Security News

A previously undocumented, fully undetectable PowerShell backdoor is being actively used by a threat actor who has targeted at least 69 entities. When first detected, the PowerShell backdoor was not seen as malicious by any vendors on the VirusTotal scanning service.

Attackers could exploit a now-patched spoofing vulnerability in Service Fabric Explorer to gain admin privileges and hijack Azure Service Fabric clusters.Service Fabric is a platform for business-critical applications that hosts over 1 million apps and powers many Microsoft products, including but not limited to Microsoft Intune, Dynamics 365, Skype for Business, Cortana, Microsoft Power BI, and multiple core Azure services.

An advanced persistent threat (APT) group of Chinese origin codenamed DiceyF has been linked to a string of attacks aimed at online casinos in Southeast Asia for years. Russian cybersecurity...

A hacking group named 'DiceyF' has been observed deploying a malicious attack framework against online casinos based in Southeast Asia since at least November 2021. According to a new report by Kaspersky, the DiceyF APT group does not appear to be targeting financial gains from the casinos but instead conducting stealthy cyberespionage and intellectual property theft.

Researchers at Symantec have uncovered cyberattacks attributed to the China-linked espionage actor APT41 that breached government agencies in Hong Kong and remained undetected for a year in some cases. Symantec's report notes that there are signs that the newly discovered Hong Kong activity is part of the same operation, and Winnti's targets are government agencies in the special administrative region.

The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released last week.

An advanced persistent threat actor known as Budworm targeted a U.S.-based entity for the first time in more than six years, according to latest research. The attack was aimed at an unnamed U.S. state legislature, the Symantec Threat Hunter team, part of Broadcom Software, said in a report shared with The Hacker News.

For just $4 each, The Ultimate White Hat Hacker Certification Bundle offers you 10 cybersecurity courses to teach you how to protect your network. The post How to become a white hat hacker...

A threat actor tracked as Polonium has been linked to over a dozen highly targeted attacks aimed at Israelian entities with seven different custom backdoors since at least September 2021. ESET's latest discovery of five more previously undocumented backdoors brings into focus an active espionage-oriented threat actor that's constantly refining and retooling its malware arsenal.

Malicious actors are resorting to voice phishing tactics to dupe victims into installing Android malware on their devices, new research from ThreatFabric reveals. Telephone-oriented attack delivery, as the social engineering technique is called, involves calling the victims using previously collected information from fraudulent websites.