hacker-over-cyberattack-on-tech-firm
-
Privilegierte Zugänge werden zum Sicherheitsrisiko
by
in SecurityNews
Tags: access, ai, api, apple, authentication, best-practice, cisco, cloud, cyber, cyberattack, dark-web, hacker, mail, malware, mfa, microsoft, password, phishing, ransomware, risk, service, tool, vpn, vulnerabilityKriminelle bevorzugen Phishing als Erstzugriffsmethode und nutzen legale Tools für unauffällige Angriffe auf sensible Systeme, wie eine aktuelle Studie herausfand.Der Missbrauch legitimer privilegierter Zugänge (legitimate privileged access) nimmt zu . Wie der Cisco Talos’ Jahresrückblick 2024 herausfand, nutzten Angreifer immer öfter gestohlene Identitäten für ihre Attacken, darunter auch Ransomware-Erpressungen. Dafür missbrauchen die HackerAnmeldedaten,Tokens,API-Schlüssel undZertifikate.Angriffe dieser…
-
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw
by
in SecurityNews
Tags: china, espionage, exploit, flaw, hacker, ivanti, mandiant, remote-code-execution, vulnerabilityMandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-state-hackers-ivanti-flaw/
-
North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds
by
in SecurityNewsThe attackers pose as legitimate remote IT workers, looking to both generate revenue and access sensitive company data through employment. “Europe needs to wake up fast,” according to Google’s Jamie Collier. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-north-korea-it-worker-google/
-
$500,000 stolen in Australian super fund data breach
by
in SecurityNewsSuper industry’s peak body says majority of hacking attempts stopped but money lost by a small number of customers<ul><li><a href=”https://www.theguardian.com/australia-news/live/2025/apr/04/australia-election-2025-live-peter-dutton-anthony-albanese-labor-coalition-poll-tariffs-trump-interest-rates-rba-ntwnfb”>Election 2025 live updates: Australia federal election campaign</li><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>afternoon election email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>Hackers have targeted Australian superannuation funds this week, with a small number of customers losing a…
-
Australian super funds compromised after data breach as hackers use stolen passwords
by
in SecurityNewsRetirement savings industry’s peak body says majority of hacking attempts stopped but a number of companies affected by data breach<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>afternoon election email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>Hackers have targeted Australian superannuation funds this week, the retirement savings industry’s peak body has said, with a number of funds having member…
-
Texas city warns thousands of utility payment site breach
by
in SecurityNewsAt least 12,000 people in Texas had sensitive financial information stolen by hackers who secretly implanted malicious code into the utility payment website of the City of Lubbock. First seen on therecord.media Jump to article: therecord.media/texas-city-warns-thousands-of-utility-site-breach
-
Stopping MFA Fatigue Attacks Before They Start: Securing Your Entry Points
MFA Fatigue Attacks on the Rise Yet another challenge is undermining the effectiveness of MFA: MFA fatigue attacks. In an MFA fatigue attack (sometimes also referred to as an “MFA bombing” or “push bombing” attack), a hacker who already possesses a valid username and password bombards the rightful user with repeated MFA login approval requests……
-
Hacker Claims Twilio’s SendGrid Data Breach, Selling 848,000 Records
by
in SecurityNewsA hacker, previously linked to the Tracelo breach, now claims to have breached Twilio’s SendGrid, leaking and selling data on 848,000 customers, including contact and company info. First seen on hackread.com Jump to article: hackread.com/hacker-twilio-sendgrid-data-breach-customer-data/
-
US, Australia, Canada warn of ‘fast flux’ scheme used by ransomware gangs
by
in SecurityNewsRansomware gangs and Russian government hackers are increasingly turning to an old tactic called “fast flux” to hide the location of infrastructure used in cyberattacks. First seen on therecord.media Jump to article: therecord.media/us-australia-canada-warn-of-fast-flux-ransomware-rusia
-
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
by
in SecurityNews
Tags: access, attack, authentication, breach, cloud, compliance, credentials, crime, cve, cybersecurity, data, data-breach, endpoint, exploit, finance, fraud, hacker, identity, infrastructure, intelligence, law, oracle, resilience, risk, service, strategy, supply-chain, technology, theft, threat, vulnerabilityLawsuit challenges Oracle’s response: The reports of Oracle’s acknowledgement of the breach come just days after the company was hit with a class action lawsuit over its handling of the security breach.The lawsuit specifically addresses a major security breach discovered in March that reportedly compromised 6 million records containing sensitive authentication-related data from Oracle Cloud…
-
Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware
by
in SecurityNewsA Ukrainian cyber agency said a suspected espionage campaign using the new malware has been active seen the fall, with at least three incidents detected in March. First seen on therecord.media Jump to article: therecord.media/hackers-ukraine-critical-infrastructure-malware
-
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
by
in SecurityNewsCybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-stripe-api-web-skimming-card-theft/
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
by
in SecurityNewsIvanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
by
in SecurityNews
Tags: attack, computer, cyber, cyberattack, data, government, group, hacker, malware, powershell, tool, ukraineIn a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware tool named WRECKSTEEL to infiltrate computers and extract sensitive data. The primary targets include government…
-
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
by
in SecurityNews
Tags: access, attack, authentication, breach, cloud, compliance, credentials, crime, cve, cybersecurity, data, data-breach, endpoint, exploit, finance, fraud, hacker, identity, infrastructure, intelligence, law, oracle, resilience, risk, service, strategy, supply-chain, technology, theft, threat, vulnerabilityLawsuit challenges Oracle’s response: The reports of Oracle’s acknowledgement of the breach come just days after the company was hit with a class action lawsuit over its handling of the security breach.The lawsuit specifically addresses a major security breach discovered in March that reportedly compromised 6 million records containing sensitive authentication-related data from Oracle Cloud…
-
Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware
by
in SecurityNewsA Ukrainian cyber agency said a suspected espionage campaign using the new malware has been active seen the fall, with at least three incidents detected in March. First seen on therecord.media Jump to article: therecord.media/hackers-ukraine-critical-infrastructure-malware
-
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
by
in SecurityNewsCybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-stripe-api-web-skimming-card-theft/
-
UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
by
in SecurityNews
Tags: attack, computer, cyber, cyberattack, data, government, group, hacker, malware, powershell, tool, ukraineIn a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware tool named WRECKSTEEL to infiltrate computers and extract sensitive data. The primary targets include government…
-
Hackers target Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware
by
in SecurityNewsA Ukrainian cyber agency said a suspected espionage campaign using the new malware has been active seen the fall, with at least three incidents detected in March. First seen on therecord.media Jump to article: therecord.media/hackers-ukraine-critical-infrastructure-malware