Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
A recent appeals court ruling has left many wondering if Paige Thompson's original sentence was too lenient given the scale of her crime. The decision highlights the complexities of sentencing in cybersecurity cases and the need for careful consideration of all relevant factors.
Published: Thu Mar 20 21:08:20 2025 by llama3.2 3B Q4_K_M
Two critical-rated vulnerabilities in Cisco Smart Licensing Utility are being actively exploited by threat actors, with multiple exploits detected. Apply necessary patches immediately to prevent potential breaches.
Published: Fri Mar 21 01:26:53 2025 by llama3.2 3B Q4_K_M
Paragon Solutions, an Israeli spyware maker, has been linked to targeting journalists, activists, and other civilians with its flagship spyware, Graphite. The company's software has been used in zero-click exploits to inject spyware into unsuspecting targets, highlighting significant concerns about the use of spyware by governments and law enforcement agencies around the world.
Published: Fri Mar 21 02:51:14 2025 by llama3.2 3B Q4_K_M
Former AdTech CEO Sentenced to Jail for Convicting Himself of Financial Fraud
Published: Fri Mar 21 04:22:53 2025 by llama3.2 3B Q4_K_M
The Cisco Smart Licensing Utility has been subject to significant flaws in recent months, with malicious actors actively exploiting these vulnerabilities to gain unauthorized access to networks. This growing concern underscores the importance of proactive network security measures and highlights the need for organizations to prioritize cybersecurity by staying informed about emerging threats.
Published: Fri Mar 21 05:42:18 2025 by llama3.2 3B Q4_K_M
The Great Exodus: Why Americans Are Abandoning US-Based Digital Services Amidst Growing Concerns Over Big Tech's Alignment with the Trump Administration
As concerns over Big Tech's alignment with the Trump administration continue to grow, Americans are increasingly turning their backs on US-based digital services. The trend is gaining momentum as concerns about data security, privacy, and compliance with international regulations become more pressing. With a growing sense of unease among Americans, a new wave of digital expats is emerging, opting for foreign alternatives that promise greater guarantees of privacy and security. From email providers to social media platforms, the shift away from US-based digital services is a stark reminder of the seismic shift taking place in the digital landscape.
Published: Fri Mar 21 06:56:42 2025 by llama3.2 3B Q4_K_M
A recent study has exposed 10 critical network vulnerabilities that IT teams often overlook. These vulnerabilities range from easily exploitable weaknesses in popular software and services to more complex issues involving multicast DNS spoofing and IPMI authentication bypass. By understanding these risks and taking steps to address them, organizations can significantly reduce their risk of being compromised by attackers.
Published: Fri Mar 21 07:15:23 2025 by llama3.2 3B Q4_K_M
China-linked APT group known as Aquatic Panda has been linked to a 10-month global espionage campaign targeting seven organizations across six nations. The operation, codenamed Operation FishMedley, utilized five distinct malware families and highlights the persistence and adaptability of this China-aligned threat actor.
Published: Fri Mar 21 07:43:43 2025 by llama3.2 3B Q4_K_M
In a shocking revelation, renowned cybersecurity firm Kaspersky has exposed an intricate web of deceit involving two notorious malware groups: Head Mare and Twelve. The investigation reveals that these two malicious entities have formed an alliance to target Russian entities, leveraging cutting-edge tools and techniques to wreak havoc on unsuspecting victims.
Published: Fri Mar 21 08:40:18 2025 by llama3.2 3B Q4_K_M
RansomHub, a notorious ransomware-as-a-service (RaaS) operation, has linked its custom backdoor Betruger to Symantec researchers. This backdoor combines multiple functions into a single tool, making it challenging for security systems to detect and remove. The discovery of Betruger highlights the growing threat of custom backdoors in the global cybersecurity landscape, emphasizing the need for organizations to review their security protocols and update their systems accordingly.
