Security News

Chinese Earth Krahang hackers breach 70 orgs in 23 countries
2024-03-18 20:49

A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. Specifically, the hackers have compromised 48 government organizations, 10 of which are Foreign Affairs ministries, and targeted another 49 government agencies.

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites
2024-03-18 12:35

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate...

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
2024-03-18 05:59

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in...

Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware
2024-03-17 09:00

Transitioning to memory-safe languages: Challenges and considerationsIn this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation, discusses the evolution of memory-safe programming languages and their emergence in response to the limitations of languages like C and C++. LastPass' CIO vision for driving business strategy, innovationRecently, LastPass appointed Asad Siddiqui as its CIO. He brings over two decades of experience leading startups and large technology organizations. MobSF: Open-source security research platform for mobile appsThe Mobile Security Framework is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile.

Hackers exploit Aiohttp bug to find vulnerable networks
2024-03-16 14:17

The ransomware actor 'ShadowSyndicate' was observed scanning for servers vulnerable to CVE-2024-23334, a directory traversal vulnerability in the aiohttp Python library. On January 28, 2024, aiohttp released version 3.9.2, addressing CVE-2024-23334, a high-severity path traversal flaw impacting all versions of aiohttp from 3.9.1 and older that allows unauthenticated remote attackers to access files on vulnerable servers.

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
2024-03-16 12:31

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub,...

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
2024-03-14 13:47

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario...

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware
2024-03-13 21:26

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. The flaw tracked as CVE-2024-21412 is a Windows Defender SmartScreen flaw that allows specially crafted downloaded files to bypass these security warnings.

Hackers abuse Windows SmartScreen flaw to drop DarkGate malware
2024-03-13 21:26

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. The flaw tracked as CVE-2024-21412 is a Windows Defender SmartScreen flaw that allows specially crafted downloaded files to bypass these security warnings.

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
2024-03-12 08:55

A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Magnet Goblin - as the threat actor has been dubbed by Check Point researchers - has been targeting unpatched edge devices and public-facing servers for years.