#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

APT Threat | Breaking Cybersecurity News | The Hacker News

Category — APT Threat
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Nov 13, 2024 Vulnerability / Patch Tuesday
Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager ( NTLM ) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in severity. Fifty-two of the patched vulnerabilities are remote code execution flaws. The fixes are in addition to 31 vulnerabilities Microsoft resolved in its Chromium-based Edge browser since the release of the October 2024 Patch Tuesday update. The two vulnerabilities that have been listed as actively exploited are below - CVE-2024-43451 (CVSS score: 6.5) - Windows NTLM Hash Disclosure Spoofing Vulnerability CVE-2024-49039 (CVSS score: 8.8) - Windows Task Scheduler Elevation of Privilege Vulnerability "This vulnerability discloses a user's NTLMv2 hash to the attacker who c...
N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

Sep 26, 2024 Cyber Attack / Malware
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky , which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium), Sparkling Pisces, Springtail, and Velvet Chollima. "These samples enhance Sparkling Pisces' already extensive arsenal and demonstrate the group's continuous evolution and increasing capabilities," Palo Alto Networks Unit 42 researchers Daniel Frank and Lior Rochberger said . Active since at least 2012, the threat actor has been called the "king of spear-phishing" for its ability to trick victims into downloading malware by sending emails that make it seem like they are from trusted parties. Unit 42's analysis of Sparkling Pisces' infrastructure has uncovered two new portable executables referred to as KLogEXE and FPSpy. "These malware strains are known to be de...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Jan 09, 2025AI Security / SaaS Security
As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.  Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a customer support person using Agentic AI to automate tasks – without going through the proper channels. When these tools are used without IT or the Security team's knowledge, they often lack sufficient security controls, putting company data at risk. Shadow AI Detection Challenges Because shadow AI tools often embed themselves in approved business applications via AI assistants, copilots, and agents they are even more tricky to discover than traditional shadow IT. While traditional shadow apps can be identified through network monitoring methodologies that scan for unauthorized connections based on...
Expert Insights / Articles Videos
Cybersecurity Resources