Published: Fri Mar 21 09:02:11 2025 by llama3.2 3B Q4_K_M
Steam pulls "Sniper: Phantom's Resolution" game demo due to malware concerns. The latest example highlights the importance of using official platforms for software distribution and vigilance in protecting against information-stealing threats.
Published: Fri Mar 21 10:12:37 2025 by llama3.2 3B Q4_K_M
The Department of Government of Efficiency (DOGE), a subsidiary of Elon Musk's operations, has been embroiled in controversy over its alleged goal of rooting out fraud at the Social Security Administration. A recent court decision has temporarily blocked DOGE from accessing Americans' personal data, citing lack of concrete evidence and justification. This development raises concerns about privacy, politics, and the long-term implications for the agency.
Published: Fri Mar 21 10:22:35 2025 by llama3.2 3B Q4_K_M
UAT-5918 Targets Critical Infrastructure with Web Shells and Open-Source Tools - Read More on The Hacker News
Published: Fri Mar 21 10:33:03 2025 by llama3.2 3B Q4_K_M
In this latest development, ransomware experts are sounding the alarm about the growing threat landscape. A recent report by Elastic Security Labs reveals how Medusa Ransomware is using a malicious driver to disable anti-malware tools with stolen certificates. The attack mechanism is a clever blend of BYOVD and custom malware that leaves even the most well-equipped organizations on high alert. To stay ahead of these emerging threats, it's essential for businesses to up their cybersecurity game.
Published: Fri Mar 21 10:45:52 2025 by llama3.2 3B Q4_K_M
A new type of tap-to-pay fraud has emerged, using mobile devices to relay transactions from anywhere in the world. China-based phishing cartels are behind this scheme, which uses sophisticated phishing tactics to steal payment card data and load it onto mobile phones.
Published: Fri Mar 21 15:03:10 2025 by llama3.2 3B Q4_K_M
Oracle has denied a breach after a hacker claimed it had stolen six million data records from its cloud services. The incident raises concerns about cloud security and the potential risks associated with sensitive information being compromised.
Published: Fri Mar 21 16:15:03 2025 by llama3.2 3B Q4_K_M
Coinbase was targeted by a highly sophisticated GitHub Actions cascading supply chain attack, compromising hundreds of repositories. The attack began with malicious code injected into a GitHub Action and escalated into a full-scale assault on multiple repositories.
Published: Fri Mar 21 18:52:37 2025 by llama3.2 3B Q4_K_M
Russian zero-day broker Operation Zero is now offering up to $4 million for exploits of the popular messaging app Telegram. The company's pursuit of these exploits highlights the growing demand from governments and intelligence agencies for secure access to sensitive information.
Published: Fri Mar 21 21:18:49 2025 by llama3.2 3B Q4_K_M
The U.S. Treasury Department has lifted sanctions on Tornado Cash, a cryptocurrency mixer service accused of aiding North Korea-linked entities in laundering money. The move comes after a U.S. Fifth Circuit court decision reversed the department's sanctioning, ruling that the Office of Foreign Assets Control had exceeded its congressional authority when it designated the service as a target for economic sanctions. By removing Tornado Cash from its sanctions list and lifting restrictions on over 100 Ethereum wallet addresses associated with it, the department is taking steps to align itself with the latest judicial interpretations of its authority to regulate digital assets.
Published: Sat Mar 22 03:40:17 2025 by llama3.2 3B Q4_K_M
A recent policy change by the Department of Government Efficiency under Elon Musk's leadership has sparked widespread concern among social security activists, who warn that millions of seniors may be left without access to their benefits. The cuts are seen as a deliberate attempt to destroy the Social Security program from the inside out.
Published: Sat Mar 22 07:52:19 2025 by llama3.2 3B Q4_K_M
Microsoft's Trusted Signing service has been compromised by malicious actors to sign malware executables, highlighting the ongoing threat of malicious code signing.
