#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Jan 07, 2025 Firmware Security / Malware
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. "The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard firmware write protections," Eclypsium said in a report shared with The Hacker News. "This would allow an attacker on the system to overwrite the system firmware to either 'brick' the device or install a firmware implant for ongoing attacker persistence." While the Unified Extensible Firmware Interface ( UEFI ) is the modern replacement for the Basic Input/Output System (BIOS), the firmware security company said the iSeq 100 boots to an old version of BIOS (B480AM12 - 04/12/2018) that has known vulnerabilities. Also noticeably absent are protections to tell t...
Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year

Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year

Jan 07, 2025 Cybersecurity / Endpoint Security
It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing threats. Much like a tribute to celebrities lost in the past year, this article will look back at a few of cybersecurity's brightest stars that went dark in the past year.  1. Legacy Multi-Factor Authentication (MFA) Cause of Death: Compromised by sophisticated phishing, man-in-the-middle (MitM), SIM-swapping, and MFA prompt bombing attacks. The superstar of access security for more than twenty years, legacy MFA solutions enjoyed broad adoption followed by almost-universal responsibility for cybersecurity failures leading to successful ransomware attacks. These outdated solutions relied heavily on SMS or email-based codes o...
New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities

New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities

Jan 07, 2025 Cyber Attack / Hacking
Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais ) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. "The key plugins can be categorized in terms of their functionality into the following groups: Plugin Orchestrator, File System Manipulation, Remote Access Manager, Process Exploration, Network Connection Listing, and Service Management," Kaspersky researchers Saurabh Sharma and Vasily Berdnikov said in an analysis. The backdoor has been assessed by the Russian cybersecurity company with medium confidence to a threat group called CoughingDown. EAGERBEE was first documented by the Elastic Security Labs, attributing it to a state-sponsored and espionage-focused intrusion set dubbed REF5961. ...
cyber security

10 Best Practices for Building a Resilient, Always-On Compliance Program

websiteXM CyberCyber Resilience / Compliance
Download XM Cyber's handbook to learn 10 essential best practices for creating a robust, always-on compliance program.
cyber security

Find and Fix the Gaps in Your Security Tools

websitePrelude SecuritySecurity Control Validation
Connect your security tools for 14-days to find missing and misconfigured controls.
CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

Jan 07, 2025 Critical Infrastructure / Cyber Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better understanding of the breach and mitigate its impacts. "The security of federal systems and the data they protect is of critical importance to our national security," CISA said . "We are working aggressively to safeguard against any further impacts and will provide updates, as appropriate." The latest statement comes a week after the Treasury Department said it was the victim of a "major cybersecurity incident" that allowed Chinese state-sponsored threat actors to remotely access some computers and unclassified documents. The cyber attack, which came to light in early December 2024, involved a breach of BeyondTrust's systems that allowed the adversary to in...
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers

Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers

Jan 07, 2025 Vulnerability / Network Security
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution. The list of vulnerabilities is as follows - CVE-2024-9138 (CVSS 4.0 score: 8.6) - A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain root-level access to the system, leading to system compromise, unauthorized modifications, data exposure, or service disruption CVE-2024-9140 (CVSS 4.0 score: 9.3) - A vulnerability allows attackers to exploit special characters to bypass input restrictions, potentially leading to unauthorized command execution The shortcomings, reported by security researcher Lars Haulin, affect the below products and firmware versions - CVE-2024-9138 - EDR-810 Series (Firmware version 5.12.37 and earlier), EDR-8010 Series (Firmware version 3.13.1 and earlier), EDR-G902 Series (Firmware version 5.7.25 ...
India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

Jan 06, 2025 Regulatory Compliance / Data Privacy
The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau (PIB) said in a statement released Sunday. "Citizens are empowered with rights to demand data erasure, appoint digital nominees, and access user-friendly mechanisms to manage their data." The rules, which seek to operationalize the Digital Personal Data Protection Act, 2023, also give citizens greater control over their data, providing them with options for giving informed consent to processing their information, as well as the right to erase with digital platforms and address grievances. Companies operating in India are further required to implement security measures, such as encryption, access control, and data backups, to safeguard personal data, and ensure its c...
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]

Jan 06, 2025
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner. This week, we dive into the hidden risks, surprising loopholes, and the clever tricks cybercriminals are using to outsmart the systems we depend on. Stay with us as we unpack what's happening behind the screen and how you can stay one step ahead. ⚡ Threat of the Week Dozens of Google Chrome Extensions Caught Stealing Sensitive Data — The challenges with securing the software supply chain reared once again after about three dozen extensions were found surreptitiously siphoning sensitive data from roughly 2.6 million devices for several months as part of two related campaigns. The compromises came to light after data loss prevention service Cyberhaven revealed that its browser extens...
From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Jan 06, 2025 SaaS Security / Threat Detection
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024 ). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout players, unexpected underdogs, and relentless scorers leaving their mark on the SaaS security playing field.  As we enter 2025, security teams must prioritize SaaS security risk assessments to uncover vulnerabilities, adopt SSPM tools for continuous monitoring, and proactively defend their systems. Here are the Cyber Threat All-Stars to watch out for—the MVPs, rising stars, and master strategists who shaped the game. 1. ShinyHunters: The Most Valuable Player Playstyle: Precision Shots (Cybercriminal Organization) Biggest Wins: Snowflake, Ticketmaster and Authy Notable Drama: Exploited on...
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

Jan 06, 2025 Malware / Mobile Security
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake 'Telegram Premium' app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore – a popular app store in the Russian Federation," Cyfirma said , describing it as a "sophisticated and multifaceted threat." "The malware employs a multi-stage infection process, starting with a dropper APK, and performs extensive surveillance activities once installed." The phishing site in question, rustore-apk.github[.]io, mimics RuStore, an app store launched by Russian tech giant VK in the country, and is designed to deliver a dropper APK file ("GetAppsRu.apk"). Once installed, the dropper acts as a delivery vehicle for the main payload, which is responsible for exfiltrating sensitive data,...
Expert Insights Articles Videos
Cybersecurity Resources