AttackFeed Cybersecurity News

0

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers  – The Hacker News

Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials. “Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems,” Elastic Security Labs said in a new analysis  – Read More  – The...

0

Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers  – The Hacker News

Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices. For service providers, adhering to NIST  – Read More  – The Hacker News 

0

How SSL Misconfigurations Impact Your Attack Surface  – The Hacker News

When assessing an organization’s external attack surface, encryption-related issues (especially SSL misconfigurations) receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited.  This highlights how important your SSL configurations are in maintaining your web application security and  – Read More  – The Hacker News 

0

Threat Level – GUARDED  – Cyber Threat Alert

On March 26, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in AMI, Veeam, and Google products. On March 20, the MS-ISAC released two advisories. The first advisory was for a vulnerability in AMI MegaRAC software that could allow for remote code execution. The second advisory was for a vulnerability in Veeam...

0

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites  – The Hacker News

The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them remote access to compromised Windows systems. “This malware allows attackers to execute remote shell commands and other system operations, giving them full control over an infected...

0

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth  – The Hacker News

Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. “Hijack Loader released a new module that implements call stack spoofing to hide the origin of function calls (e.g., API and system calls),” Zscaler ThreatLabz researcher Muhammed Irfan V A said in  –...

0

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity  – CyberScoop

Witnesses at a House hearing on medical device cybersecurity Tuesday called out the need for more proactive tracking of products used across the country, saying the status quo leaves many health system owners and operators in the dark about vulnerabilities, exploitation and patching updates. Testifying before the House Energy and Commerce Subcommittee on Oversight and Investigations, Dr. Christian Dameff at...

0

Apple issues fixes for vulnerabilities in both old and new OS versions  – CyberScoop

Apple released security updates Monday to address software defects in the latest version of the company’s Safari browser and other applications across iOS, iPadOS and macOS.  The security issues addressed across the latest versions of Apple’s most popular platforms include 62 vulnerabilities affecting iOS 18.4 and iPadOS 18.4, 131 vulnerabilities affecting macOS Sequoia 15.4 and 14 vulnerabilities affecting Safari 18.4....

0

Renew — but improve — billion-dollar cyber grant program to states and locals, House witnesses say  – CyberScoop

It’s vital that Congress renew the expiring $1 billion state and local cybersecurity grant program, witnesses testified before a House panel, but they added that it could benefit from some upgrades, too. New York Rep. Andrew Garbarino, chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection that held the hearing Tuesday, said the four-year cyber grant program...

0

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign  – The Hacker News

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has been attributed to a...

0

Democratic groups sue to block Trump administration’s elections order  – CyberScoop

The Democratic Party has filed a lawsuit against the Trump administration over its elections executive order, arguing the president lacks the constitutional authority to regulate elections by fiat. The suit, filed Monday in the District of Columbia District Court, was brought by Senate Minority Leader Chuck Schumer, D-N.Y., House Minority Leader Hakeem Jeffries, D-N.Y., the Democratic National Committee, Democratic Governors...

0

Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform  – The Hacker News

On the 21st birthday of Gmail, Google has announced a major update that allows enterprise users to send end-to-end encrypted (E2EE) to any user in any email inbox in a few clicks. The feature is rolling out starting today in beta, allowing users to send E2EE emails to Gmail users within an organization, with plans to send E2EE emails to...

0

The AI Fix #44: AI-generated malware, and a stunning AI breakthrough  – Graham Cluley

In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the show’s podcast art, some students manage to screw in a lightbulb, Google releases Gemini 2.5 Pro Experimental and nobody notices, and Mark invents a clock for measuring AI time. Graham explains how ChatGPT’s love for Young Adult fiction can be used to turn...

0

ReliaQuest secures $500 Million in funding, boosting AI-driven cybersecurity operations  – CyberScoop

U.S.-based cybersecurity firm ReliaQuest has secured a significant funding boost with a new investment round totaling over $500 million, elevating the company’s valuation to $3.4 billion. The funding round was led by global investors EQT Partners, KKR, and FTV Capital, alongside existing investors Ten Eleven Ventures and Finback Investment Partners. This fresh capital injection underscores ReliaQuest’s ambition to enhance and...