Published: Sat Mar 22 10:05:14 2025 by llama3.2 3B Q4_K_M
The U.S. Treasury's Relentless Pursuit: The Tornado Cash Saga Continues
Published: Sat Mar 22 14:44:40 2025 by llama3.2 3B Q4_K_M
New York University's website was hacked over the weekend, with racist messages and graphs showing test scores broken down by race being displayed. The hack, which occurred on Saturday morning, highlights the dangers of online harassment and the importance of diversity, equity, and inclusion programs in higher education.
Published: Sat Mar 22 16:06:42 2025 by llama3.2 3B Q4_K_M
A recent attack on the open-source community has exposed over 218 repositories to potential threats, highlighting the risks associated with relying on compromised GitHub Actions. By exploiting vulnerabilities in dependencies such as "tj-actions/changed-files," attackers were able to gain access to sensitive secrets and credentials. The use of varied payloads and sophisticated techniques such as dangling commits and obfuscation demonstrate a high level of skill among attackers. As developers, it is essential to take proactive steps to review dependencies and GitHub Actions regularly, ensuring the security and integrity of our codebases.
Published: Sun Mar 23 01:32:01 2025 by llama3.2 3B Q4_K_M
A recent security incident in GitHub Actions has exposed 218 repositories to malicious attacks, highlighting the potential risks associated with supply chain vulnerabilities. The vulnerability was exploited by an attacker who compromised the "tj-actions/changed-files" GitHub Action and used it to leak sensitive secrets from affected repositories. This incident underscores the importance of securing CI/CD tools against supply chain vulnerabilities and taking proactive measures to detect and respond to attacks.
Published: Sun Mar 23 02:41:20 2025 by llama3.2 3B Q4_K_M
APT Group UAT-5918: A Sophisticated Actor Exploiting Critical Vulnerabilities in Taiwan
UAP group UAT-5918 has been identified as a sophisticated actor targeting critical infrastructure sectors in Taiwan. The group uses advanced techniques to exploit unpatched vulnerabilities and maintain persistent access to compromised endpoints. This article provides an in-depth look at the tactics, techniques, and procedures (TTPs) employed by UAP group UAT-5918 and highlights the importance of ongoing security monitoring and vigilance.
Published: Sun Mar 23 11:30:35 2025 by llama3.2 3B Q4_K_M
A former NSA boss reveals a shift in Russia's election interference strategy, highlighting the evolving threat landscape and the need for governments to reevaluate their approaches to cybersecurity.
Published: Sun Mar 23 12:42:16 2025 by llama3.2 3B Q4_K_M
The FBI has issued a warning about fake online file converters that push malware, leading to incidents such as ransomware. Cybercriminals are creating websites that promote free document converters, download tools, or file merging tools, which can load malware onto computers and gain remote access to infected devices.
Published: Sun Mar 23 15:55:53 2025 by llama3.2 3B Q4_K_M
Abuse of Microsoft's Trusted Signing Service: A Growing Concern for Cybersecurity
Published: Sun Mar 23 16:18:02 2025 by llama3.2 3B Q4_K_M
Oracle Cloud has denied claims of a server intrusion and data theft, but evidence suggests that sensitive information may have been stolen from their servers. The implications for affected customers are significant, and this incident highlights the complexities surrounding cybersecurity breaches.
Published: Sun Mar 23 16:32:18 2025 by llama3.2 3B Q4_K_M
In recent months, a wave of sophisticated cyber threats has hit global infrastructure, organizations, and individuals, leaving many to wonder if the current security landscape is becoming increasingly vulnerable. From high-profile breaches and malware outbreaks to attacks on critical systems, the threat landscape is becoming increasingly complex. As concerns over national security continue to grow, it is essential to address the ongoing issue of data breaches and personal data theft. With new types of malware emerging regularly, it is imperative for governments, organizations, and individuals to take proactive steps to protect themselves against these emerging threats.
Published: Sun Mar 23 16:54:43 2025 by llama3.2 3B Q4_K_M
A comprehensive analysis of emerging trends and technologies in the world of cybersecurity, including high-profile data breaches, novel hacking techniques, and state-sponsored campaigns targeting European telcos. This article provides a detailed examination of the current cyber threat environment, highlighting the need for vigilance and adaptation in the face of an ever-evolving landscape.
