#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Top 10 Critical Pentest Findings 2024: What You Need to Know

Top 10 Critical Pentest Findings 2024: What You Need to Know

Jun 11, 2024 Penetration Testing / Endpoint Security
One of the most effective ways for information technology (IT) professionals to uncover a company's weaknesses before the bad guys do is penetration testing. By simulating real-world cyberattacks, penetration testing, sometimes called pentests, provides invaluable insights into an organization's security posture, revealing weaknesses that could potentially lead to data breaches or other security incidents.  Vonahi Security , the creators of vPenTest, an automated network penetration testing platform, just released their annual report, " The Top 10 Critical Pentest Findings 2024 ." In this report, Vonahi Security conducted over 10,000 automated network pentests, uncovering the top 10 internal network pentest findings at over 1,200 organizations. Let's dive into each of these critical findings to better understand the common exploitable vulnerabilities organizations face and how to address them effectively. Top 10 Pentest Findings & Recommendations 1. Multicast DNS (MDNS) S...
Apple Launches Private Cloud Compute for Privacy-Centric AI Processing

Apple Launches Private Cloud Compute for Privacy-Centric AI Processing

Jun 11, 2024 Cloud Computing / Artificial Intelligence
Apple has announced the launch of a "groundbreaking cloud intelligence system" called Private Cloud Compute (PCC) that's designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud. The tech giant described PCC as the "most advanced security architecture ever deployed for cloud AI compute at scale." PCC coincides with the arrival of new generative AI (GenAI) features – collectively dubbed Apple Intelligence , or AI for short – that the iPhone maker unveiled in its next generation of software, including iOS 18 , iPadOS 18 , and macOS Sequoia . All of the Apple Intelligence features, both the ones that run on-device and those that rely on PCC, leverage in-house generative models trained on "licensed data, including data selected to enhance specific features, as well as publicly available data collected by our web-crawler, AppleBot." With PCC, the idea is to essentially offload complex requests that requir...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics

China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics

Jun 11, 2024 Malware / Cyber Attack
Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that's being distributed as part of a new campaign. "In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs," Zscaler ThreatLabz researchers Muhammed Irfan V A and Manisha Ramcharan Prajapati said . ValleyRAT was previously documented by QiAnXin and Proofpoint in 2023 in connection with a phishing campaign targeting Chinese-speaking users and Japanese organizations that distributed various malware families such as Purple Fox and a variant of the Gh0st RAT trojan known as Sainbox RAT (aka FatalRAT). The malware has been assessed to be the work of a China-based threat actor, boasting of capabilities to harvest sensitive information and drop additional payloads onto compromised hosts. The starting point is a downloader that utilizes an HTTP File Server (HFS) to fetch a file named...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Snowflake Breach Exposes 165 Customers' Data in Ongoing Extortion Campaign

Snowflake Breach Exposes 165 Customers' Data in Ongoing Extortion Campaign

Jun 11, 2024 Data Theft / Cloud Security
As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought. Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the as-yet-unclassified activity cluster under the name UNC5537 , describing it as a financially motivated threat actor. "UNC5537 is systematically compromising Snowflake customer instances using stolen customer credentials, advertising victim data for sale on cybercrime forums, and attempting to extort many of the victims," the threat intelligence firm said on Monday. "UNC5537 has targeted hundreds of organizations worldwide, and frequently extorts victims for financial gain. UNC5537 operates under various aliases on Telegram channels and cybercrime forums." There is evidence to suggest tha...
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Jun 11, 2024 Mobile Security / Technology
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as CVE-2024-4610 , the use-after-free issue impacts the following products - Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) Valhall GPU Kernel Driver (all versions from r34p0 to r40p0) "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory," the company said in an advisory last week. The vulnerability has been addressed in Bifrost and Valhall GPU Kernel Driver r41p0. It's worth noting that this version was released on November 24, 2022. The current version of the drivers is r49p0, which was shipped in April 2024. When reached for comment, Arm told The Hacker News that while it was addressed in 2022, it was provided additional information that reclassified the problem as a security vulnerability. "In 2022 Arm fixed a weakness in the r41p0 re...
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack

More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack

Jun 10, 2024 Phishing Attack / Cybercrime
Cybersecurity researchers have spotted a phishing attack distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago. The attack, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, Canadian cybersecurity firm eSentire disclosed last week. "Specifically, the targeted individual was a recruiter that was deceived by the threat actor into thinking they were a job applicant and lured them to their website to download the loader," it said. More_eggs, believed to be the work of a threat actor known as the Golden Chickens (aka Venom Spider), is a modular backdoor that's capable of harvesting sensitive information. It's offered to other criminal actors under a Malware-as-a-Service (MaaS) model. Last year, eSentire unmasked the real-world identities of two individuals – Chuck from Montreal and Jack – who are said to be running the operation. The latest atta...
Cybersecurity CPEs: Unraveling the What, Why & How

Cybersecurity CPEs: Unraveling the What, Why & How

Jun 10, 2024 Cybersecurity / Exposure Management
Staying Sharp: Cybersecurity CPEs Explained Perhaps even more so than in other professional domains, cybersecurity professionals constantly face new threats. To ensure you stay on top of your game, many certification programs require earning Continuing Professional Education (CPE) credits. CPEs are essentially units of measurement used to quantify the time and effort professionals spend on maintaining and enhancing skills and knowledge in the field of cybersecurity, and they act as points that demonstrate a commitment to staying current. CPEs are best understood in terms of other professions: just like medical, legal and even CPA certifications require continuing education to stay up-to-date on advancements and industry changes, cybersecurity professionals need CPEs to stay informed about the latest hacking tactics and defense strategies. CPE credits are crucial for maintaining certifications issued by various cybersecurity credentialing organizations, such as (ISC)², ISACA, and C...
Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers

Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers

Jun 10, 2024 Cloud Security / Vulnerability
Microsoft is warning about the potential abuse of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain unauthorized access to cloud resources. "This case does highlight an inherent risk in using service tags as a single mechanism for vetting incoming network traffic," the Microsoft Security Response Center (MSRC) said in a guidance issued last week. "Service tags are not to be treated as a security boundary and should only be used as a routing mechanism in conjunction with validation controls. Service tags are not a comprehensive way to secure traffic to a customer's origin and do not replace input validation to prevent vulnerabilities that may be associated with web requests." The statement comes in response to findings from cybersecurity firm Tenable, which found that Azure customers whose firewall rules rely on Azure Service Tags could be bypassed. There is no evidence t...
Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Jun 10, 2024 Social Media / Influence Operation
Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People's Republic of China (PRC). "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs," Google Threat Analysis Group (TAG) researcher Billy Leonard said in the company's quarterly bulletin released last week. The tech giant said it also terminated Ads, AdSense, and Blogger accounts linked to two coordinated influence operations with ties to Indonesia that shared content supportive of the ruling party in the country. Another big cluster dismantled by Google involved a network of 378 YouTube channels that it said originated from a Russian consulting firm and disseminated content that projected Russia in a favorable light and denigrated Ukraine and the West. The company further terminated one AdSense account and blocked 10 domains from showing up in Google News an...
Expert Insights / Articles Videos
Cybersecurity Resources