#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Advanced Malware | Breaking Cybersecurity News | The Hacker News

Category — Advanced Malware
Researchers Developed Artificial Intelligence-Powered Stealthy Malware

Researchers Developed Artificial Intelligence-Powered Stealthy Malware

Aug 09, 2018
Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only when the target's face is detected by the camera. To demonstrate this scenario, security researchers at IBM Research came up with DeepLocker —a new breed of "highly targeted and evasive" attack tool powered by AI," which conceals its malicious intent until it reached a specific victim. According to the IBM researcher, DeepLocker flies under the radar without being detected and "unleashes its malicious action as soon as the AI model identifies the target through indicators like facial recognition, geolocation and voice recognition." Describing it as the "sp
Advanced Malware targeting Internet of the Things and Routers

Advanced Malware targeting Internet of the Things and Routers

Mar 31, 2016
Anything connected to the Internet could be hacked and so is the Internet of Things (IoTs) . The market fragmentation of IoTs or Internet-connected devices is a security nightmare, due to poor security measures implemented by their vendors. Now, the researchers at security firm ESET have discovered a piece of Malware that is targeting embedded devices such as routers, and other connected devices like gateways and wireless access points, rather than computers or smartphones. Dubbed KTN-Remastered or KTN-RM , the malware is a combination of both Tsunami (or Kaiten) as well as Gafgyt. Tsunami is a well-known IRC ( Internet Relay Chat ) bot used by miscreants for launching Distributed Denial of Service (DDoS) attacks while Gafgyt is used for Telnet scanning. KTN-RM, which researcher dubbed ' Remaiten ,' features an improved spreading mechanism by carrying downloader executable binaries for embedded platforms and other connected devices. How Does the
The Secret Weakness Execs Are Overlooking: Non-Human Identities

The Secret Weakness Execs Are Overlooking: Non-Human Identities

Oct 03, 2024Enterprise Security / Cloud Security
For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,
Chinese Hackers spied on European Diplomats during recent G20 meetings

Chinese Hackers spied on European Diplomats during recent G20 meetings

Dec 13, 2013
Security firm FireEye has released a new report  detailing cyber espionage attacks on European Ministries of Foreign Affairs (MFA) during recent G20 meetings by Chinese Hackers . According to FireEye's researcher Nart Villeneuve , hackers infiltrated the computer networks of five European foreign ministries by sending emails containing malware files to staff and gained access to their systems to steal credentials and high-value information. "We believe that the Ke3chang attackers are operating out of China and have been active since at least 2010," The cyber espionage campaign named as " Operation Ke3chang " and if the victim will download & open the malware file which disguised itself as files detailing a possible intervention in Syria ( US_military_options_in_Syria . pdf . zip ), it gets installed on the victim's computer with a backdoor. " They have also leveraged a Java zero-day vulnerability (CVE-2012-4681), as well as older, reliable exploits for Mi
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Expert Insights / Articles Videos
Cybersecurity Resources