#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

DMARC: The First Line of Defense Against Ransomware

DMARC: The First Line of Defense Against Ransomware

Jun 28, 2021
There has been a lot of buzz in the industry about ransomware lately. Almost every other day, it's making headlines. With businesses across the globe holding their breath, scared they might fall victim to the next major ransomware attack, it is now time to take action. The FBI IC3 report of 2020 classified Ransomware as the most financially damaging cybercrime of the year, with no major improvement in 2021. Wouldn't it be nice if you could prevent a ransomware attack from occurring in the first place?  DMARC  can make this seemingly impossible claim a possibility for domain owners!  Multiple benefits arise from your DMARC implementation over time, including an increase in the deliverability of your email as well as a higher domain reputation. DMARC is also known as the first line of defense against Ransomware. Let's take a closer look. What are the Risks Associated with Ransomware?  Ransomware is malicious software that installs itself on your computer without...
Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online

Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online

Jun 28, 2021
A security vulnerability in Cisco Adaptive Security Appliance (ASA) that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept (PoC) exploit code. The PoC was  published  by researchers from cybersecurity firm Positive Technologies on June 24, following which reports emerged that attackers are chasing after an exploit for the bug. "Tenable has also received a report that attackers are exploiting CVE-2020-3580 in the wild," the cyber exposure company  said . Tracked as  CVE-2020-3580  (CVSS score: 6.1), the issue concerns multiple vulnerabilities in the web services interface of Cisco ASA software and Cisco Firepower Threat Defense (FTD) software that could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks on an affected device. As of July 2020, there were a little over  85,000 ASA/FTD devices , 398 of whi...
SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers

SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers

Jun 28, 2021
In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess passwords and gain access to its customer accounts. "This recent activity was mostly unsuccessful, and the majority of targets were not successfully compromised – we are aware of three compromised entities to date," the tech giant's Threat Intelligence Center  said  Friday. "All customers that were compromised or targeted are being contacted through our nation-state notification process." The development was first  reported  by news service Reuters. The names of the victims were not revealed. The latest wave in a series of intrusions is said to have primarily targeted IT companies, followed by government agencies, non-governmental organizations, think tanks, and financ...
cyber security

Secure your LLMs Against Real-World Threats

websiteWizLLM Security / Artificial Intelligence
LLMs move fast. So do the risks. Get practical, real-world steps to defend against prompt injection, model poisoning, and more.
cyber security

2025 Gartner® MQ Report for Endpoint Protection Platforms (July 2025 Edition)

websiteSentinelOneEndpoint Protection / Unified Security
Compare leading Endpoint Protection vendors and see why SentinelOne is named a 5x Leader
Google Extends Support for Tracking Party Cookies Until 2023

Google Extends Support for Tracking Party Cookies Until 2023

Jun 25, 2021
Google's sweeping proposal to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years. "While there's  considerable progress  with this initiative, it's become clear that more time is needed across the ecosystem to get this right," Chrome's Privacy Engineering Director, Vinay Goel,  said  Thursday. In buying extra time, the search giant said it hopes to arrive at a consensus on the right solutions, while simultaneously engaging with regulators, and enabling publishers and the advertising industry to migrate their services to privacy-preserving technologies that prevent "alternative forms of individual tracking, and discourage the rise of covert approaches like  fingerprinting ." The revised timelines comes close on the heels of a fresh regulatory setback in the European Union, after the Euro...
Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack

Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack

Jun 25, 2021
Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers. Attributing the attacks to a "sophisticated threat actor," the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware, implying that the targeted devices are publicly accessible over the internet. "The threat actor attempts to access a device through WAN; if successful, they then bypass authentication and establish SSL VPN tunnels with unknown user accounts, such as 'zyxel_slIvpn', 'zyxel_ts', or 'zyxel_vpn_test', to manipulate the device's configuration," Zyxel said in an  email message , which was shared on Twitter. As of writing, it's not immediately known if the attacks are exploiting previously known vulnerabilities...
Crackonosh virus mined $2 million of Monero from 222,000 hacked computers

