The hacker new
-
Okta Discloses Broader Impact Linked to October 2023 Support System Breach
Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its...
-
DJVU Ransomware's Latest Variant 'Xaro' Disguised as Cracked Software
A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is...
-
GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability
The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based...
-
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different...
-
How to Handle Retail SaaS Security on Cyber Monday
If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be...
-
Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections
A new study has demonstrated that it's possible for passive network attackers to obtain private RSA host keys from a vulnerable SSH server by...
-
U.S., U.K., and Global Partners Release Secure AI System Development Guidelines
The U.K. and U.S., along with international partners from 16 other countries, have released new guidelines for the development of secure artificial...
-
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an...
-
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose...
-
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain...
-
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive...
-
Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself is...