0

Identity lapses ensnared organizations at scale in 2024  – CyberScoop

Cybercriminals predominantly relied on weaknesses in identity controls to afflict organizations in 2024, with valid accounts being the main way they gained access for the second year in a row, Cisco Talos said in an annual report released Monday. Across the incident response cases Cisco Talos responded to last year, 60% involved an identity attack component, researchers said. Attackers used...

0

Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing  – The Hacker News

A new sophisticated phishing-as-a-service (PhaaS) platform called Lucid has targeted 169 entities in 88 countries using smishing messages propagated via Apple iMessage and Rich Communication Services (RCS) for Android. Lucid’s unique selling point lies in its weaponizing of legitimate communication platforms to sidestep traditional SMS-based detection mechanisms. “Its scalable,  – Read More  – The Hacker News 

0

New Case Study: Global Retailer Overshares CSRF Tokens with Facebook  – The Hacker News

Are your security tokens truly secure? Explore how Reflectiz helped a giant retailer to expose a Facebook pixel that was covertly tracking sensitive CSRF tokens due to human error misconfigurations. Learn about the detection process, response strategies, and steps taken to mitigate this critical issue. Download the full case study here.  By implementing Reflectiz’s recommendations, the  – Read More  –...

0

China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions  – The Hacker News

Cybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions. “The first sighting of its activity was in the second quarter of 2023; back then, it was  – Read More ...

0

Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign  – The Hacker News

Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals. “This pattern suggests a coordinated effort to probe network defenses and identify exposed or vulnerable systems, potentially as a precursor to targeted exploitation,” threat  – Read More  – The Hacker...

0

Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices  – The Hacker News

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below – CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to...

0

Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices  – The Hacker News

Apple has been hit with a fine of €150 million ($162 million) by France’s competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it’s imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS devices between April 26, 2021...

0

DOJ charges hacker for 2021 Texas GOP website defacement  – CyberScoop

The Department of Justice unsealed charges against Canadian citizen Aubrey Cottle, a hacker who goes by the handle “Kirtaner,” for a 2021 incident that resulted in the defacement of the Texas Republican Party’s website. Prosecutors have charged Cottle, an early member of the hacktivist group Anonymous, for the defacement, as well as downloading contents from an Apache backup web server...

0

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp  – The Hacker News

The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp. The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208. “The threat actor deploys payloads primarily by means of  – Read...

0

The North Korea worker problem is bigger than you think  – CyberScoop

North Korean nationals have infiltrated businesses across the globe with a more expansive level of organization and deep-rooted access than previously thought, insider risk management firm DTEX told CyberScoop.  This swarm of technical North Korean experts isn’t just intruding businesses as ad hoc freelance IT workers; they’ve gained full-time employment as engineers and specialists of various skill sets with the...

0

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images  – The Hacker News

Threat actors are using the “mu-plugins” directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. mu-plugins, short for must-use plugins, refers to plugins in a special directory (“wp-content/mu-plugins”) that are automatically executed by WordPress without the need to enable them explicitly via the  – Read More ...

0

5 Impactful AWS Vulnerabilities You’re Responsible For  – The Hacker News

If you’re using AWS, it’s easy to assume your cloud security is handled – but that’s a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains the customer’s responsibility. Think of AWS security like protecting a building: AWS provides strong walls and a solid roof, but it’s up to the customer to handle the locks,...

0

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More  – The Hacker News

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the...

0

Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine  – The Hacker News

Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. “The file names use Russian words related to the movement of troops in Ukraine as a lure,” Cisco Talos researcher Guilherme Venere said in a report published last week. “The PowerShell downloader contacts geo-fenced servers located in Russia...

AttackFeed by Joe Wagner
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.