Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages
Dec 15, 2022Ravie Lakshmanan NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published…
Category: TheHackerNews
Top 5 Web App Vulnerabilities and How to Find Them
Web applications, often in the form of Software as a Service (SaaS), are now the cornerstone for businesses all over the world. SaaS solutions have…
Android Malware Campaign Leverages Money-Lending Apps to Blackmail Victims
A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices.…
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as ‘Critical’
Dec 15, 2022Ravie LakshmananWindows Security / Network Security Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it…
Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities
Dec 15, 2022Ravie LakshmananAdvanced Persistent Threat A Chinese-speaking advanced persistent threat (APT) actor codenamed MirrorFace has been attributed to a spear-phishing campaign targeting Japanese political…
Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks
Dec 16, 2022Ravie LakshmananBackup & Recovery / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities impacting Veeam Backup & Replication…
Microsoft Warns About Cross-Platform DDoS Botnet
Dec 16, 2022Ravie LakshmananServer Security / Botnet Microsoft on Thursday flagged a cross-platform botnet that’s primarily designed to launch distributed denial-of-service (DDoS) attacks against private…
NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm
Dec 16, 2022Ravie LakshmananEncryption / Data Security The U.S. National Institute of Standards and Technology (NIST), an agency within the Department of Commerce, announced Thursday…
GitHub Announces Free Secret Scanning for All Public Repositories
Dec 16, 2022Ravie LakshmananSecure Coding / Code Hosting GitHub on Thursday said it is making available its secret scanning service to all public repositories on…
BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection
Dec 27, 2022Ravie LakshmananCyber Attack / Windows Security BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook…
Cyber Security Is Not a Losing Game – If You Start Right Now
Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad. For example, just recently, the city…
Ex-Twitter employee Gets 3.5 Years Jail for Spying on Behalf of Saudi Arabia
Dec 16, 2022Ravie LakshmananCyber Espionage / Privacy A former Twitter employee who was found guilty of spying on behalf of Saudi Arabia by sharing data…