-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering

U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering

Aug 09, 2022
The U.S. Treasury Department on Monday placed sanctions against crypto mixing service Tornado Cash, citing its use by the North Korea-backed Lazarus Group in the high-profile hacks of Ethereum bridges to launder and cash out the ill-gotten money. Tornado Cash, which allows users to move cryptocurrency assets between accounts by obfuscating their origin and destination, is estimated to have been used to launder more than $7.6 billion worth of virtual assets since its creation in 2019, the department said. Thefts, hacks, and fraud account for $1.54 billion of the total assets sent through the mixer, according to blockchain analytics firm  Elliptic . Crypto mixing is akin to shuffling digital currencies through a black box, blending a certain quantity of cryptocurrency in private pools before transferring it to its designated receivers for a fee. The aim is to make transactions anonymous and difficult to trace. "Despite public assurances otherwise, Tornado Cash has repeatedly f...
The Truth About False Positives in Security

The Truth About False Positives in Security

Aug 09, 2022
TL;DR: As weird as it might sound, seeing a few false positives reported by a security scanner is probably a good sign and certainly better than seeing none. Let's explain why. Introduction False positives have made a somewhat unexpected appearance in our lives in recent years. I am, of course, referring to the COVID-19 pandemic, which required massive testing campaigns in order to control the spread of the virus. For the record, a false positive is a result that appears positive (for COVID-19 in our case), where it is actually negative (the person is not infected). More commonly, we speak of false alarms. In computer security, we are also often confronted with false positives. Ask the security team behind any SIEM what their biggest operational challenge is, and chances are that false positives will be mentioned. A recent  report  estimates that as much as 20% of all the alerts received by security professionals are false positives, making it a big source of fatigue. Yet...
10 Credential Stealing Python Libraries Found on PyPI Repository

10 Credential Stealing Python Libraries Found on PyPI Repository

Aug 09, 2022
In what's yet another instance of malicious packages creeping into public code repositories, 10 modules have been removed from the Python Package Index (PyPI) for their ability to harvest critical data points such as passwords and API tokens. The packages "install info-stealers that enable attackers to steal developer's private data and personal credentials," Israeli cybersecurity firm Check Point  said  in a Monday report. A short summary of the offending packages is below - Ascii2text , which downloads a nefarious script that gathers passwords stored in web browsers such as Google Chrome, Microsoft Edge, Brave, Opera, and Yandex Browser Pyg-utils, Pymocks, and PyProto2 , which are designed to  steal users' AWS credentials Test-async and Zlibsrc , which download and execute malicious code during installation Free-net-vpn, Free-net-vpn2, and WINRPCexploit , which steal user credentials and environment variables, and Browserdiv , which are capable of coll...
cyber security

The AI Security Starter Pack

websiteWizAI Security / Cloud Security
Unlock 7 of the most widely used AI security resources in one place. Each asset provides practical tools for securing AI apps, models, and agents.
cyber security

11 real-world stories proving how identity drift opens active attack paths

websiteXM CyberIdentity Security / Exposure Management
Learn how attackers leverage privilege drift to reach critical assets across 11 architectural teardowns.
Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions

Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions

Aug 09, 2022
Over a dozen military-industrial complex enterprises and public institutions in Afghanistan and Europe have come under a wave of targeted attacks since January 2022 to steal confidential data by simultaneously making use of six different backdoors. Russian cybersecurity firm Kaspersky  attributed  the attacks "with a high degree of confidence" to a China-linked threat actor tracked by  Proofpoint  as  TA428 , citing overlaps in tactics, techniques, and procedures (TTPs).  TA428, also known by the names Bronze Dudley, Temp.Hex, and Vicious Panda, has a  history  of striking entities in Ukraine, Russia, Belarus, and Mongolia. It's believed to share connections with another hacking group called Mustang Panda (aka Bronze President). Targets of the latest cyber espionage campaign included industrial plants, design bureaus and research institutes, government agencies, ministries and departments in several East European countries and Afghanistan. A...
New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

Aug 08, 2022
A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure. "Because of the uncertainty of Bitcoin transactions, this technique is more unpredictable than using the common time-generated [ domain generation algorithms ], and thus more difficult to defend against," researchers from Qihoo 360's Netlab security team said in a Friday write-up. Orchard is said to have undergone three revisions since February 2021, with the botnet primarily used to deploy additional payloads onto a victim's machine and execute commands received from the C2 server. It's also designed to upload device and user information as well as infect USB storage devices to propagate the malware. Netlab's analysis shows that over 3,000 hosts have been enslaved by the malware to date, most of them located in China. Orchard has also been subjected to ...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources