Tag: hacker
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
by
in SecurityNewsIvanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
by
in SecurityNews
Tags: attack, computer, cyber, cyberattack, data, government, group, hacker, malware, powershell, tool, ukraineIn a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware tool named WRECKSTEEL to infiltrate computers and extract sensitive data. The primary targets include government…
-
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
by
in SecurityNews
Tags: access, attack, authentication, breach, cloud, compliance, credentials, crime, cve, cybersecurity, data, data-breach, endpoint, exploit, finance, fraud, hacker, identity, infrastructure, intelligence, law, oracle, resilience, risk, service, strategy, supply-chain, technology, theft, threat, vulnerabilityLawsuit challenges Oracle’s response: The reports of Oracle’s acknowledgement of the breach come just days after the company was hit with a class action lawsuit over its handling of the security breach.The lawsuit specifically addresses a major security breach discovered in March that reportedly compromised 6 million records containing sensitive authentication-related data from Oracle Cloud…
-
Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware
by
in SecurityNewsA Ukrainian cyber agency said a suspected espionage campaign using the new malware has been active seen the fall, with at least three incidents detected in March. First seen on therecord.media Jump to article: therecord.media/hackers-ukraine-critical-infrastructure-malware
-
Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores
by
in SecurityNewsCybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-stripe-api-web-skimming-card-theft/
-
UAC-0219 Hackers Leverage WRECKSTEEL PowerShell Stealer to Extract Data from Computers
by
in SecurityNews
Tags: attack, computer, cyber, cyberattack, data, government, group, hacker, malware, powershell, tool, ukraineIn a concerning development, CERT-UA, Ukraine’s Computer Emergency Response Team, has reported a series of cyberattacks attributed to the hacker group identified as UAC-0219. These attacks, which have been ongoing since the fall of 2024, utilize an advanced PowerShell-based malware tool named WRECKSTEEL to infiltrate computers and extract sensitive data. The primary targets include government…
-
Hackerangriff auf Heilbronner Marketing
by
in SecurityNewsHacker haben die IT-Systeme der Heilbronn Marketing verschlüsselt.Laut einem Bericht des Südwestrundfunk (SWR) haben Cyberkriminelle kürzlich die IT-Systeme der Heilbronn Marketing GmbH (HMG) verschlüsselt und einen Erpresserbrief hinterlassen. Bisher ist unklar, ob dabei auch Daten gestohlen wurden. Da das Unternehmen unter anderem Feste und Events für die Stadt Heilbronn organisiert und Tickets verkauft, sind auch…
-
Hackers target Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware
by
in SecurityNewsA Ukrainian cyber agency said a suspected espionage campaign using the new malware has been active seen the fall, with at least three incidents detected in March. First seen on therecord.media Jump to article: therecord.media/hackers-ukraine-critical-infrastructure-malware
-
Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware
by
in SecurityNewsThe cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/coquettte-hacker-malware-bph/
-
Critical Flaw in Google Quick Share Lets Hackers Bypass File Transfer Approval
by
in SecurityNewsCybersecurity researchers have uncovered a new vulnerability in Google’s Quick Share data transfer tool for Windows, potentially allowing attackers to crash the application or send files to a user’s device without their consent. The vulnerability, tracked as CVE-2024-10668 with a… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-10668-google-quick-share-exploit/
-
Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
by
in SecurityNews
Tags: apache, attack, botnet, credentials, cyber, data-breach, exploit, flaw, hacker, linux, vulnerability, windowsA newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hours of discovery, employ encrypted payloads and advanced persistence mechanisms to infiltrate systems running both Windows and Linux platforms. The attackers…
-
Hackers Actively Scanning for Juniper Smart Routers Using Default Passwords
by
in SecurityNewsRecent cybersecurity findings reveal an alarming increase in malicious activity targeting Juniper’s Session Smart Networking Platform (SSR). According to SANS tech reports, Attackers are focusing their efforts on exploiting devices using the default credentials, >>t128>128tRoutes
-
Hackers Selling SnowDog RAT Malware With Remote Control Capabilities Online
by
in SecurityNewsA sophisticated remote access trojan (RAT) dubbedSnowDoghas surfaced on underground cybercrime forums, prompting alarms among cybersecurity experts. Advertised as a tool for “corporate espionage and advanced intrusions,” the malware is being sold by an unidentified threat actor with claims of stealth, evasion, and remote control capabilities. The SnowDog RAT: Features and Risks The seller claims…
-
Cyberangriff auf einen Anbieter elektronischer Ticketsysteme in Italien, Nahverkehr betroffen
by
in SecurityNewsAttacco hacker blocca i biglietti Mom: due giorni di caos per pendolari e studenti First seen on tribunatreviso.it Jump to article: www.tribunatreviso.it/cronaca/mon-hacker-attacco-biglietti-xueo4que
-
Experts Warn Congress Another Salt Typhoon Attack Is Coming
by
in SecurityNewsChinese Hackers Are Pre-Positioned, and Top Officials Could Be Making Matters Worse. Experts told lawmakers on Wednesday that without urgent federal action to strengthen cyber defenses and additional efforts to improve the cybersecurity practices of some of the highest ranking government officials, another Salt Typhoon attack could be just around the corner. First seen on…
-
Latest Ivanti bug, paired with malware, earns an alert from CISA
by
in SecurityNewsA recent alert from CISA builds on previous research about a vulnerability in Ivanti products that China-linked hackers have used to insert malware into networks. First seen on therecord.media Jump to article: therecord.media/cisa-alert-ivanti-bug-resurge-malware
-
Hacker Leaks 144GB of Royal Mail Group Data, Blames Supplier Spectos
Hacker leaks 144GB of sensitive Royal Mail Group data, including customer info and internal files, claiming access came via supplier Spectos. Investigation underway! First seen on hackread.com Jump to article: hackread.com/hacker-leaks-royal-mail-group-data-supplier-spectos/
-
Hackers Use DeepSeek and Remote Desktop Apps to Deploy TookPS Malware
by
in SecurityNewsA recent investigation by cybersecurity researchers has uncovered a large-scale malware campaign leveraging the DeepSeek LLM and popular remote desktop applications to distribute the Trojan-Downloader.Win32.TookPS malware. The attackers targeted both individual users and organizations by disguising malicious software as legitimate business tools, including UltraViewer, AutoCAD, and SketchUp. Malicious Infrastructure and Infection Chain The TookPS malware…
-
Hackers Exploit Cloudflare for Advanced Phishing Attacks
by
in SecurityNewsA sophisticated phishing campaign orchestrated by a Russian-speaking threat actor has been uncovered, revealing the abuse of Cloudflare services and Telegram for malicious purposes. Researchers at Hunt.io have identified this new wave of attacks, which employs Cloudflare-branded phishing pages and advanced tactics to evade detection. The campaign utilizes Cloudflare’s Pages.dev and Workers.dev platforms typically used…
-
Check Point Software confirms security incident but pushes back on threat actor claims
by
in SecurityNewsA malicious hacker recently offered to sell the security firm’s sensitive customer information. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/check-point-software-security-incident/744198/
-
Hacker stiehlt Kundendaten von Samsung Deutschland
by
in SecurityNewsSamsung Deutschland ist von einem Datenleck betroffen. Samsung DeutschlandBei Samsung Deutschland hat es offenbar ein massives Datenleck gegeben. Etwa 270.000 Kundendatensätze von Samsung Electronics Deutschland werden derzeit in einem Darknet-Forum angeboten. Ein krimineller Hacker mit dem Pseudonym ‘GHNA” will diese Daten kürzlich aus dem Support-System von Samsung kopiert haben.Dem Darknet-Post zufolge enthalten die geleakten Datensätze…
-
Canon Printer Drivers Flaw Could Let Hackers Run Malicious Code
by
in SecurityNewsA critical vulnerability (CVE-2025-1268) in Canon printer drivers allows remote code execution. See which drivers are affected, how to patch them. First seen on hackread.com Jump to article: hackread.com/canon-printer-drivers-flaw-hackers-run-malicious-code/
-
Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK
by
in SecurityNewsHackers stole $1.67bn of cryptocurrencies in the first quarter of 2025, a 303% increase First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/record-crypto-theft-certik-bybit/
-
Hackers Hijack Telegram Accounts via Default Voicemail Passwords
by
in SecurityNewsThe Israeli Internet Association has issued a public warning about a surge in cyberattacks targeting Telegram accounts in Israel. The campaign, traced to hackers in Bangladesh and Indonesia, exploits vulnerabilities in voicemail systems to hijack accounts and, in some cases, register new ones using phone numbers of individuals who have never used Telegram, including minors.…
-
Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks
by
in SecurityNewsNorth Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem. The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/lazarus-uses-clickfix-tactics-in-fake-cryptocurrency-job-attacks/
-
Oracle Health warnt vor Datenleck
by
in SecurityNews
Tags: access, ceo, cloud, computer, cyberattack, cybersecurity, cyersecurity, data-breach, hacker, Internet, login, oracle, password, supply-chain, usaHacker haben sich Zugriff auf Daten von Oracle Health verschafft.Während Oracle den Datenverstoß, der in der vergangenen Woche ans Licht kam, öffentlich abstreitet, informierte die Tochtergesellschaft Oracle Health kürzlich betroffene Kunden über ein Datenleck. Betroffen waren Daten von alten Datenmigrations-Server von Cerner, wie aus einem Bericht von Bleeping Computer hervorgeht. Oracle hatte den IT-Dienstleister für…
-
Spike in Palo Alto Networks scanner activity suggests imminent cyber threats
by
in SecurityNewsHackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks. Researchers at the threat intelligence firm GreyNoise warn of hackers that are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks, warns threat intelligence firm GreyNoise. GreyNoise reports that over 24,000 unique IP addresses…
-
Hacker Leaks 270,000 Samsung Customer Records”, Stolen Credentials Were Left Unchecked for Years
by
in SecurityNewsIn a troubling security breach, a hacker exposed the personal data of over 270,000 Samsung customers in Germany, freely dumping it on the internet. The hack, attributed to a cybercriminal operating under the alias “GHNA,” occurred when the attacker accessed a system used by Samsung’s German customer service. According to cybersecurity firm Hudson Rock, the…
-
Hackers Exploit JavaScript CSS Tricks to Steal Browsing History
by
in SecurityNewsThe web browsing history feature, designed to enhance user convenience by styling visited links differently, has inadvertently created a privacy vulnerability. Hackers have exploited this feature, using JavaScript and CSS techniques to deduce users’ online habits, revealing a concerning loophole in digital privacy. Browsers use the:visitedCSS pseudo-class to style visited links differently from unvisited ones,…
-
Hackers Exploiting Vulnerabilities in SonicWall, Zoho, F5 Ivanti Systems
by
in SecurityNewsA surge in cyber activity targeting critical edge technologies and management tools, including SonicWall, Zoho, F5, Ivanti, and other systems, has been flagged by cybersecurity intelligence firm GreyNoise. The sudden spike in probing and exploitation attempts highlights an alarming trend: Hackers are increasingly targeting vulnerabilities in widely used systems, potentially exposing businesses to significant threats.…