#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

PuTTY | Breaking Cybersecurity News | The Hacker News

Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware

Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware

Jan 06, 2024 Malware / Cyber Attack
The  recent wave of cyber attacks  targeting Albanian organizations involved the use of a wiper called  No-Justice . The  findings  come from cybersecurity company ClearSky, which said the Windows-based malware "crashes the operating system in a way that it cannot be rebooted." The intrusions have been attributed to an Iranian "psychological operation group" known as Homeland Justice, which has been active since July 2022, specifically orchestrating destructive attacks against Albania. On December 24, 2023, the adversary resurfaced after a hiatus, stating it's "back to destroy supporters of terrorists," describing its latest campaign as #DestroyDurresMilitaryCamp. The Albanian city of DurrĂ«s  currently hosts  the dissident group People's Mojahedin Organization of Iran (MEK). Targets of the attack included ONE Albania, Eagle Mobile Albania, Air Albania, and the Albanian parliament. Two of the primary tools deployed during the campaign include an executa
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

Sep 16, 2022
A threat with a North Korea nexus has been found leveraging a "novel spear phish methodology" that involves making use of trojanized versions of the PuTTY SSH and Telnet client. Google-owned threat intelligence firm Mandiant attributed the new campaign to an emerging threat cluster it tracks under the name  UNC4034 . "UNC4034 established communication with the victim over WhatsApp and lured them to download a malicious ISO package regarding a fake job offering that led to the deployment of the AIRDRY.V2 backdoor through a trojanized instance of the PuTTY utility," Mandiant researchers  said . The utilization of fabricated job lures as a pathway for malware distribution is an oft-used tactic by North Korean state-sponsored actors, including the Lazarus Group, as part of an enduring campaign called  Operation Dream Job . The entry point of the attack is an ISO file that masquerades as an Amazon Assessment as part of a potential job opportunity at the tech giant.
6 Ways to Simplify SaaS Identity Governance

6 Ways to Simplify SaaS Identity Governance

Feb 21, 2024SaaS Security / Identity Management
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can't possibly become experts in the nuances of the native security settings and access controls for hundreds (or thousands) of apps. And, even if they could, the sheer volume of tasks would easily bury them. Modern IT teams need a way to orchestrate and govern SaaS identity governance by engaging the application owners in the business who are most familiar with how the tool is used, and who needs what type of access.  Nudge Security is a  SaaS security and governance solution  that can help you do just that, with automated workflows to save time and make the process manageable at scale. Read on to learn how it works. 1 . Discover all SaaS apps used b
PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

Mar 20, 2019
The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over SSH, Telnet, and Rlogin network protocols. Almost 20 months after releasing the last version of its software, the developers of PuTTY earlier this week released the latest version 0.71 for Windows and Unix operating systems. According to an advisory available on its website, all previous versions of the PuTTY software have been found vulnerable to multiple security vulnerabilities that could allow a malicious server or a compromised server to hijack client's system in different ways. Here below I have listed all 8 vulnerabilities with brief information that PuTTY 0.71 has patched: 1) Authentication Prompt Spoofing — Since PuTTY doesn't have a way to indicate whether a piec
cyber security

NIST Cybersecurity Framework: Your Go-To Cybersecurity Standard is Changing

websiteArmorPointCybersecurity / Risk Management
Find everything you need to know to prepare for NIST CSF 2.0's impending release in this guide.
Cybersecurity Resources