#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

Cyber Intelligence | Breaking Cybersecurity News | The Hacker News

Category — Cyber Intelligence
U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Oct 18, 2024 Cyber Intelligence / Critical Infrastructure
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and public health (HPH), government, information technology, engineering, and energy sectors," the agencies said in a joint advisory. The attacks have targeted healthcare, government, information technology, engineering, and energy sectors, per the Australian Federal Police (AFP), the Australian Signals Directorate's Australian Cyber Security Centre (ACSC), the Communications Security Establishment Canada (CSE), the U.S. Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA). Another notable tactic out...
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

Jul 27, 2024 Malware / Cyber Intelligence
French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months." It further said around a hundred victims located in France, Malta, Portugal, Croatia, Slovakia, and Austria have already benefited from the cleanup efforts. The development comes nearly three months after French cybersecurity firm Sekoia disclosed it sinkholed a command-and-control (C2) server linked to the PlugX trojan in September 2023 by spending $7 to acquire the IP address. It also noted that nearly 100,000 unique public IP addresses have been sending PlugX requests daily to the seized domain. PlugX (aka Korplug) is a remote access trojan (RAT) widely used by China-nexus threat actors since at least 2008, alongside other malware fam...
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Jan 20, 2025Data Security / Data Monitoring
Every week seems to bring news of another data breach, and it's no surprise why: securing sensitive data has become harder than ever. And it's not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting stricter and more elaborate.  The problem is that while the data landscape has evolved rapidly, the usual strategies for securing that data are stuck in the past. Gone are the days when data lived in predictable places, with access controlled by a chosen few. Today, practically every department in the business needs to use customer data, and AI adoption means huge datasets, and a constant flux of permissions, use cases, and tools. Security teams are struggling to implement effective strategies for securing sensitive data, and a new crop of tools, called data security platforms, have appear...
Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries

Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries

Mar 27, 2024 Cyber Espionage / Vulnerability
Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as  Mustang Panda , which has been recently linked to  cyber attacks against Myanmar  as well as other Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed  DOPLUGS . Mustang Panda, also called Camaro Dragon, Earth Preta, and Stately Taurus, is believed to have targeted entities in Myanmar, the Philippines, Japan and Singapore, targeting them with phishing emails designed to deliver two malware packages. "Threat actors created malware for these packages on March 4-5, 2024, coinciding with the ASEAN-Australia Special Summit (March 4-6, 2024)," Palo Alto Networks Unit 42  said  in a report shared with The Hacker News. One of the malware package is a ZIP...
cyber security

2024: A year of identity attacks | Get the new ebook

websitePush SecurityIdentity Security
Identity attacks were the leading cause of breaches in 2024. Learn how tooling and techniques are evolving.
Core Secrets — NSA Used ‘Undercover Agents’ In Foreign Companies

Core Secrets — NSA Used 'Undercover Agents' In Foreign Companies

Oct 12, 2014
Sometimes we wonder that how the National Security Agency ( NSA ) reached such a wide range of its Surveillance operation across the world – which you can measure from several secret documents released by the former NSA contractor Edward Snowden. This hell parameter of the NSA's operation was not reached by its agents sitting in the NSA headquarter in United States, but by its undercover agents working in foreign companies based in China, Germany, and South Korea to infiltrate and compromise foreign networks and devices, according to documents obtained by The Intercept . NSA INTERCEPTING FOREIGN NETWORKS AND DATA CENTRES The latest document from the Snowden's desk talks about a program called " physical subversion ," under which the NSA's undercover operatives were infiltrating foreign networks to acquire sensitive data and access to systems in the global communications industry and possibly even some American firms. The document describes the details regarding vario...
Once there was a Privacy! Cyber Security bill #CISPA passed

Once there was a Privacy! Cyber Security bill #CISPA passed

Apr 22, 2013
The United States House of Representatives on Thursday voted to approve the highly controversial  cyber security bill CISPA , which stands for the Cyber Intelligence Sharing and Protection Act. The Bill called the Cyber Intelligence Sharing and Protection Act (CISPA) was presented under the guise National Security , but in reality opens up a loop hole for companies that collect personal information about their users and in some cases want to trade of even sell these to other companies for money or other services.  This was the second time that the US House of Representatives passed the CISPA. Senators had earlier rejected the first draft of this bill on the grounds that it wasn't providing enough for protecting the privacy. Some lawmakers and privacy activists worry that the legislation would allow the government to monitor citizens' private information and companies to misuse it. The first parts of CISPA are relevant and necessary. If we're " h...
Mandiant revealed Chinese APT1 Cyber Espionage campaign

Mandiant revealed Chinese APT1 Cyber Espionage campaign

Feb 19, 2013
Few weeks after the discovery of the sophisticated cyber espionage campaign against principal US media The Mandiant® Intelligence Center ™ released an shocking report that reveals an enterprise-scale computer espionage campaign dubbed APT1. The term APT1 is referred to one of the numerous cyber espionage campaign that stolen the major quantity of information all over the world. The evidences collected by the security experts link APT1 to China's 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's (GSD) 3rd Department (Military Cover Designator 61398) but what is really impressive is that the operation have been started in the distant 2006 targeting 141 victims across multiple industries. During the attacks the attackers have took over APT1 malware families and has revealed by the report APT1′s modus operandi (tools, tactics, procedures) including a compilation of videos showing actual APT1 activity. The Mandiant has also identified more than ...
CISPA Returns back, Forget privacy reforms

CISPA Returns back, Forget privacy reforms

Feb 10, 2013
The Cyber Intelligence Sharing and Protection act (CISPA) will be reintroduced by House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.) before the US House next week . CISPA would've allowed any company to give away all the data its collected on you if asked by the government and The bill that plan to introduce next week will be identical to the version of CISPA that passed the House last spring. May be the recent reports of cyber espionage against The New York Times and The Wall Street Journal,  along with attacks on the Federal Reserve 's Web site and on several U.S. banks have brought the issue back to the fore. " This is clearly not a theoretical threat - the recent spike in advanced cyber attacks against the banks and newspapers makes that crystal clear, " Rogers said in a statement. If implemented, An independent Intelligence Community Inspector General would review the government's use of any...
Expert Insights / Articles Videos
Cybersecurity Resources