HTML | Breaking Cybersecurity News | The Hacker News

A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign. IBM X-Force, which uncovered the activity last month,  said  adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials." CVE-2023-3519  (CVSS score: 9.8), addressed by Citrix in July 2023, is a critical code injection vulnerability that could lead to unauthenticated remote code execution. Over the past few months, it has been  heavily   exploited  to  infiltrate vulnerable devices  and gain persistent access for follow-on attacks. In the latest attack chain discovered by IBM X-Force, the operators sent a specially crafted web request to trigger the exploitation of CVE-2023-3519 and deploy a PHP-based web shell. The access afforded by the web shell is subsequently leveraged to append cust

As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. "The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread across a targeted network, eventually dropping other pieces of malware, such as the  SystemBC  trojan and  DCRat , to enable various stages of their operations," Cisco Talos researcher Vanja Svajcer said in a report shared with The Hacker News. The malicious implant in question, ModernLoader , is designed to provide attackers with remote control over the victim's machine, which enables the adversaries to deploy additional malware, steal sensitive information, or even ensnare the computer in a botnet. Cisco Talos attributed the infections to a previously undocumented but Russian-speaking threat actor, citing the use of off-the-shelf tools. Potential targets included Eastern Eur

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Fraudulent domains masquerading as Microsoft's Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems with the Vidar information stealer malware. "The spoofed sites were created to distribute malicious ISO files which lead to a Vidar info-stealer infection on the endpoint," Zscaler  said  in a report. "These variants of Vidar malware fetch the C2 configuration from attacker-controlled social media channels hosted on Telegram and Mastodon network." Some of the rogue distribution vector domains, which were registered last month on April 20, consist of ms-win11[.]com, win11-serv[.]com, and win11install[.]com, and ms-teams-app[.]net. In addition, the cybersecurity firm cautioned that the threat actor behind the impersonation campaign is also leveraging backdoored versions of Adobe Photoshop and other legitimate software such as Microsoft Teams to deliver Vidar malware. The ISO file, for its part,

In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in "about: pages" that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages , some of which are listed below that you might have noticed or used at some point: about:config — panel to modify Firefox preferences and critical settings. about:downloads — your recent downloads done within Firefox. about:memory — shows the memory usage of Firefox. about:newtab — the default new tab page. about:plugins — lists all your plugins as well as other useful information. about:privatebrowsing — open a new private window. about:networking — displays networking information. To be noted, these changes do not affect how websites from the Internet work on the Firefox browser, but going forwar

Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer. Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully developed a new proof-of-concept attack against the latest version of Firefox by leveraging a 17-year-old known issue in the browser. The attack takes advantage of the way Firefox implements Same Origin Policy (SOP) for the "file://" scheme URI (Uniform Resource Identifiers), which allows any file in a folder on a system to get access to files in the same folder and subfolders. Since the Same Origin Policy for the file scheme has not been defined clearly in the RFC by IETF, every browser and software have implemented it differently—some treating all files in a folder as the same

Open Source is the Future of the computer science world! On Wednesday, the popular coding website GitHub shared a graph that gives a closer look at the popularity of different programming languages used on its code sharing website that lets anyone edit, store, and collaborate on software code. Since its launch in 2008, GitHub saw various programming languages picking up momentum, as shown in the graph below. An insight into what GitHub is… GitHub is a web-based repository that operates on the functionality of a 'Git,' which is strictly a command-line tool. With 10 Million users as of today, the platform has become the primary source of housing open source software that is free of cost available to the world at large. A look at the picture of programming trends on GitHub over recent years is actually a look at how the computer world is evolving. Top 10 Programming Languages Here are the Top 10 Programming Languages on GitHub today: JavaS

Mozilla's Firefox OS, the mobile operating system from the company that makes the Firefox browser build entirely on open web standards and having ability to beat Android or iOS.  Firefox OS is Mozilla's ambitious attempt to build an operating system that brings more openness to the walled gardens of Apple's iOS and Google's Android. New Operating Systems for Smartphones Its a new mobile operating system built entirely using open web standards and with codename  Boot to Gecko , means a Linux distro that automatically loads Gecko or in more simple words apps for Firefox OS are basically just websites written in HTML, JavaScript, and CSS. The Web is the Platform, which means not only taking down barriers, but also a lighter system that makes your apps run smoothly and an optimal battery life. Firefox OS written with basic HTML, CSS, and JavaScript Mozilla has also added some extra hooks to Firefox OS that allow developers to access a phone's hardware via HTML