New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints.…
Category: TheHackerNews
Exposure Management and Your Attack Surface
Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s…
Experience the Power of a Must-Have All-in-One Cybersecurity Platform
Aug 23, 2024The Hacker NewsThreat Detection / Security Automation Let’s be honest. The world of cybersecurity feels like a constant war zone. You’re bombarded by…
New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data
Aug 23, 2024Ravie LakshmananEndpoint Security / Data Privacy Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest…
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
Aug 22, 2024Ravie LakshmananVulnerability / Network Security SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that…
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards…
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
Aug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco…
New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer
Aug 22, 2024Ravie LakshmananCloud Security / Application Security As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are…
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges
Aug 22, 2024Ravie LakshmananEnterprise Software / Vulnerability GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including…
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access
Aug 22, 2024Ravie LakshmananWebsite Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit…
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild
Aug 22, 2024Ravie LakshmananBrowser Security / Vulnerability Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it…
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
Aug 22, 2024Ravie LakshmananDatabase Security / Cryptocurrency Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their…