NIST Cybersecurity Framework (CSF) and CTEM – Better Together
Sep 05, 2024The Hacker NewsThreat Detection / Vulnerability Management It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity…
Category: TheHackerNews
Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore
Sep 05, 2024Ravie LakshmananCyber Threat / Malware Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new…
New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm
Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as…
Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks
Sep 05, 2024Ravie Lakshmanan Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers…
North Korean Hackers Targets Job Seekers with Fake FreeConference App
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign…
Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch
Sep 04, 2024Ravie LakshmananVulnerability / Mobile Security Google has released its monthly security updates for the Android operating system to address a known security flaw…
Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers
Sep 04, 2024Ravie Lakshmanan A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an…
Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
Sep 04, 2024Ravie LakshmananVulnerability / Network Security Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security…
The New Effective Way to Prevent Account Takeovers
Sep 04, 2024The Hacker NewsSaaS Security / Browser Security Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based…
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
Sep 04, 2024Ravie LakshmananGDPR / Privacy The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition…
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
Sep 04, 2024Ravie LakshmananMalware / Network Security A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the…
New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems
Sep 03, 2024Ravie LakshmananEndpoint Security / Malware Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with…