#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Jun 10, 2024 Social Media / Influence Operation
Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People's Republic of China (PRC). "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs," Google Threat Analysis Group (TAG) researcher Billy Leonard said in the company's quarterly bulletin released last week. The tech giant said it also terminated Ads, AdSense, and Blogger accounts linked to two coordinated influence operations with ties to Indonesia that shared content supportive of the ruling party in the country. Another big cluster dismantled by Google involved a network of 378 YouTube channels that it said originated from a Russian consulting firm and disseminated content that projected Russia in a favorable light and denigrated Ukraine and the West. The company further terminated one AdSense account and blocked 10 domains from showing up in Google News an
Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

Jun 10, 2024 Cyber Espionage / Malware
Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus. The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vaccine development, and the aviation sector, expanding beyond their initial focus of government organizations, Morphisec said in a report last week. "In previous campaigns, the infection chain began with phishing emails containing a link to download a malicious file from platforms like gofile.io," security researcher Arnold Osipov said. "This latest campaign used archive files containing LNK files pointing to a payload stored on WebDAV servers." Sticky Werewolf, one of the many threat actors targeting Russia and Belarus such as Cloud Werewolf (aka Inception and Cloud Atlas ), Quartz Wolf , Red Wolf (aka RedCurl ), and Scaly Wolf , was first documented by BI.ZONE in Octo
Why SaaS Security is Suddenly Hot: Racing to Defend and Comply

Why SaaS Security is Suddenly Hot: Racing to Defend and Comply

Jun 13, 2024SaaS Security / Shadow IT
Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don't have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initial control to SaaS sprawl and Shadow AI. These tools now offer incremental upgrades , helping security professionals meet their company budget or maturity level.  Regulatory pressure, SaaS and AI proliferation, and increased risk of breaches or data leaks through 3rd party apps, make SaaS security one of the hottest areas for practitioners to learn and adopt. New regulations will require robust third-party SaaS risk lifecycle management that begins with SaaS service discovery and third-party risk management (TPRM) and ends with the requirement from CISOs to report incidents in their supply chain
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

Jun 08, 2024 Vulnerability / Programming
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577 , has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system. According to DEVCORE security researchers, the shortcoming makes it possible to bypass protections put in place for another security flaw, CVE-2012-1823 . "While implementing PHP, the team did not notice the Best-Fit feature of encoding conversion within the Windows operating system," security researcher Orange Tsai said . "This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. Arbitrary code can be executed on remote PHP servers through the argument injection attack." Following responsible disclosure on May 7, 2024, a fix for the vulnerability has bee
cyber security

Start With a Free Risk Assessment to Find, Fix, and Fly Through SaaS Security

websiteWing SecuritySaaS Security / Shadow IT
In just minutes, uncover and take action against hidden SaaS threats with Wing's advanced SSPM solution.
Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns

Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns

Jun 08, 2024 Artificial Intelligence / Privacy
Microsoft on Friday said it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it an opt-in. Recall , currently in preview and coming exclusively to Copilot+ PCs on June 18, 2024, functions as an "explorable visual timeline" by capturing screenshots of what appears on users' screens every five seconds, which are subsequently analyzed and parsed to surface relevant information. But the feature, meant to serve as some sort of an AI-enabled photographic memory, was met with instantaneous backlash from the security and privacy community, which excoriated the company for having not thought through enough and implementing adequate safeguards that could prevent malicious actors from easily gaining a window into a victim's digital life. The recorded information could include screenshots of documents, emails, or messages containing sensitive details that may have been deleted or shared temporarily using disappearing
Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts

Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts

Jun 07, 2024 Cyber Hygiene / Webinar
2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these attacks? Astronomical. The damage to reputations? Irreparable. But here's the shocking truth: many of these attacks could have been prevented with basic cyber hygiene . Are you ready to transform your cybersecurity strategy? Join us for an exclusive webinar, " Better Basics Win the Cybersecurity Threat War: Defend, Deter, and Save ," where we'll reveal how to optimize your cyber hygiene and compliance costs. What you'll learn: The latest trends shaping the cybersecurity landscape: Get ahead of the curve and understand the evolving tactics of cybercriminals. How the CIS Controls and CIS Benchmarks can simplify your security efforts: Discover the power of these proven security best practices and how they can fortify your defenses. How a CIS SecureSuite Membership
LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

Jun 07, 2024 Mobile Security / Spyware
Cybersecurity researchers have disclosed that the LightSpy spyware recently identified as targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant. The findings come from both Huntress Labs and ThreatFabric , which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS, Linux, and routers from NETGEAR, Linksys, and ASUS. "The Threat actor group used two publicly available exploits ( CVE-2018-4233 ,  CVE-2018-4404 ) to deliver implants for macOS," ThreatFabric said in a report published last week. "Part of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. macOS version 10 was targeted using those exploits." LightSpy was first publicly reported in 2020, although subsequent reports from Lookout and the Dutch mobile security firm have revealed possible connections between the spyware and an Android s
Cyber Landscape is Evolving - So Should Your SCA

Cyber Landscape is Evolving - So Should Your SCA

Jun 07, 2024 Software Supply Chain / Myrror Security
Traditional SCAs Are Broken: Did You Know You Are Missing Critical Pieces? Application Security professionals face enormous challenges securing their software supply chains, racing against time to beat the attacker to the mark.  Software Composition Analysis (SCA) tools have become a basic instrument in the application security arsenal in the last 7 years. Although essential, many platforms end up creating more mess and driving the key pain in the industry - alert fatigue, leaving your supply chain exposed to critical vulnerabilities and malicious code attacks. Fortunately, alongside the black hat hackers making their best efforts to find new attack vectors and surfaces, innovative security tools are breaking new ground, helping organizations stay secure despite emerging threats. Myrror Security 's latest resource, "Your SCA is Broken Guide - The Missing Pieces In Your Software Composition Analysis Platform," offers application security professionals a view into the tra
The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash

The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash

Jun 07, 2024 Artificial Intelligence / Privacy
Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools. To that end, apps that generate content using AI must ensure they don't create Restricted Content , have a mechanism for users to report or flag offensive information , and market them in a manner that accurately represents the app's capabilities. App developers are also being recommended to rigorously test their AI models to ensure they respect user safety and privacy. "Be sure to test your apps across various user scenarios and safeguard them against prompts that could manipulate your generative AI feature to create harmful or offensive content," Prabhat Sharma, director of trust and safety for Google Play, Android, and Chrome, said . The development com
FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims

FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims

Jun 07, 2024 Ransomware / Endpoint Security
The U.S. Federal Bureau of Investigation (FBI) has disclosed that it's in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. "We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov," FBI Cyber Division Assistant Director Bryan Vorndran said in a keynote address at the 2024 Boston Conference on Cyber Security (BCCS). LockBit, which was once a prolific ransomware gang, has been linked to over 2,400 attacks globally, with no less than 1,800 impacting entities in the U.S. Earlier this February, an international law enforcement operation dubbed Cronos led by the U.K. National Crime Agency (NCA) dismantled its online infrastructure. Last month, a 31-year-old Russian national named Dmitry Yuryevich Khoroshev was outed by authorities as the group's administrator and developer, a
Expert Insights
Cybersecurity Resources