TheHackerNews

March 1, 2024 Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to use it for authentication, such as …

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems Read More »

March 1, 2024 As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And what cybersecurity approach gives you the most …

How to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROI Read More »

March 1, 2024 At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain Article posted by: https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html …

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware Read More »

March 1, 2024 The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most Article posted by: https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html ——————————————————————————————————————– …

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems Read More »

March 1, 2024 A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, inviting diplomatic staff to a wine-tasting Article …

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events Read More »

March 1, 2024 U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens’ personal data to countries of concern. The Executive Order also “provides safeguards around other activities that can give those countries access to Americans’ sensitive data,” the White House said in a statement. This includes sensitive information such as …

President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations Read More »

February 29, 2024 The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. “Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized,” the government said in an updated advisory. “This is likely in response to …

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks Read More »

February 29, 2024 An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant said in a new analysis. …

Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors Read More »

February 29, 2024 In today’s digital era, data privacy isn’t just a concern; it’s a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a transformative webinar where we unveil …

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data Read More »

February 29, 2024 In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The botnet, named MooBot, is said to have been …

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28’s MooBot Threat Read More »