The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploitsby [email protected] (Ravie Lakshmanan) on May 20, 2022 at 11:55 am
Google's Threat Analysis Group (TAG) on Thursday pointed fingers at a North Macedonian spyware developer named Cytrox for developing exploits against five zero-day (aka 0-day) flaws, four in Chrome and one in Android, to target Android users. "The 0-day exploits were used alongside n-day exploits as the developers took advantage of the time difference between when some critical bugs were patched
- Microsoft Warns Rise in XorDdos Malware Targeting Linux Devicesby [email protected] (Ravie Lakshmanan) on May 20, 2022 at 11:18 am
A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use of XOR-based encryption for communications with its command-and-control (C2) server, is known to have been active since at least 2014. "XorDdos' modular
- Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelinesby [email protected] (Ravie Lakshmanan) on May 20, 2022 at 10:41 am
A case of software supply chain attack has been observed in the Rust programming language's crate registry that leveraged typosquatting techniques to publish a rogue library containing malware. Cybersecurity firm SentinelOne dubbed the attack "CrateDepression." Typosquatting attacks take place when an adversary mimics the name of a popular package on a public registry in hopes that developers
- Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoorby [email protected] (Ravie Lakshmanan) on May 20, 2022 at 10:23 am
The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart. "The attacker used the Log4j vulnerability on VMware Horizon products that were not applied with the security patch," AhnLab Security Emergency Response Center (ASEC) said in a
- Hackers Trick Users with Fake Windows 11 Downloads to Distribute Vidar Malwareby [email protected] (Ravie Lakshmanan) on May 20, 2022 at 6:30 am
Fraudulent domains masquerading as Microsoft's Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems with the Vidar information stealer malware. "The spoofed sites were created to distribute malicious ISO files which lead to a Vidar info-stealer infection on the endpoint," Zscaler said in a report. "These variants of Vidar malware
UK Computer Companies - Business Directory Uk - Business listings for computer repair, support and hardware companies
Computer Networking, Network Directory - Computer networking solutions providers and companies