Security News

A hacking group named 'DiceyF' has been observed deploying a malicious attack framework against online casinos based in Southeast Asia since at least November 2021. According to a new report by Kaspersky, the DiceyF APT group does not appear to be targeting financial gains from the casinos but instead conducting stealthy cyberespionage and intellectual property theft.

Researchers at Symantec have uncovered cyberattacks attributed to the China-linked espionage actor APT41 that breached government agencies in Hong Kong and remained undetected for a year in some cases. Symantec's report notes that there are signs that the newly discovered Hong Kong activity is part of the same operation, and Winnti's targets are government agencies in the special administrative region.

The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released last week.

An advanced persistent threat actor known as Budworm targeted a U.S.-based entity for the first time in more than six years, according to latest research. The attack was aimed at an unnamed U.S. state legislature, the Symantec Threat Hunter team, part of Broadcom Software, said in a report shared with The Hacker News.

For just $4 each, The Ultimate White Hat Hacker Certification Bundle offers you 10 cybersecurity courses to teach you how to protect your network. The post How to become a white hat hacker...

A threat actor tracked as Polonium has been linked to over a dozen highly targeted attacks aimed at Israelian entities with seven different custom backdoors since at least September 2021. ESET's latest discovery of five more previously undocumented backdoors brings into focus an active espionage-oriented threat actor that's constantly refining and retooling its malware arsenal.

Malicious actors are resorting to voice phishing tactics to dupe victims into installing Android malware on their devices, new research from ThreatFabric reveals. Telephone-oriented attack delivery, as the social engineering technique is called, involves calling the victims using previously collected information from fraudulent websites.

The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. The IcedID malware started in 2017 as a modular banking trojan but has since evolved into a malware dropper that is commonly used to gain initial access to corporate networks.

The pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service attacks against websites of several major airports in the U.S., making them unaccessible.The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.

The pro-Russian hacktivist group 'KillNet' has carried out large-scale DDoS attacks against several U.S. airports' websites, taking many of them offline. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services.