Search results for New world hacks | Breaking Cybersecurity News | The Hacker News

One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or to deliver spam campaigns through a commonly associated components called Cutwail that are frequently installed on compromised PCs. Pushdo was first seen over 7 years ago and was a very prolific virus in 2007. Now, a new variant of the malware is being updated to leverage a new domain-generation algorithm (DGA) as a fallback mechanism to its normal command-and-control (C&C) communication methods. DGAs are used to dynamically generating a list of domain names based on an algorithm and only making one live at a time, blocking on 'seen' Command & Control domain names becomes nearly impossible. With the help of a DGA, cyber criminals could have a series of advantages ...

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it's up to organizations to stay one step ahead by implementing strong cybersecurity measures and programs.  Here's a look at how cybercrime will evolve in 2023 and what you can do to secure and protect your organization in the year ahead.  Increase in digital supply chain attacks  With the rapid modernization and digitization of supply chains come new security risks. Gartner predicts that  by 2025, 45% of organizations worldwide will have experienced attacks  on their software supply chains—this is a three-fold increase from 2021. Previously, these types of attacks weren't even likely to happen because supply chains weren't connected to the internet. But now that they are, supply chains need to be secured properly.  The introduction of new technology around software supply chains means there are likely security holes that have yet to be identified, bu...

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car's tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn't fiction; it's the new cyber reality. Today's attackers have become so sophisticated that they're using our trusted tools as secret pathways, slipping past defenses without a 🔍 trace. For banks 🏦, this is especially alarming. Today's malware doesn't just steal codes; it targets the very trust that digital banking relies on. These threats are more advanced and smarter than ever, often staying a step ahead of defenses. And it doesn't stop there. Critical systems that power our cities are at risk too. Hackers are hiding within the very tools that run these essential services, making them harder to detect and harder to stop. It's a high-stakes game of hide-and-seek, where each move raises the risk. As these threats grow, let's dive ...

Cybersecurity never slows down. Every week brings new threats, new vulnerabilities, and new lessons for defenders. For security and IT teams, the challenge is not just keeping up with the news—it's knowing which risks matter most right now. That's what this digest is here for: a clear, simple briefing to help you focus where it counts. This week, one story stands out above the rest: the Salesloft–Drift breach, where attackers stole OAuth tokens and accessed Salesforce data from some of the biggest names in tech. It's a sharp reminder of how fragile integrations can become the weak link in enterprise defenses. Alongside this, we'll also walk through several high-risk CVEs under active exploitation, the latest moves by advanced threat actors, and fresh insights on making security workflows smarter, not noisier. Each section is designed to give you the essentials—enough to stay informed and prepared, without getting lost in the noise. ⚡ Threat of the Week Salesloft to Take Drift Of...

Ever wonder what happens when attackers don't break the rules—they just follow them better than we do? When systems work exactly as they're built to, but that "by design" behavior quietly opens the door to risk? This week brings stories that make you stop and rethink what's truly under control. It's not always about a broken firewall or missed patch—it's about the small choices, default settings, and shortcuts that feel harmless until they're not. The real surprise? Sometimes the threat doesn't come from outside—it's baked right into how things are set up. Dive in to see what's quietly shaping today's security challenges. ⚡ Threat of the Week FBI Warns of Scattered Spider's on Airlines — The U.S. Federal Bureau of Investigation (FBI) has warned of a new set of attacks mounted by the notorious cybercrime group Scattered Spider targeting the airline sector using sophisticated social engineering techniques to obtain initial access. Cybersecurity vendors Palo Alto Networks Unit 4...

Security researchers have been warning for years about critical security holes in the Signaling System 7 (SS7) that could allow hackers to listen in private phone calls and read text messages on a potentially vast scale, despite the most advanced encryption used by cellular networks. Cellular networks, on the other hand, have consistently been ignoring this serious issue, saying that it is a very low risk for most people, as the exploitation of the SS7 flaws requires significant technical and financial investment. But some unknown hackers have just proved them wrong by recently exploiting the design flaws in the SS7 to drain victims' bank accounts, according to a report published Wednesday by German-based newspaper Süddeutsche Zeitung. SS7 is a telephony signaling protocol created in the 1980s by telcos and powered more than 800 telecom operators across the world, including AT&T and Verizon, to interconnect and exchange data, like routing calls and texts with one a...

Researchers have discovered over 100 malicious nodes on the Tor anonymity network that are "misbehaving" and potentially spying on Dark Web sites that use Tor to mask the identities of their operators. Two researchers, Amirali Sanatinia and Guevara Noubir, from Northwestern University, carried out an experiment on the Tor Network for 72 days and discovered at least 110 malicious Tor Hidden Services Directories (HSDirs) on the network. The nodes, also known as the Tor hidden services directories ( HSDirs ) are servers that act as introductory points and are configured to receive traffic and direct users to hidden services (" .onion " addresses). In other words, the hidden services directory or HSDir is a crucial element needed to mask the true IP address of users on the Tor Network. But, here's the issue: HSDir can be set up by anyone. "Tor's security and anonymity is based on the assumption that the large majority of its relays are honest and...

Stratfor hacked by Anonymous Hackers for #AntiSec Stratfor who provides strategic intelligence on global business, economic, security and geopolitical affairs just now has been defaced by Anonymous Group of Hackers. Mirror of Hack is available here . Lulzsec Leader, SABU tweeted that " Over 90,000 Credit cards from LEA, journalists, intelligence community and whitehats leaked and used for over a million dollars in donations ". Private Clients List of Stratfor is also leaked on a Pastebin note. For all this clients have been exposed sensible information including credit cards (which supposedly have been used to make $1 million in "donations"), as well as over 200 GB of email correspondence. As a result of this incident the operation of Stratfor's servers and email have been suspended. Anonymous has now exposed two lists of credit card details belonging to people who have subscribed to STRATFOR services, the first one containing 3956 card details and the second one...