The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals—with no conscience and empathy—are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers. The new research, published by Palo Alto Networks and shared with The Hacker News, confirmed that "the threat actors who profit from cybercrime will go to any extent, including targeting organizations that are in the front lines and responding to the pandemic on a daily basis." While the security firm didn't name the latest victims, it said a Canadian government healthcare organization and a Canadian medical research university both suffered ransomware attacks, as criminal groups seek to exploit the crisis for financial gain. The attacks were detected between March 24 and March 26 and were initiated as part of the coronavirus-themed phishing campaigns that have become widespr

The Coronavirus quarantine introduces an extreme challenge for IT and Security teams to maintain secure environments during the mass transition of employees working remotely and the surge in cyberattacks targeting its inherent security weaknesses. In a webinar for security service providers taking place on April 22nd ( register here ), a leading MSSP will share how they conquer and overcome the coronavirus quarantine challenges to grow their customer base. The webinar sheds light on the opportunities and challenges this new reality introduces to MSSPs from the perspective of a leading Canadian MSSP. While it might sound strange to discuss the opportunities Coronavirus brings, especially with the changes it imposes on the IT environment, but it does bring a shift in priorities. It turns out that cyber threats that were normally considered a reasonable risk to contain, suddenly become regarded as a critical need to address. Thus, organizations that did not have advanced threat

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Tech giants Apple and Google have joined forces to develop an interoperable contact-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19. As part of this new initiative, the companies are expected to release an API that public agencies can integrate into their apps. The next iteration will be a built-in system-level platform that uses Bluetooth low energy (BLE) beacons to allow for contact tracing on an opt-in basis. The APIs are expected to be available mid-May for Android and iOS, with the broader contact tracing system set to roll out "in the coming months." "Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders," the companies said. The rare collaboration comes as governments worldwide are increasingly turning to technology such as phone tracking and facial recognition to

In our previous stories, you might have already read about various campaigns warning how threat actors are capitalizing on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money. Unfortunately, to some extent, it's working, and that's because the attack surface is changing and expanding rapidly as many organizations and business tasks are going digital without much preparation, exposing themselves to more potential threats. Most of the recent cyberattacks are primarily exploiting the fears around the COVID-19 outbreak—fueled by disinformation and fake news—to distribute malware via Google Play apps , malicious links and attachments, and execute ransomware attacks. Here, we took a look at some of the wide range of unseen threats rising in the digital space, powered by coronavirus-themed lures that cybercriminals are using for espionage and commercial gain. The latest development adds to a l

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ' distributed denial-of-service ' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as routers (from Dasan Zhone, Dlink, and ASUS), video recorders, and thermal cameras, to co-opt them into the botnet. So far, dark_nexus comprises at least 1,372 bots, acting as a reverse proxy, spanning across various locations in China, South Korea, Thailand, Brazil, and Russia. "While it might share some features with previously known IoT botnets, the way some of its modules have been developed makes it significantly more potent and robust," the researchers said . "For example, payloads are compiled for 12 different CPU architectures and dynamically deliver

Remember xHelper? A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices—making it nearly impossible to remove. xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected so many devices in the first place. In a blog post published today, Igor Golovin, malware analyst at Kaspersky, finally solved the mystery by unveiling technical details on the persistence mechanism used by this malware, and eventually also figured out how to remove xHelper from an infected device completely. As the initial attack vector and for distribution, the malware app disguises itself as a popular cleaner and speed optimization app for smartphones — affecting mostly users in Russia (80.56%), India (3.43%), and Algeria (2.43%). "But in reality, there is nothing useful about it: af

Coronavirus crisis introduces a heavy burden on the CISOs with the collective impact of a mass transition to working remotely coupled with a surge of cyberattacks that strive to monetize the general chaos. Security vendors, unintendedly, contribute to this burden by a relentless generation of noise in the form of attack reports, best practices, tips, and threat landscape analysis. Here we have a new " CISO Checklist for Secure Remote Working " ( download here ) that has been built to assist CISOs in navigating through this noise, providing them with a concise and high-level list of the absolute essentials needed to ensure their organization is well protected in these challenging times. The Coronavirus quarantine forces us to face a new reality. It is critical to acknowledge this new reality in order to understand how to successfully confront these changes. Make no mistake – these changed apply to any organization, regardless of its former security posture. For exa