Security News

Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and...

Iranian nation-state actors have been observed using a previously undocumented command-and-control framework called MuddyC2Go as part of attacks targeting Israel. The tool has been attributed to MuddyWater, an Iranian state-sponsored hacking crew that's affiliated to the country's Ministry of Intelligence and Security.

The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote shells on compromised devices. ObjCShellz is an Objective-C-based malware, quite different from other malicious payloads deployed in previous BlueNorOff attacks.

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber ransomware. Both vulnerabilities are critical, allowing threat actors to create unauthorized Confluence administrator accounts and lead to data loss.

Please turn on your JavaScript for this page to function normally. Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently.

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. In a report from cloud security company Aqua Nautilus, researchers describe a Kinsing malware attack where the threat actor exploited CVE-2023-4911 to elevate permissions on a compromised machine.

Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware. "The attacks are characterized by attempts to steal sensitive data, such as personally identifiable information and intellectual property," Palo Alto Networks Unit 42 said in a new report shared with The Hacker News.

Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called...

A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide. The suspect, a 21-year-old man from Zandvoort named Pepijn Van der Stap, has been convicted on multiple charges, including hacking into victims' computers, extortion, and laundering at least 2.5 million euros in cryptocurrency.

The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Russia's security agency published a press release on Tuesday saying that its officers detained two hackers who either assisted or joined Ukraine's hackers in cyber operations.