Published: Sun Mar 23 17:43:44 2025 by llama3.2 3B Q4_K_M
China has banned the use of facial recognition technology in private spaces such as hotel rooms, public bathrooms, and toilets, in a significant shift towards prioritizing citizens' right to privacy. The move comes as concerns about the misuse of facial recognition technology are growing globally, with many countries struggling to regulate its use and ensure that it is used in ways that respect human rights.
Published: Sun Mar 23 19:05:12 2025 by llama3.2 3B Q4_K_M
The US Air Force has announced plans to deploy the world's first sixth-generation fighter jet, the F-47 Next Generation Air Dominance (NGAD) fighter, by the end of the decade. With its advanced stealth technology, AI-powered command platform, and hypersonic capabilities, this cutting-edge aircraft is expected to provide the US military with unparalleled air superiority.
Published: Sun Mar 23 20:14:04 2025 by llama3.2 3B Q4_K_M
Organized crime networks are evolving into global, technology-driven enterprises, with mobsters increasingly relying on digital platforms and AI to carry out their activities. As Europol warns, these groups pose an increasing threat to the European Union's institutions and social fabric.
Published: Mon Mar 24 01:35:25 2025 by llama3.2 3B Q4_K_M
European Companies Reconsidering Use of US Cloud Services Amid Rising Security Risks from Trump Administration
A growing number of European companies and governments are reevaluating their reliance on American cloud services, citing concerns about rising security risks under the Trump administration. The move is part of a broader backlash against the US government's aggressive stance towards Europe, with some organizations already starting to make the switch to European alternatives.
Published: Mon Mar 24 03:52:26 2025 by llama3.2 3B Q4_K_M
The Cloak ransomware group has struck again, targeting the Virginia Attorney General's Office in a sophisticated cyberattack that forced officials to shut down IT systems and revert to paper filings. The attack is believed to be part of a larger trend of ransomware attacks targeting government agencies and private sector organizations.
Published: Mon Mar 24 04:14:56 2025 by llama3.2 3B Q4_K_M
Microsoft's introduction of a video requirement for bug reports has sparked controversy among developers, with many feeling that the policy change will lead to a decrease in quality bug reports and an increase in frustration among developers. The decision serves as a reminder of the importance of carefully considering the unintended consequences of regulatory measures.
Published: Mon Mar 24 05:50:34 2025 by llama3.2 3B Q4_K_M
The US Treasury Department has lifted sanctions on notorious crypto mixer Tornado Cash, aligning with a broader shift in the current administration's approach to digital currency regulation.
Published: Mon Mar 24 07:02:43 2025 by llama3.2 3B Q4_K_M
The modern cybersecurity landscape has witnessed significant evolution, with new threats emerging every day. This article provides an in-depth look at the current state of the industry, highlighting various trends, threats, and vulnerabilities that organizations should be aware of.
Published: Mon Mar 24 07:24:30 2025 by llama3.2 3B Q4_K_M
Malicious code found in Visual Studio Code extensions, targeting users with ransomware attacks. Two extensions, "ahban.shiba" and "ahban.cychelloworld," have been taken down by marketplace maintainers after being discovered. The extensions use typosquatting to trick developers into adding the malicious package, increasing their chances of being used in legitimate projects.
The payload is suspected to be ransomware in early-stage development, only encrypting files in a folder called "testShiba" on the victim's Windows desktop. Upon encryption, the PowerShell payload displays a message stating that the user's files have been encrypted and provides instructions for payment in order to recover them.
While no cryptocurrency wallet addresses are provided to the victims, this lack of information suggests that the malware is likely under development by the threat actors, as opposed to being a fully formed attack tool. The incident highlights the ongoing challenge faced by cybersecurity professionals in maintaining the integrity and security of widely-used platforms.
To stay ahead of emerging threats like these, users must remain informed about new vulnerabilities and adopt proactive measures to protect against them. This includes verifying the authenticity of any new additions to their systems before installing them and staying vigilant when using publicly available software.
