TheHackerNews

February 24, 2024 The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users’ browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising …

FTC Slams Avast with $16.5 Million Fine for Selling Users’ Browsing Data Read More »

February 23, 2024 A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. “SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network,” Sysdig researcher Miguel Hernández said. “The worm automatically searches through known credential Article posted by: https://thehackernews.com/2024/02/cybercriminals-weaponizing-open-source.html …

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks Read More »

February 23, 2024 Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. “With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to …

Apple Unveils PQ3 Protocol – Post-Quantum Encryption for iMessage Read More »

February 23, 2024 An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People’s Republic of Korea (DPRK)-nexus …

Russian Government Software Backdoored to Deploy Konni RAT Malware Read More »

February 23, 2024 In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand …

A New Age of Hacktivism Read More »

February 23, 2024 The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. “Since January 2020, LockBit actors have executed over 2,000 attacks against victims in …

U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders Read More »

February 22, 2024 The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. “The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is …

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS Read More »

February 22, 2024 Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have …

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers Read More »

February 22, 2024 Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive …

New ‘VietCredCare’ Stealer Targeting Facebook Advertisers in Vietnam Read More »

February 22, 2024 With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, …

6 Ways to Simplify SaaS Identity Governance Read More »