Crackonosh virus mined $2 million of Monero from 222,000 hacked computers

Jun 25, 2021
A previously undocumented Windows malware has infected over 222,000 systems worldwide since at least June 2018, yielding its developer no less than 9,000 Moneros ($2 million) in illegal profits. Dubbed " Crackonosh ," the malware is distributed via illegal, cracked copies of popular software, only to disable antivirus programs installed in the machine and install a coin miner package called XMRig for stealthily exploiting the infected host's resources to mine Monero. At least 30 different versions of the malware executable have been discovered between Jan. 1, 2018, and Nov. 23, 2020, Czech cybersecurity software company Avast  said  on Thursday, with a majority of the victims located in the U.S., Brazil, India, Poland, and the Philippines. Crackonosh works by replacing critical Windows system files such as "serviceinstaller.msi" and "maintenance.vbs" to cover its tracks and abuses the  safe mode , which prevents antivirus software from working, to...
FIN7 Supervisor Gets 7-Year Jail Term for Stealing Millions of Credit Cards

FIN7 Supervisor Gets 7-Year Jail Term for Stealing Millions of Credit Cards

Jun 25, 2021
A Ukrainian national and a mid-​level supervisor of the hacking group known as FIN7 has been sentenced to seven years in prison for his role as a "pen tester" and perpetuating a criminal scheme that enabled the gang to compromise millions of customers debit and credit cards. Andrii Kolpakov , 33, was arrested in Spain on June 28, 2018, and subsequently extradited to the U.S. the following year on June 1, 2019. In June 2020, Kolpakov pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking. The Western District of Washington also ordered Kolpakov to pay $2.5 million in restitution. The defendant, who was involved with the group from April 2016 until his arrest, managed other hackers who were tasked with breaching the point-of-sale systems of companies, both in the U.S. and elsewhere, to deploy malware capable of stealing financial information. FIN7 , also called Anunak, Carbanak Group , and the Navigator Group,...
Clop Gang Partners Laundered $500 Million in Ransomware Payments

Clop Gang Partners Laundered $500 Million in Ransomware Payments

Jun 25, 2021
The cybercrime ring that was apprehended last week in connection with Clop (aka Cl0p) ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities. "The group — also known as FANCYCAT — has been running multiple criminal activities: distributing cyber attacks; operating a high-risk exchanger; and laundering money from dark web operations and high-profile cyber attacks such as Cl0p and Petya ransomware," popular cryptocurrency exchange Binance  said  Thursday. On June 16, the Ukraine Cyber Police  nabbed six individuals  in the city of Kyiv, describing the arrests as resulting from an international operation involving law enforcement authorities from Korea, the U.S., and Interpol. While the bust was seen as a major blow to the operations of the Clop gang, the hackers published earlier this week a fresh batch of confidential employee records st...
BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models

BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models

Jun 24, 2021
Cybersecurity researchers on Thursday disclosed a chain of vulnerabilities affecting the BIOSConnect feature within Dell Client BIOS that could be abused by a privileged network adversary to gain arbitrary code execution at the BIOS/UEFI level of the affected device. "As the attacker has the ability to remotely execute code in the pre-boot environment, this can be used to subvert the operating system and undermine fundamental trust in the device," researchers from enterprise device security firm Eclypsium said . "The virtually unlimited control over a device that this attack can provide makes the fruit of the labor well worth it for the attacker." In all, the flaws affect 128 Dell models spanning across consumer and business laptops, desktops, and tablets, totalling an estimated 30 million individual devices. Worse, the weaknesses also impact computers that have  Secure Boot  enabled, a security feature designed to prevent  rootkits from being installed  at boot...
Expert Insights Articles Videos
Cybersecurity Resources