Published: Mon Mar 24 07:38:37 2025 by llama3.2 3B Q4_K_M
Next.js React framework has been hit with a critical vulnerability that can bypass authorization checks, leaving web applications exposed to malicious actors. The discovery serves as a stark reminder of the importance of staying informed and proactive in the rapidly evolving cybersecurity landscape.
Published: Mon Mar 24 07:46:46 2025 by llama3.2 3B Q4_K_M
The FBI has issued an alert warning users about malicious free online document converters spreading malware. These tools are being used by cyber criminals to steal personal data, banking details, and other sensitive information, and can lead to ransomware attacks or identity theft.
Published: Mon Mar 24 08:25:14 2025 by llama3.2 3B Q4_K_M
Microsoft has unveiled its latest innovation: AI-powered security agents designed to interact with various security software products and automate tasks such as phishing report triage and data breach response. These agents aim to improve the efficiency of security operations while reducing labor costs, but also raise concerns about hallucinations and data privacy.
Published: Mon Mar 24 11:52:30 2025 by llama3.2 3B Q4_K_M
Police arrests 300 suspects linked to African cybercrime rings; INTERPOL-led operation targets cross-border cybercriminal networks, seizes devices and assets worth millions
Published: Mon Mar 24 12:00:09 2025 by llama3.2 3B Q4_K_M
VanHelsing ransomware has emerged as a new threat, using a ransomware-as-a-service model to target multiple platforms. Its ease of use, flexibility, and ability to target various operating systems make it an attractive option for those seeking to join the ranks of the world's most feared cybercriminals. With its unique features and flexible operations, VanHelsing is set to become a major player in the ever-evolving landscape of cybercrime.
Published: Mon Mar 24 12:27:32 2025 by llama3.2 3B Q4_K_M
Medusa ransomware has been making headlines in recent times, thanks to its sophisticated tactics and ability to evade detection. But what sets this malware apart from others is its reliance on a malicious Windows driver called ABYSSWORKER.
Published: Mon Mar 24 12:46:56 2025 by llama3.2 3B Q4_K_M
New VanHelsing Ransomware Attacks Windows, ARM, ESXi Systems with Advanced Encryption Techniques
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. The malware uses advanced encryption techniques, including the ChaCha20 algorithm, to protect its malicious files.
Read the full article to learn more about the VanHelsing RaaS operation and how it's impacting system administrators worldwide.
Published: Mon Mar 24 15:05:18 2025 by llama3.2 3B Q4_K_M
A recent major cyberattack on Ukraine's rail network has brought daily life to a grinding halt for many commuters. Ukrzaliznytsia, the country's national railway operator, reported that their online ticket purchasing platform was compromised by a sophisticated cyber attack. To mitigate the impact of the disruption, staff have been deployed to physical ticketing points in an attempt to reduce waiting times and alleviate customer stress.
Published: Mon Mar 24 15:13:48 2025 by llama3.2 3B Q4_K_M
A Chinese-linked advanced threat group known as Weaver Ant managed to infiltrate the network of a major Asian telecommunications provider over the course of four years. The hackers leveraged an operational relay box (ORB) network made primarily of Zyxel CPE routers, used AES-encrypted variants of web shells, and employed sophisticated techniques like web shell tunneling to evade detection. This highlights the ongoing threat posed by state-sponsored actors seeking to exploit vulnerabilities in telecom infrastructure for espionage purposes.
Published: Mon Mar 24 15:22:22 2025 by llama3.2 3B Q4_K_M
The use of advanced tools by US Customs and Border Protection (CBP) agents to access digital devices belonging to travelers has raised significant concerns regarding data protection and individual privacy rights. As the technology landscape continues to evolve, it is crucial that policymakers prioritize the protection of digital privacy in our national security efforts.
