Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account
Mar 25, 2024The Hacker NewsData Breach / Password Security In January 2024, Microsoft discovered they’d been the victim of a...
Read more →Category: TheHackerNews
Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others
Mar 25, 2024NewsroomSupply Chain Attack / Cryptocurrency Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers...
Read more →
New “GoFetch” Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys
A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations....
Read more →
Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
Mar 25, 2024NewsroomCyber Espionage / Email Security The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has...
Read more →
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
Mar 24, 2024NewsroomArtificial Intelligence / Cyber Espionage The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet,...
Read more →
German Police Seize ‘Nemesis Market’ in Major International Darknet Raid
Mar 24, 2024NewsroomRansomware / Threat Intelligence German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market...
Read more →
Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties
Mar 23, 2024NewsroomCyber Espionage / Cyber Warfare The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting...
Read more →
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
Mar 22, 2024NewsroomWeb Security / Vulnerability A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the...
Read more →
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
Mar 22, 2024NewsroomCyber Defense / Vulnerability A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software...
Read more →
New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to...
Read more →
AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking
Mar 22, 2024NewsroomAmazon Web Services / Vulnerability Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web...
Read more →
Implementing Zero Trust Controls for Compliance
The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to...
Read more →