-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices

New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices

Apr 25, 2022
A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically singling out Lilin security camera DVR devices to infect them with Mirai malware. Dubbed " Lilin Scanner " by Nozomi Networks, the  latest version  is designed to exploit a two-year-old critical  command injection vulnerability  in the DVR firmware that was patched by the Taiwanese company in February 2020. BotenaGo , first documented in November 2021 by AT&T Alien Labs, is written in Golang and features over 30 exploits for known vulnerabilities in web servers, routers and other kinds of IoT devices. The botnet's source code has since been uploaded to GitHub, making it ripe for abuse by other criminal actors. "With only 2,891 lines of code, BotenaGo has the potential to be the starting point for many new variants and new malware families using its source code," the researchers  said  this year. The new BotenaGo malware is the  latest  to exploit vulnera...
FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide

FBI Warns of BlackCat Ransomware That Breached Over 60 Organisations Worldwide

Apr 25, 2022
The U.S. Federal Bureau of Investigation (FBI) is sounding the alarm on the BlackCat ransomware-as-a-service (RaaS), which it said victimized at least 60 entities worldwide between as of March 2022 since its emergence last November. Also called ALPHV and  Noberus , the malware is notable for being the first-ever ransomware written in the Rust programming language, which is known to be memory safe and offer improved performance. "Many of the developers and money launderers for BlackCat/ALPHV are linked to  DarkSide / BlackMatter , indicating they have extensive networks and experience with ransomware operations," the FBI said in an  advisory  published last week. The disclosure comes weeks after twin reports from  Cisco Talos  and  Kasperksy  uncovered links between BlackCat and BlackMatter ransomware families, including the use of a modified version of a data exfiltration tool dubbed Fendr that's been previously only observed in BlackMatter-r...
T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code

T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code

Apr 23, 2022
Telecom company T-Mobile on Friday confirmed that it was the victim of a security breach in March after the LAPSUS$ mercenary gang managed to gain access to its networks. The acknowledgment came after investigative journalist Brian Krebs  shared  internal chats belonging to the core members of the group indicating that LAPSUS$ breached the company several times in March  prior to the arrest  of its seven members. T-Mobile, in a statement, said that the incident occurred "several weeks ago, with the "bad actor" using stolen credentials to access internal systems. "The systems accessed contained no customer or government information or other similarly sensitive information, and we have no evidence that the intruder was able to obtain anything of value," it added. The VPN credentials for initial access are said to have been obtained from illicit websites like Russian Market with the goal of gaining control of T-Mobile employee accounts, ultimately allowing ...
cyber security

Take the AI Sprawl CISO Survey. Get fast track to BlackHat swag

websiteRecoAI Security / SaaS Security
Answer questions on AI sprawl. First access to the peer benchmark report.
cyber security

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders

websiteZscalerAI Security / Network Security
VPN Risk Report reveals attackers using AI to move at machine speed, leaving legacy VPNs exposed.
Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Apr 23, 2022
Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as  CVE-2022-0540 , the flaw is rated 9.9 out of 10 on the CVSS scoring system and resides in Jira's authentication framework, Jira Seraph. Khoadha of Viettel Cyber Security has been credited with discovering and reporting the security weakness. "A remote, unauthenticated attacker could exploit this by sending a specially crafted HTTP request to bypass authentication and authorization requirements in WebWork actions using an affected configuration," Atlassian  noted . The flaw affects the following Jira products - Jira Core Server, Jira Software Server and Jira Software Data Center: All versions before 8.13.18, 8.14.x, 8.15.x, 8.16.x, 8.17.x, 8.18.x, 8.19.x, 8.20.x before 8.20.6, and 8.21.x Jira Service Management Server and Jira Service Management Data Cent...
Researcher Releases PoC for Recent Java Cryptographic Vulnerability

Researcher Releases PoC for Recent Java Cryptographic Vulnerability

Apr 22, 2022
A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online.  The  high-severity flaw  in question,  CVE-2022-21449  (CVSS score: 7.5), impacts the following versions of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2 The issue resides in Java's implementation of the Elliptic Curve Digital Signature Algorithm ( ECDSA ), a  cryptographic mechanism  to  digitally sign  messages and data for verifying the authenticity and the integrity of the contents. In a nutshell, the cryptographic blunder — dubbed Psychic Signatures in Java — makes it possible to present a totally blank signature, which would still be perceived as valid by the vulnerable implementation. Successful exploitation of the flaw could permit an attacker to forge signatures and bypass authenti...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources