-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Even the Most Advanced Threats Rely on Unpatched Systems

Even the Most Advanced Threats Rely on Unpatched Systems

Jun 09, 2022
Common cybercriminals are a menace, there's no doubt about it – from bedroom hackers through to ransomware groups, cybercriminals are causing a lot of damage. But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups such as the famous hacking groups and state-sponsored groups. In fact, these tools can prove almost impossible to detect – and guard against. BVP47 is a case in point. In this article, we'll outline how this powerful state-sponsored malware has been quietly circulating for years, how it so cleverly disguises itself, and explain what that means for cybersecurity in the enterprise. Background story behind BVP47 It's a long story, fit for a spy novel. Earlier this year, a Chinese cybersecurity research group called Pangu Lab published an in-depth, 56-page report covering a piece of malicious code that the research group decided to call BVP47 (because BVP was the most common string in ...
A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

Jun 09, 2022
A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed  Aoqin Dragon  has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013. "Aoqin Dragon seeks initial access primarily through document exploits and the use of fake removable devices," SentinelOne researcher Joey Chen  said  in a report shared with The Hacker News. "Other techniques the attacker has been observed using include DLL hijacking,  Themida-packed files , and DNS tunneling to evade post-compromise detection." The group is said to have some level of tactical association with another threat actor known as  Naikon  (aka Override Panda), with the campaigns primarily directed against targets in Australia, Cambodia, Hong Kong, Singapore, and Vietnam. Infections chains mounted by Aoqin Dragon have banked on Asia-Pacific political affairs a...
New Emotet Variant Stealing Users' Credit Card Information from Google Chrome

New Emotet Variant Stealing Users' Credit Card Information from Google Chrome

Jun 09, 2022
Image Source: Toptal The notorious Emotet malware has turned to deploy a new module designed to siphon credit card information stored in the Chrome web browser. The credit card stealer, which exclusively singles out Chrome, has the ability to exfiltrate the collected information to different remote command-and-control (C2) servers, according to enterprise security company  Proofpoint , which observed the component on June 6. The development comes amid a  spike  in  Emotet   activity  since it was resurrected late last year following a 10-month-long hiatus in the wake of a law enforcement operation that  took down its attack infrastructure  in January 2021. Emotet, attributed to a threat actor known as TA542 (aka Mummy Spider or Gold Crestwood), is an advanced, self-propagating and modular trojan that's delivered via email campaigns and is used as a distributor for other payloads such as ransomware. As of April 2022, Emotet is still the ...
cyber security

The AI Security Starter Pack

websiteWizAI Security / Cloud Security
Unlock 7 of the most widely used AI security resources in one place. Each asset provides practical tools for securing AI apps, models, and agents.
cyber security

11 real-world stories proving how identity drift opens active attack paths

websiteXM CyberIdentity Security / Exposure Management
Learn how attackers leverage privilege drift to reach critical assets across 11 architectural teardowns.
Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability

Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability

Jun 08, 2022
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild. The issue — referenced as  DogWalk  — relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a specially crafted ".diagcab" archive file that contains a diagnostics configuration file. The idea is that the payload would get executed the next time the victim logs in to the system after a restart. The vulnerability affects all Windows versions, starting from Windows 7 and Server Server 2008 to the latest releases. DogWalk was originally  disclosed  by security researcher Imre Rad in January 2020 after Microsoft, having acknowledged the problem, deemed it as not a security issue. "There are a number of file types that can execute code in such a way but aren't techni...
U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers

U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers

Jun 08, 2022
U.S. cybersecurity and intelligence agencies have  warned  about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020. The widespread intrusion campaigns aim to exploit publicly identified security flaws in network devices such as Small Office/Home Office (SOHO) routers and Network Attached Storage (NAS) devices with the goal of gaining deeper access to victim networks. In addition, the actors used these compromised devices as route command-and-control (C2) traffic to break into other targets at scale, the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI)  said  in a joint advisory. The perpetrators, besides shifting their tactics in response to public disclosures, are known to employ a mix of open-source and custom tools for reconnaissance and vulnerability scanning as well as...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources