Tag: hacker
-
BSidesLV24 Common Ground How We Accidentally Became Hardware Hackers
by
in SecurityNewsAuthors/Presenters: Kyle Shockley & Caleb Davis Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/bsideslv24-common-ground-how-we-accidentally-became-hardware-hackers/
-
Canada Warns Cyberdefenders to Buttress Edge Devices
by
in SecurityNewsCanadian Cyber Agency Warns of Rising Chinese Cyberthreats.. The Canadian Center for Cybersecurity on Tuesday said it has observed increasing levels of malicious cyberactivity from China-linked hackers, including the group tracked Salt Typhoon. Exposed edge devices are at risk of attacks can be detected through mass scanning. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/canada-warns-cyberdefenders-to-buttress-edge-devices-a-28033
-
Windows NTLM hash leak flaw exploited in phishing attacks on governments
by
in SecurityNewsA Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/
-
CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations
by
in SecurityNewsA relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations. The group, which started its operations in the healthcare, education, and industrial sectors of Taiwan, leverages sophisticated cyber techniques to disrupt essential services. Sophisticated Techniques and Open-Source Exploitation CrazyHunter’s toolkit is largely composed of open-source tools sourced…
-
43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers
by
in SecurityNewsA comprehensive study by zLabs, the research team at Zimperium, has found that over 43% of the top 100 mobile applications used in business environments contain severe vulnerabilities that expose sensitive data to potential hackers. This finding underscores the urgent need for enterprises to reassess their app vetting processes and enhance security measures to protect…
-
Wie sich Cyberkriminelle in Suchergebnisse schleichen
by
in SecurityNews
Tags: hackerESET zeigt die Tricks der Hacker und gibt hilfreiche Tipps First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/malware/wie-sich-cyberkriminelle-in-suchergebnisse-schleichen/
-
Cyberangriffe werden raffinierter: IBM veröffentlicht X-Force Threat Intelligence Index 2025
by
in SecurityNewsBesonders im Visier stehen kritische Infrastrukturen wie Wasserversorgung, Telekommunikation und Gesundheitswesen lukrative Ziele für Hacker, deren Angriffe durch den florierenden Handel mit Exploit-Codes im Dark Web zusätzlich befeuert werden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cyberangriffe-werden-raffinierter-ibm-veroeffentlicht-x-force-threat-intelligence-index-2025/a40526/
-
Hackers target Apple users in an ‘extremely sophisticated attack’
Flaws patched across the board: According to the NVD description, Apple issued a fix for all impacted operating systems. Patched Apple OS rollouts include tvOS 18.4.1, visionOS 2.4.1, iOS 18.4.1, iPadOS 18.4.1, and macOS Sequoia 15.4.1.Specific iPhones and iPads that shall be receiving the patch include iPhone XS and later, iPad Pro 13-inch, iPad Pro…
-
Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely
by
in SecurityNewsA major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation, drawing urgent attention from the cybersecurity community worldwide. The vulnerability, tracked as CVE-2025-32433, exposes systems to unauthenticated remote code execution, potentially allowing hackers to fully compromise affected servers with ease. Overview of the vulnerability The vulnerability was discovered by a research team…
-
Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools
by
in SecurityNewsThe China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and a novel tool named StarProxy, to evade endpoint detection and response (EDR) systems. Mustang Panda’s New Techniques Mustang Panda, known for targeting government and military entities primarily in East Asia, has…
-
Hacker Leaks 33,000 Employee Records in Third-Party API Breach
by
in SecurityNewsA hacker has exposed the personal records of over 33,000 employees after discovering unrestricted endpoints belonging to a major technology service provider. The breach, first reported by cybersecurity platform CloudSEK’s BeVigil, highlights alarming gaps in API security that could have far-reaching consequences for both the affected organization and its clients. CloudSEK’s BeVigil, a platform specializing…
-
Cisco Webex Vulnerability Lets Hackers Execute Code Through Malicious Meeting Links
by
in SecurityNewsCisco has disclosed a high-severity vulnerability in its widely used Webex App, warning users that attackers could exploit the flaw to execute arbitrary code on targeted computers. Tracked as CVE-2025-20236, the vulnerability arises from improper input validation in the app’s custom URL parser, exposing users to remote code execution simply by clicking a specially crafted meeting…
-
BreachForums purportedly disrupted by pro-Palestinian hackers
by
in SecurityNews
Tags: hackerFirst seen on scworld.com Jump to article: www.scworld.com/brief/breachforums-purportedly-disrupted-by-pro-palestinian-hackers
-
Chinese hackers set sights on Linux systems, Ivanti appliances
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/chinese-hackers-set-sights-on-linux-systems-ivanti-appliances
-
Chinese Hackers Deploy SNOWLIGHT and VShell in Linux Intrusions
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/chinese-hackers-deploy-snowlight-and-vshell-in-linux-intrusions
-
China-Linked Hackers Lay Brickstorm Backdoors on Euro Networks