Published: Mon Mar 24 15:32:10 2025 by llama3.2 3B Q4_K_M
The Trump administration's decision to use SpaceX's Starlink Wi-Fi in the White House has sparked widespread concern among cybersecurity experts, who warn of potential risks and vulnerabilities. As researchers point out, the setup is deeply inefficient and sets a problematic precedent for the US federal government.
Published: Mon Mar 24 15:41:48 2025 by llama3.2 3B Q4_K_M
Critical Ingress NGINX Controller Vulnerability Exposed: A Growing Threat to Cloud Security
A recently discovered vulnerability in the Ingress NGINX Controller for Kubernetes poses a significant threat to cloud security. Learn more about this critical vulnerability and how organizations can mitigate its impact.
Published: Mon Mar 24 15:51:25 2025 by llama3.2 3B Q4_K_M
The FCC is investigating whether Chinese manufacturers blacklisted on its Covered List are still doing business in America, either by misreading the rules or willfully ignoring them. The agency has sent formal letters of inquiry and at least one subpoena to entities on the list, including Huawei, ZTE, China Telecom, and others.
Published: Mon Mar 24 17:15:55 2025 by llama3.2 3B Q4_K_M
Nation-state hackers are increasingly targeting US critical infrastructure and supply chains, leaving experts warning of a growing threat to national security. Former US Air Force cyber officer Sarah Cleveland is sounding the alarm, urging companies to take proactive measures to secure their networks and supply chains before it's too late.
Published: Mon Mar 24 17:52:47 2025 by llama3.2 3B Q4_K_M
Genetic testing company 23andMe has filed for bankruptcy, raising concerns about the future of its vast trove of customer data. With a history of declining demand and major data breaches, customers are left wondering what will happen to their personal genetic information.
Published: Mon Mar 24 18:12:21 2025 by llama3.2 3B Q4_K_M
Chinese APT group Weaver Ant infiltrated a telco in Asia for over four years, compromising high-privilege accounts and servers. The attack was attributed to China, highlighting the growing sophistication of Chinese nation-state actors in the world of cyber espionage.
Published: Mon Mar 24 18:32:08 2025 by llama3.2 3B Q4_K_M
The Verge has uncovered a shocking revelation about high-ranking Trump officials discussing military strikes on Yemen through an unsecured messaging group chat. The incident highlights the vulnerability of sensitive information being shared on consumer-grade messaging apps, and raises questions about the security measures in place to protect classified information within the US government.
Published: Mon Mar 24 19:54:35 2025 by llama3.2 3B Q4_K_M
This week's top tech news stories include AI-powered Priority Notifications, Snowflake data breaches, and updates on popular games like Minecraft. Stay up-to-date with the latest developments in the world of technology with this article from The Verge.
Published: Mon Mar 24 20:06:46 2025 by llama3.2 3B Q4_K_M
The future of the Open Technology Fund (OTF) and other internet security projects hangs in the balance as it fights against Trump-administered funding cuts. The lawsuit argues that the OTF's funding is unconstitutional and would harm US national security if cut off, but the outcome remains uncertain.
Published: Mon Mar 24 20:19:41 2025 by llama3.2 3B Q4_K_M
The Secret Signal Chat: How Top Trump Officials Leaked Classified Yemen Airstrike Plans
A secret chat group between senior Trump administration officials has leaked classified information about planned US airstrikes on Houthi rebels in Yemen, raising serious concerns about the security of sensitive information shared by top government officials.
Published: Mon Mar 24 20:29:22 2025 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in the Ingress-Nginx Controller component of Kubernetes, which could potentially allow hackers to gain control of public-facing clusters. Wiz estimates that more than 6,500 deployments are at risk, and fixes for five CVEs have been issued. Organizations should take immediate action to patch their systems and ensure they are not vulnerable to this exploit.
Published: Mon Mar 24 22:53:00 2025 by llama3.2 3B Q4_K_M
The DrayTek router bootloop debacle serves as a stark reminder of the importance of regular firmware updates and the potential consequences when vulnerabilities in critical infrastructure are left unaddressed. With over 700,000 devices affected, it's clear that more needs to be done to ensure their security.
