#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

technology | Breaking Cybersecurity News | The Hacker News

Category — technology
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Jan 14, 2025 Endpoint Security / Vulnerability
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection ( SIP ) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug that was addressed by Apple as part of macOS Sequoia 15.2 released last month. The iPhone maker described it as a "configuration issue" that could permit a malicious app to modify protected parts of the file system. "Bypassing SIP could lead to serious consequences, such as increasing the potential for attackers and malware authors to successfully install rootkits, create persistent malware, bypass Transparency, Consent and Control (TCC), and expand the attack surface for additional techniques and exploits," Jonathan Bar Or of the Microsoft Threat Intelligen...
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Jan 10, 2025 Cybersecurity / Android
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. "Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code," Samsung said in an advisory for the flaw released in December 2024 as part of its monthly security updates. "The patch adds proper input validation." Google Project Zero researcher Natalie Silvanovich, who discovered and reported the shortcoming, described it as requiring no user interaction to trigger (i.e., zero-click) and a "fun new attack surface" under specific conditions. Particularly, this works if Google Messages is configured for rich communication services ( RCS ), the default configuration on Galaxy S23 and S24 ph...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Jan 09, 2025AI Security / SaaS Security
As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.  Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a customer support person using Agentic AI to automate tasks – without going through the proper channels. When these tools are used without IT or the Security team's knowledge, they often lack sufficient security controls, putting company data at risk. Shadow AI Detection Challenges Because shadow AI tools often embed themselves in approved business applications via AI assistants, copilots, and agents they are even more tricky to discover than traditional shadow IT. While traditional shadow apps can be identified through network monitoring methodologies that scan for unauthorized connections based on...
 MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan

MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan

Jan 09, 2025 Cybersecurity / Malware
Japan's National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019. The primary objective of the attack campaign is to steal information related to Japan's national security and advanced technology, the agencies said . MirrorFace, also tracked as Earth Kasha, is assessed to be a sub-group within APT10. It has a track record of systematically striking Japanese entities, often leveraging tools like ANEL, LODEINFO, and NOOPDOOR (aka HiddenFace). Last month, Trend Micro revealed details of a spear-phishing campaign that targeted individuals and organizations in Japan with an aim to deliver ANEL and NOOPDOOR. Other campaigns observed in recent years have also been directed against Taiwan and India. According to NPA and NCSC, attacks mounted by MirrorF...
cyber security

Secure Your Azure: Proactive Tips for Cloud Protection

websiteWizCloud Security
Discover how to boost your Azure cloud security with practical steps to help you maintain control and visibility.
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

Jan 09, 2025 Data Protection / Encryption
Ransomware isn't slowing down—it's getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection. The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom in 2024. Are you prepared to fight back? Join Emily Laufer , Director of Product Marketing at Zscaler, for an eye-opening session, " Preparing for Ransomware and Encrypted Attacks in 2025 " filled with practical insights and cutting-edge strategies to outsmart these evolving threats. What You'll Learn: ThreatLabz Insights: Get the latest findings from Zscaler's experts on ransomware and encrypted attacks, including the trends making the biggest impact. 2025 Predictions: Find out how ransomware groups are refining their tactics to stay one step ahead—and what you can do to stop them. Encrypted DNS Attacks: Learn how cyb...
FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance

FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance

Jan 08, 2025 IoT Security / Compliance
The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission (FCC) said . "Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear a label—including a new ' U.S Cyber Trust Mark .'" As part of the effort, the logo will be accompanied by a QR code that users can scan, taking them to a registry of information with easy-to-understand details about the security of the product, such as the support period and whether software patches and security updates are automatic. The information will also comprise details related to changing the default password and the various steps users can take to configure the device securely. The initiative, announced back in July 2023, is expected to involve thir...
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations

Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations

Jan 03, 2025 Technology / Data Privacy
Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voice-activated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential voice communications with the assistant "obtained by Apple and/or were shared with third-parties as a result of an unintended Siri activation" between September 17, 2014, and December 31, 2024. Eligible individuals can submit claims for up to five Siri devices – iPhone, iPad, Apple Watch, MacBook, iMac, HomePod, iPod touch, or Apple TV – on which they claim to have experienced an accidental Siri activation during a conversation intended to be confidential or private. Class members who submit valid claims can receive $20 per device. The lawsuit was brought against Apple following a 2019 report from The Guar...
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits

