#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

XProtect | Breaking Cybersecurity News | The Hacker News

Category — XProtect
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

Jan 17, 2024 Spyware / Forensic Analysis
Cybersecurity researchers have identified a "lightweight method" called  iShutdown  for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's  Pegasus , QuaDream's  Reign , and Intellexa's  Predator .  Kaspersky, which analyzed a set of iPhones that were compromised with Pegasus, said the infections left traces in a file named "Shutdown.log," a text-based system log file available on all iOS devices and which records every reboot event alongside its environment characteristics. "Compared to more time-consuming acquisition methods like forensic device imaging or a full iOS backup, retrieving the Shutdown.log file is rather straightforward," security researcher Maher Yamout  said . "The log file is stored in a sysdiagnose (sysdiag) archive." The Russian cybersecurity firm said it identified entries in the log file that recorded instances where "sticky" processes, such as ...
New Mac OS Malware exploited two known Java vulnerabilities

New Mac OS Malware exploited two known Java vulnerabilities

Sep 24, 2013
A new Mac OS Malware has been discovered called OSX/Leverage . A , which appears to be yet another targeted command-and-control Trojan horse, that creates a backdoor on an affected user's machine. The Trojan named ' Leverage ' because the Trojan horse is distributed as an application disguised as a picture of two people kissing, possibly a scene from the television show " Leverage ". The attack launched via a Java applet from a compromised website and which drops a Java archive with the backdoor to the visitor's computer and launches it without a user intercation. To perform the attack, Malware uses two recently disclosed Java vulnerabilies  known as CVE-2013-2465 and CVE-2013-2471. Once it's installed, the Trojan connects to the C&C server on port 7777. Security vendor Intego said that Malware linked to Syrian Electronic Army (SEA) , because after installation Malware attempt to download an image associated with the Syrian Electronic...
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Dec 04, 2024Risk Management / Zero Trust
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and poor access management.  Privileged accounts with access to your critical systems and sensitive data are among the most vulnerable elements in cloud setups. When mismanaged, these accounts open the doors to unauthorized access, potential malicious activity, and data breaches. That's why strong privileged access management (PAM) is indispensable. PAM plays an essential role in addressing the security challenges of complex infrastructures by enforcing strict access controls and managing the life cycle of privileged accounts. By employing PAM in hybrid and cloud environments, you're not...
Expert Insights / Articles Videos
Cybersecurity Resources