Security
Headlines
HeadlinesLatestCVEs

Tag

#The Hacker News

Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware

A threat cluster linked to the Russian nation-state actor tracked as Sandworm has continued its targeting of Ukraine with commodity malware by masquerading as telecom providers, new findings show. Recorded Future said it discovered new infrastructure belonging to UAC-0113 that mimics operators like Datagroup and EuroTransTelecom to deliver payloads such as Colibri loader and Warzone RAT. The

The Hacker News
#vulnerability#web#mac#windows#microsoft#git#java#intel#botnet#asus#The Hacker News
Uber Blames LAPSUS$ Hacking Group for Recent Security Breach

Uber on Monday disclosed more details related to the security incident that happened last week, pinning the attack on a threat actor it believes is affiliated to the notorious LAPSUS$ hacking group. "This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, NVIDIA, and Okta, among others," the San Francisco-based

Rockstar Games Confirms Hacker Stole Early Grand Theft Auto VI Footage

American video game publisher Rockstar Games on Monday revealed it was a victim of a "network intrusion" that allowed an unauthorized party to illegally download early footage for the Grand Theft Auto VI. "At this time, we do not anticipate any disruption to our live game services nor any long-term effect on the development of our ongoing projects," the company said in a notice shared on its

Emotet Botnet Started Distributing Quantum and BlackCat Ransomware

The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti's official retirement from the threat landscape this year. Emotet started off as a banking trojan in 2014, but updates added to it over time have transformed the malware into a highly potent threat that's capable of downloading other payloads onto the victim's machine,

Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It

Organizations and security teams work to protect themselves from any vulnerability, and often don't realize that risk is also brought on by configurations in their SaaS apps that have not been hardened. The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect example of how threat actors can exploit legitimate features and configurations that haven't been

Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware

A decryptor for the LockerGoga ransomware has been made available by Romanian cybersecurity firm Bitdefender in collaboration with Europol, the No More Ransom project, and Zürich law enforcement authorities. Identified in January 2019, LockerGoga drew headlines for its attacks against the Norwegian aluminum giant Norsk Hydro. It's said to have infected more than 1,800 victims in 71 countries,

Microsoft Warns of Large-Scale Click Fraud Campaign Targeting Gamers

Microsoft said it's tracking an ongoing large-scale click fraud campaign targeting gamers by means of stealthily deployed browser extensions on compromised systems. "[The] attackers monetize clicks generated by a browser node-webkit or malicious browser extension secretly installed on devices," Microsoft Security Intelligence said in a sequence of tweets over the weekend. The tech giant's

Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This

Uber, in an update, said there is "no evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday. "We have no evidence that the incident involved access to sensitive user data (like trip history)," the company said. "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational."

Hackers Had Access to LastPass's Development Systems for Four Days

Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass CEO Karim Toubba said in an update shared on September 15, adding, "there is no evidence that this

Researchers Find Link b/w PrivateLoader and Ruzki Pay-Per-Install Services

Cybersecurity researchers have exposed new connections between a widely used pay-per-install (PPI) malware service known as PrivateLoader and another PPI service dubbed ruzki. "The threat actor ruzki (aka les0k, zhigalsz) advertises their PPI service on underground Russian-speaking forums and their Telegram channels under the name ruzki or zhigalsz since at least May 2021," SEKOIA said. The