#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

network intrusion | Breaking Cybersecurity News | The Hacker News

Category — network intrusion
FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites

Apr 02, 2025 Ransomware / Email Security
The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them remote access to compromised Windows systems. "This malware allows attackers to execute remote shell commands and other system operations, giving them full control over an infected machine," Swiss cybersecurity company PRODAFT said in a technical report of the malware. FIN7, also called Carbon Spider, ELBRUS, Gold Niagara, Sangria Tempest, and Savage Ladybug, is a Russian cybercrime group known for its ever-evolving and expanding set of malware families for obtaining initial access and data exfiltration. In recent years, the threat actor is said to have transitioned to a ransomware affiliate. In July 2024, the group was observed using various online aliases to advertise a tool called AuKill (aka AvNeutralizer) that's capable of terminating security tools in a likely ...
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Feb 21, 2025 Network Security / Vulnerability
Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171 , and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies. "The threat actor then demonstrated their ability to persist in target environments across equipment from multiple vendors for extended periods, maintaining access in one instance for over three years," Cisco Talos said , describing the hackers as highly sophisticated and well-funded. "The long timeline of this campaign suggests a high degree of coordination, planning, and patience — standard hallmarks of advanced persistent threat (APT) and state-sponsored actors." The networking equipment major said it found no evidence that other known security bugs have been weaponized by the hacking crew, contrary to a recent report from Recorded Future that revealed exploitation attempts inv...
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Apr 15, 2025Data Privacy / Enterprise Security
Everybody knows browser extensions are embedded into nearly every user's daily workflow, from spell checkers to GenAI tools. What most IT and security people don't know is that browser extensions' excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025 , This report is the first and only report to merge public extension marketplace statistics with real-world enterprise usage telemetry. By doing so, it sheds light on one of the most underestimated threat surfaces in modern cybersecurity: browser extensions. The report reveals several findings that IT and security leaders will find interesting, as they build their plans for H2 2025. This includes information and analysis on how many extensions have risky permissions, which kinds of permissions are given, if extension developers are to be trusted, and more. Below, we bring key statistics from the report. Highlights from the Enterprise Browse...
Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage

Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage

Nov 14, 2019
What could be even worse than getting hacked? It's the "failure to detect intrusions" that always results in huge losses to the organizations. Utah-based technology company InfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 2014 until March 2016. What's ironic is that the company detected the breach only after it received an alert that its servers had reached maximum storage capacity due to a data archive file that the hacker created. InfoTrax Systems is an American company based in Utah that provides backend operations systems to multi-level marketers, which also includes an extensive amount of sensitive data on their users' compensation, inventory, orders, and accounting. The breach reportedly occurred in May 2014 when the hacker exploited vulnerabilities in InfoTrax's server and its client's website to gain remote control over its server, allowing him to gain access t...
cyber security

SANS Institute Complimentary Cyber Bundle ($3240 Value) at SANSFIRE 2025

websiteSANSCyber Security Training
Register to attend in-person training at SANSFIRE 2025 and receive a complimentary cyber-pro pass! Pass includes OnDemand bundle, AND free pass to play in the NetWars Tournament!
Genesco Inc. Confirms Payment Card Data Breach in U.S. Stores

Genesco Inc. Confirms Payment Card Data Breach in U.S. Stores

Dec 12, 2010 Financial Security
Specialty retailer Genesco Inc. announced on Friday that it experienced a criminal intrusion into the part of its computer network that processes payment card transactions. Some card details might have been compromised. However, the company quickly secured the affected network segment and expressed confidence that customers can now safely use their credit and debit cards in its stores. Nashville, Tennessee-based Genesco stated that the intrusion affected its U.S. Journeys, Journeys Kidz, Shi by Journeys, Johnston & Murphy stores, and some Underground Station stores. The company is currently investigating the extent of the compromise with the help of an outside expert. Robert Dennis, Chairman, President, and CEO of Genesco, said, "Since we learned of the intrusion, we have worked diligently with outside experts to protect our customers' information, and we are confident that they are safe shopping with their credit and debit cards at our stores. We recommend that our cust...
Expert Insights / Articles Videos
Cybersecurity Resources