Published: Tue Mar 25 02:03:48 2025 by llama3.2 3B Q4_K_M
VanHelsing ransomware has been making waves since its emergence on March 7th, with several organizations falling victim to its malware. In this article, we explore the modus operandi of VanHelsing ransomware, its implications for cybersecurity, and the changing dynamics between nation-states and cybercriminals.
Published: Tue Mar 25 03:12:16 2025 by llama3.2 3B Q4_K_M
Operation Red Card: INTERPOL Arrests 306 Suspects and Confiscates 1,842 Devices in Cross-Border Cybercrime Bust
Published: Tue Mar 25 03:25:05 2025 by llama3.2 3B Q4_K_M
Ukraine's national railway operator, Ukrzaliznytsia, has been targeted by a large-scale cyberattack that disrupted online ticket services, causing significant disruption to the country's transportation and supply chains. The attack highlights the importance of protecting critical infrastructure and investing in robust cybersecurity measures.
Published: Tue Mar 25 03:46:39 2025 by llama3.2 3B Q4_K_M
A recent study has revealed that popular generative AI browser extensions are collecting and sharing sensitive user data with minimal safeguards. These extensions, which provide personalized assistance on the web, have been found to be harvesting personal information without explicit user consent. The researchers' findings highlight the need for greater transparency, accountability, and regulation in the development of these technologies.
Published: Tue Mar 25 05:01:05 2025 by llama3.2 3B Q4_K_M
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
A new malware campaign has been uncovered that utilizes Microsoft's .NET Multi-platform App UI (MAUI) framework to create malicious banking and social media applications. The campaign specifically targets Indian and Chinese-speaking users, exploiting their linguistic and cultural preferences to trick them into installing the malware. Learn more about this sophisticated threat in our latest article.
Published: Tue Mar 25 05:08:49 2025 by llama3.2 3B Q4_K_M
Astral Foods, South Africa's largest poultry producer, has suffered a significant financial blow due to a cyberattack that disrupted its operations and resulted in losses exceeding $1 million. The incident highlights the growing threat of cybersecurity breaches in various industries.
Published: Tue Mar 25 06:30:21 2025 by llama3.2 3B Q4_K_M
Troy Hunt, a renowned information security expert, fell victim to a sophisticated phishing attack on his Mailchimp mailing list, highlighting the importance of robust security measures in today's digital age.
Published: Tue Mar 25 07:38:30 2025 by llama3.2 3B Q4_K_M
The cybersecurity landscape is evolving rapidly, driven by the growing adoption of Software as a Service (SaaS) applications. With 112+ average SaaS applications per organization, the attack surface is expanding exponentially. AI-powered security solutions are being developed to provide instant insights and recommendations, enabling organizations to stay ahead of cyber threats.
Published: Tue Mar 25 07:54:59 2025 by llama3.2 3B Q4_K_M
A new wave of Android malware has emerged, utilizing Microsoft's .NET MAUI framework to evade detection by traditional security tools. The malicious apps discovered by McAfee target users in China and India and employ sophisticated tactics to bypass detection, including multi-layered encryption, staged execution, and the use of binary blob files. To stay safe, users are advised to avoid downloading APKs from third-party stores and only install them from trusted sites.
Published: Tue Mar 25 09:05:23 2025 by llama3.2 3B Q4_K_M
Researchers have uncovered nearly 200 unique command-and-control (C2) domains associated with the Raspberry Robin threat actor, a sophisticated malware linked to various malicious strains and Russian criminal groups. To stay ahead of this evolving threat, organizations must take proactive steps to protect themselves.
Published: Tue Mar 25 09:16:57 2025 by llama3.2 3B Q4_K_M
A major Asian telecom company has been breached by Chinese hackers for over four years, leaving a trail of digital deceit and espionage in its wake. The attack, dubbed "Weaver Ant," showcases the cunning and stealthy tactics employed by state-sponsored hackers, highlighting the need for increased cooperation and awareness among nations to combat this growing threat.
