4 Instructive Postmortems on Data Downtime and Loss
More than a decade ago, the concept of the ‘blameless’ postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term…
Category: TheHackerNews
Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities
Mar 01, 2024NewsroomRootkit / Threat Intelligence The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known…
GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories
Mar 01, 2024NewsroomDevSecOps / Cybersecurity GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This…
New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems
Feb 29, 2024NewsroomThreat Intelligence / Cyber Threat Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases…
A Risk-Based Strategy for the Highest ROI
Feb 29, 2024The Hacker NewsAttack Surface / Incident Response As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping…
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks
Feb 29, 2024NewsroomRootkit / Threat Intelligence The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day…
GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Feb 29, 2024NewsroomLinux / Network Security Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that…
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
Feb 29, 2024NewsroomMalware / Endpoint Security The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with…
New Backdoor Targeting European Officials Linked to Indian Diplomatic Events
Feb 29, 2024NewsroomCyber Espionage / Malware A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions…
Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware
At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti…
President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations
U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens’ personal data to countries of concern. The Executive Order…
Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors
Feb 28, 2024NewsroomCyber Espionage / Malware An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks…