#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

vnc viewer | Breaking Cybersecurity News | The Hacker News

Category — vnc viewer
Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

Oct 18, 2023 Cyber Attack / Malware
The North Korea-linked  Lazarus Group  (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as  Operation Dream Job . "The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews," Kaspersky  said  in its APT trends report for Q3 2023. "To avoid detection by behavior-based security solutions, this backdoored application operates discreetly, only activating when the user selects a server from the drop-down menu of the trojanized VNC client." Once launched by the victim, the counterfeit app is designed to retrieve additional payloads, including a known Lazarus Group malware dubbed  LPEClient , which comes fitted with capabilities to profile compromised hosts. Also deployed by the adversary is an updated version of  COPPERHEDGE , a backdoor ...
Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software

Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software

Nov 23, 2019
Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system. VNC (virtual network computing) is an open source graphical desktop sharing protocol based on RFB (Remote FrameBuffer) that allows users to remotely control another computer, similar to Microsoft's RDP service. The implementation of the VNC system includes a "server component," which runs on the computer sharing its desktop, and a "client component," which runs on the computer that will access the shared desktop. In other words, VNC allows you to use your mouse and keyboard to work on a remote computer as if you are sitting in front of it. There are numerous VNC applications, both free and commercial, compatible with widely used operating systems like Linux, macOS, Windows, and Android. Considering ...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Jan 09, 2025AI Security / SaaS Security
As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.  Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a customer support person using Agentic AI to automate tasks – without going through the proper channels. When these tools are used without IT or the Security team's knowledge, they often lack sufficient security controls, putting company data at risk. Shadow AI Detection Challenges Because shadow AI tools often embed themselves in approved business applications via AI assistants, copilots, and agents they are even more tricky to discover than traditional shadow IT. While traditional shadow apps can be identified through network monitoring methodologies that scan for unauthorized connections based on...
Expert Insights / Articles Videos
Cybersecurity Resources