Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent

The Hacker News
Open in Source
#vulnerability#microsoft#intel#backdoor#rce#auth#The Hacker News
New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users

Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka DarkCrystal RAT) by means of a technique known as HTML smuggling. The development marks the first time the malware has been deployed using this method, a departure from previously observed delivery vectors such as compromised or fake websites, or phishing emails bearing PDF

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through

Congress Advances Bill to Add AI to National Vulnerability Database

The AI Incident Reporting and Security Enhancement Act would allow NIST to create a process for reporting and tracking vulnerabilities found in AI systems.

Are hardware supply chain attacks “cyber attacks?”

It shouldn’t just be viewed as a cybersecurity issue, because for a hardware supply chain attack, an adversary would likely need to physically infiltrate or tamper with the manufacturing process.

ABB Cylon Aspect 3.07.01 Hard-Coded Credentials

ABB Cylon Aspect version 3.07.01 BMS/BAS controller is operating with default and hard-coded credentials contained in install package while exposed to the Internet.

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.

Moving DevOps Security Out of the 'Stone Age'

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.