Security News
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems. Cobalt Strike is a commercial red-team framework that's mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware operators and espionage-focused advanced persistent threat groups alike.
The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away. A total of 22 locations were searched, and over EUR 1 098 500 in criminal assets seized.
On Thursday, a Puerto Rico judge sentenced a former University of Puerto Rico student to 13 months in prison for hacking over a dozen email and Snapchat accounts of female colleagues. Besides targeting dozens of student email accounts, he successfully hacked into multiple university email accounts and collected personal information in spoofing and phishing attacks.
Unfortunately the page that you requested does not exist. Don't worry we have some great suggestions to help you on your way! Based on the keywords found in the URL that you attempted to visit, we have suggested similar content and articles below.
The Cheerscrypt ransomware has been linked to a Chinese hacking group named 'Emperor Dragonfly,' known to frequently switch between ransomware families to evade attribution. The ransomware gang is tracked under different names, such as Bronze Starlight and DEV-0401, and has been seen using a wide variety of ransomware families since 2021.
Whether you relish a mental challenge or fancy a six-figure paycheck, there are many good reasons to get into white hat hacking. To help you get started, The Hacker News Deals is currently running an eye-catching offer: pay what you want for one video course, and get another eight courses if you beat the average price paid.
Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. The group is also considered part of the TA410 operatives, previously linked to attacks against U.S. energy providers.
The group uses two Windows-based malware that have been described as "Extremely complex" but there are indications of Linux malware, too. Researchers at SentinelLabs discovered Metador in an telecommunications company in the Middle East that had already been breached by about ten other threat actors originating from China and Iran, among them Moshen Dragon and MuddyWater.
In what's the latest crypto heist to target the decentralized finance space, hackers have stolen digital assets worth around $160 million from crypto trading firm Wintermute. The hack involved a series of unauthorized transactions that transferred USD Coin, Binance USD, Tether USD, Wrapped ETH, and 66 other cryptocurrencies to the attacker's wallet.
Uber on Monday disclosed more details related to the security incident that happened last week, pinning the attack on a threat actor it believes is affiliated to the notorious LAPSUS$ hacking group. As for how the attack unfolded, the ridesharing firm said an "EXT contractor" had their personal device compromised with malware and their corporate account credentials stolen and sold on the dark web, corroborating an earlier report from Group-IB. The Singapore-headquartered company, the previous week, noted that at least two of Uber's employees located in Brazil and Indonesia were infected with Raccoon and Vidar information stealers.