Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering
Apr 24, 2023Ravie LakshmananCyber Espionage The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering...
Read more →Category: TheHackerNews
Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites
Apr 24, 2023Ravie LakshmananServer Security / WordPress Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to...
Read more →
Study: 84% of Companies Use Breached SaaS Applications
Apr 24, 2023The Hacker NewsSaaS Security A recent review by Wing Security, a SaaS security company that analyzed the data...
Read more →
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
Apr 24, 2023Ravie LakshmananCyber Risk / Dark Web A new “all-in-one” stealer malware named EvilExtractor (also spelled Evil Extractor) is...
Read more →
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Apr 24, 2023Ravie LakshmananThreat Intel / Cyber Attack Print management software provider PaperCut said that it has “evidence to suggest...
Read more →
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
Apr 22, 2023Ravie LakshmananPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security...
Read more →
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain...
Read more →
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based...
Read more →
14 Kubernetes and Cloud Security Challenges and How to Solve Them
Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These...
Read more →
GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
Apr 21, 2023Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud...
Read more →
N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company,...
Read more →
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
Apr 21, 2023Ravie LakshmananSoftware Update / Network Security Cisco and VMware have released security updates to address critical security flaws...
Read more →