FTC Bans InMarket for Selling Precise User Location Without Consent
Jan 22, 2024NewsroomPrivacy / Technology The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling…
Category: TheHackerNews
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
Jan 22, 2024NewsroomVulnerability / Malware Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ…
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet…
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
Jan 20, 2024NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive…
Microsoft’s Top Execs’ Emails Breached in Sophisticated Russia-Linked APT Attack
Jan 20, 2024NewsroomCyber Espionage / Emails Security Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that…
TA866 Deploys WasabiSeed & Screenshotter Malware
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as…
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Jan 19, 2024NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to…
Backup and Recovery Strategies for Exchange Server Administrators
In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood of any organization in today’s…
Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package
Jan 19, 2024NewsroomSoftware Security / Spyware A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised…
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
Jan 19, 2024NewsroomCyber Theat / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager…
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Jan 18, 2024NewsroomServer Security / Cryptocurrency Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency…
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written…