by
in SecurityNewsResearchers discovered new variants of the malware, which is tied to a China-nexus threat group, targeting Windows environments of critical infrastructure networks in Europe. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/china-linked-hackers-brickstorm-backdoors-european-networks
-
Hackers Weaponize Gamma Tool Through Cloudflare Turnstile to Steal Microsoft Credentials
by
in SecurityNewsCybercriminals are exploiting an AI-powered presentation tool called Gamma to launch a multi-stage attack aimed at stealing Microsoft credentials. This attack route is designed not only to evade traditional security measures but also to deceive human recipients by leveraging trusted platforms and services. Exploitation of Gamma and Cloudflare Turnstile Cyber attackers are taking advantage of…
-
China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses
NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-hackers-brickstorm-backdoor/
-
Hertz Confirms Data Breach After Hackers Stole Customer PII
by
in SecurityNewsHertz confirms data breach linked to Cleo software flaw; Cl0p ransomware group leaked stolen data, exposing names, driver’s… First seen on hackread.com Jump to article: hackread.com/hertz-confirms-data-breach-hackers-stole-customer-pii/
-
Wein, Politik und Spionage: Russische Hacker greifen europäische Diplomaten an
by
in SecurityNewsIm Januar 2025 entdeckten die Sicherheitsexperten von Check Point Research eine besorgniserregende Welle von Phishing-Angriffen, die gezielt gegen europäische Regierungsbeamte und Diplomaten gerichtet sind. Im Zentrum der Attacken steht eine raffinierte russische Hackergruppe: APT29, auch bekannt als Midnight Blizzard oder Cozy Bear dieselben Akteure, die hinter dem berüchtigten SolarWinds-Hack standen. First seen on it-daily.net Jump…
-
APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats
by
in SecurityNewsCheck Point Research (CPR) has uncovered a new targeted phishing campaign employing GRAPELOADER, a sophisticated initial-stage downloader, launched by the notorious Russian-linked hacking group APT29, known alternatively as Midnight Blizzard or Cozy Bear. This campaign, identified since January 2025, primarily focuses on European governments and diplomatic entities. Campaign Overview APT29, recognized for its sophisticated cyber…
-
Chinese Hackers Unleash New BRICKSTORM Malware to Target Windows and Linux Systems
by
in SecurityNewsA sophisticated cyber espionage campaign leveraging the newly identified BRICKSTORM malware variants has targeted European strategic industries since at least 2022. According to NVISO’s technical analysis, these backdoors previously confined to Linux vCenter servers now infect Windows environments, employing multi-tiered encryption, DNS-over-HTTPS (DoH) obfuscation, and cloud-based Command & Control (C2) infrastructure to evade detection. The…
-
Datenleck bei Autovermietung: Prominente Hacker erbeuten Kundendaten von Hertz
by
in SecurityNewsUnter anderem von Hertz erfasste Führerscheindaten, Zahlungsinformationen und Angaben über Unfallverletzungen sind in die Hände von Hackern gelangt. First seen on golem.de Jump to article: www.golem.de/news/datenleck-bei-autovermietung-prominente-hacker-erbeuten-kundendaten-von-hertz-2504-195401.html
-
Hackers Exploit Node.js to Spread Malware and Exfiltrate Data
by
in SecurityNewsThreat actors are increasingly targeting Node.js”, a staple tool for modern web developers”, to launch sophisticated malware campaigns aimed at data theft and system compromise. Microsoft Defender Experts (DEX) have reported a spike in such attacks since October 2024, especially focusing on malvertising and deceptive software installers. Node.js: From Developer Darling to Hacker’s Tool Node.js…
-
Hacker bleiben auch nach Patches im System Weiteres Update erforderlich
by
in SecurityNewsHacker haben eine Möglichkeit gefunden, auch nach der Installation von Sicherheitsupdates in den Systemen von FortiGate-Geräten zu verbleiben. Diesen Zugriff soll ein neues Update nun beenden. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/fortinet-hacker-bleiben-auch-nach-patches-im-system—weiteres-update-erforderlich
-
Chinese Hackers Deploy Stealthy Fileless VShell RAT
by
in SecurityNewsMalware Hides in Memory, Evades Detection by Endpoint Tools. A Chinese state-backed hacking group tracked as UNC5174 relaunched its operations after a year of silence with a campaign using a memory-only remote access Trojan that evades traditional detection mechanisms, according to new research from cybersecurity firm Sysdig. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-deploy-stealthy-fileless-vshell-rat-a-28012
-
4chan Breached? Hacker from Rival Soyjak Forum Claims Source Code Leak
by
in SecurityNews4chan is down amid claims from a rival Soyjak forum user who says they’ve breached the site and… First seen on hackread.com Jump to article: hackread.com/4chan-breached-soyjak-forum-hacker-source-code-leak/
-
European Companies Infected With New Chinese-Nexus Backdoor
Threat Actors Deploy Obfuscation Tactics to Targets Windows Machines. Likely Chinese nation-state hackers are targeting European companies using previously unseen malware backdoor variants with advanced network tunneling and evasion capabilities for data theft. Brussels-based security firm Nviso links the campaign to a threat actor tracked as UNC5221. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/european-companies-infected-new-chinese-nexus-backdoor-a-28009