The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

It's not hard for a well-funded state-sponsored hacking group to break into corporate networks and compromise systems with malware, but what's challenging for them is to keep that backdoor and its communication undetectable from a firewall and other network monitoring applications. However, a cyber-espionage group known as " Platinum ," that is actively targeting governmental organisations, defense institutes, and telecommunication providers since at least 2009, has found a way to hide its malicious activities from host-based protection mechanisms. Microsoft has recently discovered that the cyber-espionage group is now leveraging Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) channel as a file-transfer tool to steal data from the targeted computers without detection. Intel-based chip sets come with an embedded technology, called AMT, which is designed to allow IT administrators to remotely manage and repair PCs, workstations, and serve...

Image Source: South China Morning Post Chinese authorities have announced the arrest of around 22 distributors working as Apple distributors as part of a $7 million operation, who stole customers' personal information from an internal Apple database and illegally sold it to Chinese black market vendors. According to a report from Chinese media , this underground network reportedly consisted of employees working in direct Apple suppliers, and other outsource firms in the Zhejiang, a province in eastern China. These employees had access to Apple databases along with other tools containing sensitive information about its customers. They allegedly used their company's internal computer system to gather data includes usernames, email addresses, phone numbers, and Apple IDs, and then sold it in the underground market for between 10 yuan ($1.47) and 80 yuan ($11.78) per data point. So far, the network has made a total of 50 million yuan (around $7.36 million). However, it is ...

A new Android-rooting malware with an ability to disable device' security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store. What's interesting? The app was smart enough to fool Google security mechanism by first pretending itself to be a clean app and then temporarily replacing it with a malicious version. Security researchers at Kaspersky Lab discovered a new piece of Android rooting malware that was being distributed as gaming apps on the Google Play Store, hiding behind puzzle game " colourblock ," which was being downloaded at least 50,000 times prior to its removal. Dubbed Dvmap , the Android rooting malware disables device's security settings to install another malicious app from a third-party source and also injects malicious code into the device system runtime libraries to gain root access and stay persistent. "To bypass Google Play Store security checks, the malware creators used ...

Python supply chain attacks are surging in 2025. Join our webinar to learn how to secure your code, dependencies, and runtime with modern tools and strategies.

Security researchers have discovered over a dozen of vulnerabilities in tens of thousands of web-connected cameras that can not be protected just by changing their default credentials. Vulnerabilities found in two models of IP cameras from China-based manufacturer Foscam allow attackers to take over the camera, view video feeds, and, in some cases, even gain access to other devices connected to a local network. Researchers at security firm F-Secure discovered 18 vulnerabilities in two camera models — one sold under the Foscam C2 and other under Opticam i5 HD brand — that are still unpatched despite the company was informed several months ago. In addition to the Foscam and Opticam brands, F-Secure also said the vulnerabilities were likely to exist in 14 other brands that use Foscam internals, including Chacon, 7links, Netis, Turbox, Thomson, Novodio, Nexxt, Ambientcam, Technaxx, Qcam, Ivue, Ebode and Sab. The flaws discovered in the IP cameras includes: Insecure default cr...

" Disable macros and always be extra careful when you manually enable it while opening Microsoft Office Word documents. " You might have heard of above-mentioned security warning multiple times on the Internet as hackers usually leverage this decade old macros-based hacking technique to hack computers through specially crafted Microsoft Office files, particularly Word, attached to spam emails. But a new social engineering attack has been discovered in the wild, which doesn't require users to enable macros ; instead it executes malware on a targeted system using PowerShell commands embedded inside a PowerPoint (PPT) file. Moreover, the malicious PowerShell code hidden inside the document triggers as soon as the victim moves/hovers a mouse over a link (as shown), which downloads an additional payload on the compromised machine -- even without clicking it. Researchers at Security firm SentinelOne have discovered that a group of hackers is using malicious PowerPoi...