#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Exploit Chain | Breaking Cybersecurity News | The Hacker News

Category — Exploit Chain
Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware

Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware

Dec 21, 2023 Zero-Day / Mobile Security
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn't survive a reboot on the infected Android system (it had it on iOS)," Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor Ventura  said  in a report shared with The Hacker News. "However, by April 2022, that capability was being offered to their customers." Predator is the product of a consortium called the Intellexa Alliance, which includes Cytrox (subsequently acquired by WiSpear), Nexa Technologies, and Senpai Technologies. Both Cytrox and Intellexa were  added  to the Entity List by the U.S. in July 2023 for "trafficking in cyber exploits used to gain access to information systems." The latest findings come more than six months after the cybersecurity vendor detai...
8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

Dec 19, 2023 Cryptojacking / Cyber Threat
The threat actors associated with the  8220 Gang  have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is  CVE-2020-14883  (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with  CVE-2020-14882  (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials," Imperva  said  in a report published last week. The 8220 Gang has a history of  leveraging known security flaws  to distribute cryptojacking malware. Earlier this May, the group was spotted utilizing another shortcoming in Oracle WebLogic servers (CVE-2017-3506, CVSS score: 7.4) to rope the devices into a crypto mining botnet. Recent attac...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Expert Insights / Articles Videos
Cybersecurity Resources