Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed to a sophisticated cyber attack…
Category: TheHackerNews
Guide: The Ultimate Pentest Checklist for Full-Stack Security
Oct 21, 2024The Hacker NewsPenetration Testing / API Security Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing…
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
Oct 21, 2024Ravie LakshmananEncryption / Data Protection Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be…
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail…
Acronym Overdose – Navigating the Complex Data Security Landscape
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical…
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
Oct 19, 2024Ravie LakshmananNetwork Security / Data Breach A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks…
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
Oct 18, 2024Ravie LakshmananInsider Threat / Cyber Espionage North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not…
U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign
Oct 18, 2024Ravie LakshmananCyber Intelligence / Critical Infrastructure Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken…
Webinar on Building a Strong Data Security Posture
Oct 18, 2024The Hacker NewsWebinar / Data Protection Picture your company’s data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces…
Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign
Oct 18, 2024Ravie LakshmananThreat Intelligence / Phishing Attack Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed…
Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser
Oct 18, 2024Ravie LakshmananThreat Intelligence / Browser Security Microsoft has disclosed details about a now-patched security flaw in Apple’s Transparency, Consent, and Control (TCC) framework…
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
Oct 17, 2024Ravie LakshmananThreat Intelligence / Malware The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed…