Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months
May 31, 2023Ravie LakshmananNetwork Security / Zero Day Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security…
Category: TheHackerNews
Implementing Risk-Based Vulnerability Discovery and Remediation
In this day and age, vulnerabilities in software and systems pose a considerable danger to businesses, which is why it is essential to have an…
CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security
May 30, 2023Ravie Lakshmanan Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users…
Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
May 30, 2023Ravie LakshmananZero Day / Vulnerability Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and…
Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
May 30, 2023Ravie LakshmananMobile Security / Android A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as…
New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
May 29, 2023Ravie LakshmananAuthentication / Mobile Security Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass…
3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them
If you’re a cybersecurity professional, you’re likely familiar with the sea of acronyms our industry is obsessed with. From CNAPP, to CWPP, to CIEM and…
AceCryptor: Cybercriminals’ Powerful Weapon, Detected in 240K+ Attacks
A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections…
New GobRAT Remote Access Trojan Targeting Linux Routers in Japan
May 29, 2023Ravie LakshmananLinux / Network Security Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. “Initially,…
Don’t Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims
A new phishing technique called “file archiver in the browser” can be leveraged to “emulate” a file archiver software in a web browser when a…
PyPI Implements Mandatory Two-Factor Authentication for Project Owners
May 29, 2023Ravie LakshmananSupply Chain / Programming The Python Package Index (PyPI) announced last week that every account that maintains a project on the official…
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
May 27, 2023Ravie LakshmananAPI Security / Vulnerability A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework…