New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices Dec 07, 2023The Hacker NewsMobile Security / Vulnerability A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a Read more…
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers Dec 06, 2023NewsroomVulnerability / Web Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. “The vulnerability in ColdFusion (CVE-2023-26360) Read more…
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents Dec 01, 2023NewsroomCyber Espionage / Cryptocurrency The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to Read more…
Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan Dec 01, 2023NewsroomMalware / Cyber Espionage A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The Read more…
U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers Nov 30, 2023NewsroomHacking / Cryptocurrency The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. “Sinbad has processed millions Read more…
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S. Nov 29, 2023NewsroomCyber Attack / Hacking The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it’s responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority Read more…
Hackers Can Exploit ‘Forced Authentication’ to Steal Windows NTLM Tokens Nov 28, 2023NewsroomCyber Attack / Vulnerability Cybersecurity researchers have discovered a case of “forced authentication” that could be exploited to leak a Windows user’s NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access Read more…
How Hackers Phish for Your Users’ Credentials and Sell Them Nov 28, 2023The Hacker NewsCybercrime / Breach Prevention Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization’s entire network at risk. According Read more…
N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection Nov 28, 2023NewsroomMalware / Cyber Espionage The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed “mixing and matching” different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. Read more…
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack Nov 23, 2023NewsroomSoftware Supply Chain Attack A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via Read more…