TheHackerNews

February 18, 2024 Google has announced that it’s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. “Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher precision on traditionally hard to identify, but potentially problematic content …

Google Open Sources Magika: AI-Powered File Identification Tool Read More »

February 18, 2024 Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction.  However, business communication channels are also a major target Article posted by: https://thehackernews.com/2024/02/how-businesses-can-safeguard-their.html …

How Businesses Can Safeguard Their Communication Channels Against Hackers Read More »

February 17, 2024 Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. …

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers Read More »

February 17, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it’s being likely exploited in Akira ransomware attacks. The vulnerability in question is  Article posted by: https://thehackernews.com/2024/02/cisa-warning-akira-ransomware.html …

CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability Read More »

February 17, 2024 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee. “This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published …

U.S. State Government Network Breached via Former Employee’s Account Read More »

February 17, 2024 A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing Amazon Web Services (AWS) Simple Notification Service (SNS). The SMS phishing messages are designed to propagate malicious links that are designed to capture victims’ personally identifiable information (PII) and payment …

Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks Read More »

February 17, 2024 With breaches making the headlines on an almost weekly basis, the cybersecurity challenges we face are becoming visible not only to large enterprises, who have built security capabilities over the years, but also to small to medium businesses and the broader public. While this is creating greater awareness among smaller businesses of …

Why We Must Democratize Cybersecurity Read More »

February 17, 2024 The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office (SOHO) routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. “These crimes included vast spear-phishing and similar credential harvesting campaigns against targets of intelligence …

U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage Read More »

February 16, 2024 The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023. “TinyTurla-NG, just like TinyTurla, is a small ‘last chance’ backdoor that is left behind to be used when all other unauthorized access/backdoor mechanisms have failed …

Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor Read More »

February 16, 2024 A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said the base operating system used by the Utah-based software company for the device is …

Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries Read More »