New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits

Dec 30, 2024 Cybersecurity / Compliance
The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader initiative to bolster the cybersecurity of critical infrastructure, the OCR said. The rule is designed to strengthen protections for electronic protected health information (ePHI) by updating the HIPAA Security Rule's standards to "better address ever-increasing cybersecurity threats to the healthcare sector." To that end, the proposal, among other things, requires organizations to conduct a review of the technology asset inventory and network map, identify potential vulnerabilities that could pose a threat to electronic information systems, and establish procedures to restore the loss of certa...
Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks

Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks

Dec 25, 2024 Cloud Security / Vulnerability
Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices," Claroty researchers Noam Moshe and Tomer Goldschmidt said in a recent analysis. "The vulnerabilities, if exploited, could allow a malicious attacker to execute code on any cloud-enabled device, giving them the ability to control tens of thousands of devices." The operational technology (OT) security company, which carried out an in-depth research of the Internet of Things (IoT) vendor, said it not only identified 10 flaws but also devised an attack called "Open Sesame" that can be used to hack into an access point in close physical proximity over the cloud and gain unauthorized access to its network. Of the 10 vulnerabilities , three of them are rated Critical in...
A Guide to Securing AI App Development: Join This Cybersecurity Webinar

A Guide to Securing AI App Development: Join This Cybersecurity Webinar

Dec 02, 2024 AI Security / Data Protection
Artificial Intelligence (AI) is no longer a far-off dream—it's here, changing the way we live. From ordering coffee to diagnosing diseases, it's everywhere. But while you're creating the next big AI-powered app, hackers are already figuring out ways to break it. Every AI app is an opportunity—and a potential risk. The stakes are huge: data leaks, downtime, and even safety threats if security isn't built in. With AI adoption moving fast, securing your projects is no longer optional—it's a must. Join Liqian Lim, Senior Product Marketing Manager at Snyk, for an exclusive webinar that's all about securing the future of AI development. Titled " Building Tomorrow, Securely: Securing the Use of AI in App Development ," this session will arm you with the knowledge and tools to tackle the challenges of AI-powered innovation. What You'll Learn: Get AI-Ready: How to make your AI projects secure from the start. Spot Hidden Risks: Uncover threats you might not see coming. Understand the Ma...
Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Nov 18, 2024 Privacy / Email Security
Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Google Play Services for Android. The idea is to create unique, single-use email addresses that forward the messages to the associated primary account, thereby preventing the need for providing the real email address when filling out forms or registering for new services online. The idea of email aliases for improved privacy is not new. Back in 2021, Apple introduced a similar feature called Hide My Email that allows iCloud+ subscribers to generate random burner email addresses. It can also be used to set up new ones in Safari, Mail, and Apple Pay wherever email addresses are required. Other providers like Bitwarden and DuckDuckGo have since also released an analogous feature. It's worth noting that...
Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns

Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns

Nov 07, 2024 National Security / Social Media
The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. "The decision was based on the information and evidence collected over the course of the review and on the advice of Canada's security and intelligence community and other government partners," François-Philippe Champagne, Minister of Innovation, Science and Industry, said in a statement. The government said it does not intend to block Canadians' access to the app itself or curtail their ability to create new content, stating the use of a social media application is a "personal choice." The use of the app has already been banned on Canadian government devices since February 2023. That having said, it urged Canadians to adopt good cyber security practices and assess the possible risks that could arise from using social media platforms,...
Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)

Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)

Nov 04, 2024 DDoS Attack / API Security
As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain.  Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide . Data from the Imperva Threat Research team's six-month analysis (April 2024 – September 2024) revealed that AI-driven threats need to be top of mind for retailers this year. As generative AI tools and large language models (LLMs) become more widespread and advanced, cybercriminals are increasingly leveraging these technologies to scale and refine their attacks on eCommerce platforms. Imperva Threat Research also found that retail sites collectively experience an average of 569,884 AI-driven attacks each day. Understanding what types of threats are accounting for these attacks, and how to protect against them, is critical for retail businesses ...
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Google's AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Nov 04, 2024 Artificial Intelligence / Vulnerability
Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software," the Big Sleep team said in a blog post shared with The Hacker News. The vulnerability in question is a stack buffer underflow in SQLite, which occurs when a piece of software references a memory location prior to the beginning of the memory buffer, thereby resulting in a crash or arbitrary code execution. "This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of t...
Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns

