Tag
#The Hacker News
One of the determining factors of how much damage a cyber-attack cause is how fast organizations can respond to it. Time to response is critical for security teams, and it is a major hurdle for leaner teams. To help improve this metric and enhance organizations’ ability to respond to attacks quickly, many endpoint detection and response (EDR) and extended detection and response (XDR) vendors<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/ksXg3mvAbC0" height="1" width="1" alt=""/>
The U.S. Treasury Department on Tuesday imposed sanctions on Russian cryptocurrency exchange Suex for helping facilitate and launder transactions from at least eight ransomware variants as part of the government's efforts to crack down on a surge in ransomware incidents and make it difficult for bad actors to profit from such attacks using digital currencies. "Virtual currency exchanges such as<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/lEF7-AJSuc0" height="1" width="1" alt=""/>
Over the last several years, there have been numerous high-profile security breaches. These breaches have underscored the fact that traditional cyber defenses have become woefully inadequate and that stronger defenses are needed. As such, many organizations have transitioned toward a zero trust security model. A zero trust security model is based on the idea that no IT resource should be trusted<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/TD8dPwSf7Ds" height="1" width="1" alt=""/>
VMware on Tuesday published a new bulletin warning of as many as 19 vulnerabilities in vCenter Server and Cloud Foundation appliances that a remote attacker could exploit to take control of an affected system. The most urgent among them is an arbitrary file upload vulnerability in the Analytics service (CVE-2021-22005) that impacts vCenter Server 6.7 and 7.0 deployments. "A malicious actor with<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/r8ZzAQq3YU4" height="1" width="1" alt=""/>
Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property crime, netting the gang about €10 million ($11.7 million) in illegal proceeds in just a year. "The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/CWRBbPKV_2E" height="1" width="1" alt=""/>
Cybersecurity researchers on Tuesday disclosed details of an unpatched zero-day vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines. "A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the user clicks on them<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/9L96LFgOB5w" height="1" width="1" alt=""/>
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe's ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target's network 79 hours after the hack. The server, which belonged to an unnamed services company, was used to collect timesheet and accounting data for payroll as well as to host a<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/USuDSvrWDUo" height="1" width="1" alt=""/>
A recently discovered wave of malware attacks has been spotted using a variety of tactics to enslave susceptible machines with easy-to-guess administrative credentials to co-opt them into a network with the goal of illegally mining cryptocurrency. "The malware's primary tactic is to spread by taking advantage of vulnerable systems and weak administrative credentials. Once they've been infected,<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/LNnBCXKL1w0" height="1" width="1" alt=""/>
2020 was a year of relentless disruptions. The protective layer of secured enterprise networks and controlled IT environments of the physical premises did not exist. Over the past year, CISOs (Chief Information Security Officers) have had to grapple with the challenges of bolstering the security posture, minimizing risks, and ensuring business continuity in the new normal. The rise in volumes<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/CoRyQi7Q1kE" height="1" width="1" alt=""/>
A spam campaign delivering spear-phishing emails aimed at South American organizations has retooled its techniques to include a wide range of commodity remote access trojans (RATs) and geolocation filtering to avoid detection, according to new research. Cybersecurity firm Trend Micro attributed the attacks to an advanced persistent threat (APT) tracked as APT-C-36 (aka Blind Eagle), a suspected<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/0xlymO1MaG4" height="1" width="1" alt=""/>