Category: TheHackerNews

WordPress Hunk Companion Plugin
12
Dec
2024

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

Dec 12, 2024Ravie LakshmananWebsite Security / Vulnerability Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for…

DDoS Attack
12
Dec
2024

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

Dec 12, 2024Ravie LakshmananCyber Crime / DDoS Attack A global law enforcement operation has failed 27 stresser services that were…

Amadey Malware-as-a-Service
11
Dec
2024

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

Dec 11, 2024Ravie LakshmananMalware / Cyber Espionage The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware…

Windows UI Framework
11
Dec
2024

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

Dec 11, 2024Ravie LakshmananMalware / Endpoint Security A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA)…

ZLoader Malware
11
Dec
2024

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

Dec 11, 2024Ravie LakshmananRansomware / Malware Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a…

Brute-Force Attempts
11
Dec
2024

Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

Dec 11, 2024Ravie LakshmananVulnerability / Authentication Cybersecurity researchers have flagged a “critical” security vulnerability in Microsoft’s multi-factor authentication (MFA) implementation…

Espionage Tactics of Chinese Hackers
11
Dec
2024

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

Dec 11, 2024Ravie LakshmananCyber Espionage / Cyber Attack A suspected China-based threat actor has been linked to a series of…

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
11
Dec
2024

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

Cybersecurity researchers have discovered a novel surveillance program that’s suspected to be used by Chinese police departments as a lawful…

Actively Exploited CLFS Vulnerability
11
Dec
2024

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability

Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its…

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
11
Dec
2024

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

Dec 11, 2024Ravie LakshmananVulnerability / Data Breach The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly…

CSA and Connect Secure Vulnerabilities
11
Dec
2024

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Dec 11, 2024Ravie LakshmananVulnerability / Network Security Ivanti has released security updates to address multiple critical flaws in its Cloud…

Cleo File Transfer Vulnerability
10
Dec
2024

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged

Dec 10, 2024Ravie LakshmananVulnerability / Threat Analysis Users of Cleo-managed file transfer software are being urged to ensure that their…