Nov 01, 2024 Data Security / Artificial Intelligence
Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time to improve the experience. The development was first reported by The Verge. The artificial intelligence-powered tool was initially slated for a preview release starting in October. "We are committed to delivering a secure and trusted experience with Recall," the company said in an updated statement released Thursday. "To ensure we deliver on these important updates, we're taking additional time to refine the experience before previewing it with Windows Insiders. Originally planned for October, Recall will now be available for preview with Windows Insiders on Copilot+ PCs by December" Microsoft unveiled Recall earlier this May, describing it as a way for users to explore a "visual timeline" of their screens over time and help find things from apps, websites, images, and documents. The search experience was meant...
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

Nov 01, 2024 Threat Intelligence / Malware
Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the offering used in attacks aimed at a variety of verticals, such as public sectors, postal, digital services, and banking services. "Threat actors using the kit to deploy phishing websites often rely on Cloudflare's anti-bot and hosting obfuscation capabilities to prevent detection," Netcraft said in a report published Thursday. Some aspects of the phishing kit were documented by security researchers Will Thomas (@ BushidoToken) and Fox_threatintel (@banthisguy9349) in September 2024. Phishing kits like Xiū gǒu pose a risk because they could lower the barrier of entry for less skilled hackers, potentially leading to an increase in malicious campaigns that could lead to theft of ...
New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

Oct 29, 2024 Hardware Security / Vulnerability
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier ( IBPB ) on x86 chips, a crucial mitigation against speculative execution attacks. Speculative execution refers to a performance optimization feature wherein modern CPUs execute certain instructions out-of-order by predicting the branch a program will take beforehand, thus speeding up the task if the speculatively used value was correct. If it results in a misprediction, the instructions, called transient, are declared invalid and squashed, before the processor can resume execution with the correct value. While the execution results of transient instructions are not committed to the architectural program state, it's still ...
Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Oct 26, 2024 Cybercrime / Malware
Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan Khansvyarov guilty of illegal circulation of means of payment. Puzyrevsky and Khansvyarov have also been found guilty of using and distributing malware. To that end, Zaets and Malozemov were sentenced to 4.5 and 5 years in prison. Khansvyarov and Puzyrevsky received a jail term of 5.5 and 6 years, respectively. The four individuals are part of a group of 14 people who were initially detained in connection with the case. As reported by TASS back in January 2022, eight of them were charged by the court for their malicious activities. The remaining four members, Andrei Bessonov, Mikhail Golovach...
Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

Oct 25, 2024 Artificial Intelligence / Identity Security
Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they're happening across industries and outpacing traditional defense mechanisms.  The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses against AI impersonation fraud. Read more about how a secure-by-design identity platform can eliminate AI deepfake fraud and serve as a critical component in this new era of cyber defense.  The Growing Threat of AI Impersonation Fraud Recent incidents highlight the alarming potential of AI-powered fraud: A staggering $25 million was fraudulently transferred during a video call where deepfakes impersonated multiple executives. KnowBe4, a cybersecurity leader, was duped by deepfakes during hiring interviews, allowing a North Korean attacker to be onboarded to the organization. CEO of ...
SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures

SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures

Oct 25, 2024 Regulatory Compliance / Data Breach
The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020 . The SEC said the companies – Avaya, Check Point, Mimecast , and Unisys – are being penalized for how they handled the disclosure process in the aftermath of the SolarWinds Orion software supply chain incident and downplaying the extent of the breach, thereby infringing the Securities Act of 1933, the Securities Exchange Act of 1934, and related rules under them. To that end, Avaya will pay a fine of $1 million, Check Point will pay $995,000, Mimecast will pay $990,000, and Unisys will pay $4 million to settle the charges. In addition, the SEC has charged Unisys with disclosure controls and procedures violations. "While public companies may become targets of cyberattacks, it is incumbent upon them to not further victimize their sh...
The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

Oct 18, 2024 Webinar / Data Protection
Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today's fast-evolving landscape can feel like an impossible challenge. But there's a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech, super-powered lens that reveals your entire data puzzle—helping you find every piece, fix vulnerabilities, and secure everything with confidence. Join Our Webinar " Building a Successful Data Security Posture Management Program ," to Unlock the Full Potential of DSPM: Uncover Every Hidden Piece: DSPM shows you exactly where your critical data resides, even the parts you didn't know were there, so you can take control and secure it. Shield Your Data from Threats: Like a vigilant security guard, DSPM detects potential risks and helps you fend off attacks before they cause da...
Expert Insights / Articles Videos
Cybersecurity Resources