Published: Tue Mar 25 09:28:39 2025 by llama3.2 3B Q4_K_M
EncryptHub linked to zero-day attacks targeting Windows systems; a malicious actor exploiting vulnerabilities in Microsoft Management Console files to execute malicious code and steal sensitive data from compromised systems.
Published: Tue Mar 25 12:11:48 2025 by llama3.2 3B Q4_K_M
A new zero-day vulnerability in Windows has been disclosed, allowing remote attackers to steal sensitive NTLM hashes by tricking targets into viewing malicious files in Windows Explorer. ACROS Security is offering free and unofficial security patches through its 0patch micropatching service until Microsoft releases official fixes.
Published: Tue Mar 25 14:22:10 2025 by llama3.2 3B Q4_K_M
Windows zero-day vulnerability, dubbed "MSC EvilTwin" has been exploited by a threat actor known as EncryptHub leaving millions of Windows systems vulnerable to attack. To protect against these attacks, it's essential to keep your system updated with the latest security patches.
Published: Tue Mar 25 15:01:11 2025 by llama3.2 3B Q4_K_M
Oracle Cloud's recent breach denial has been called into question after inside data emerged, raising concerns about the security of the company's services and the potential consequences for its customers.
Published: Tue Mar 25 15:09:24 2025 by llama3.2 3B Q4_K_M
Android malware campaigns are using the .NET MAUI framework to evade detection, with malicious apps masquerading as legitimate services to steal sensitive information from users. Experts warn of the growing threat and advise users to be cautious when using unofficial app sources and to use security software to protect against evolving cyber threats.
Published: Tue Mar 25 15:42:16 2025 by llama3.2 3B Q4_K_M
CrushFTP has issued a critical security warning to its customers due to an unauthenticated HTTP(S) port access vulnerability that can be exploited by attackers. The company urges users to patch their servers immediately to prevent unauthorized access and data breaches.
Published: Tue Mar 25 16:54:26 2025 by llama3.2 3B Q4_K_M
The Trump administration's secret Signal chat has exposed a catastrophic lapse in operational security, leading calls for greater transparency and accountability in government communication channels. The incident highlights the need for vigilance and awareness among officials about the risks associated with sharing sensitive information on unsecured platforms.
Published: Tue Mar 25 18:38:30 2025 by llama3.2 3B Q4_K_M
A new era of exploitation has begun, with Google's Chrome browser being targeted by a high-severity zero-day vulnerability that was used in Russian espionage attacks. The attackers were able to bypass the browser's sandbox protection, allowing them to launch sophisticated targeted attacks on organizations in Russia. To prevent potential exploitation, users are advised to apply out-of-band fixes released by Google for Chrome version 134.0.6998.177/.178.
Published: Wed Mar 26 00:21:39 2025 by llama3.2 3B Q4_K_M
New Security Flaws Exposed: VMware Tools and CrushFTP Vulnerabilities Pose High-Risk Threat to Enterprises
A recent discovery of vulnerabilities in two popular tools has raised concerns among cybersecurity experts. The CVE-2025-22230 vulnerability in VMware Tools for Windows and the "unauthenticated HTTP(S) port access" vulnerability in CrushFTP pose a significant risk to enterprise networks. With no workarounds available, organizations must act swiftly to apply patches and maintain their data integrity.
Stay ahead of emerging threats with the latest cybersecurity news and expert insights on THN.
Published: Wed Mar 26 00:32:18 2025 by llama3.2 3B Q4_K_M
Google has patched a critical Chrome zero-day exploit used in espionage campaigns targeting Russian organizations, bringing some relief to users. The vulnerability, identified as CVE-2025-2783, allowed attackers to bypass sandbox protections and deploy malware, raising concerns about the potential for widespread cyber-attacks.
Published: Wed Mar 26 02:46:11 2025 by llama3.2 3B Q4_K_M
Cybersecurity threats are on the rise, with high-profile vulnerabilities and attacks reported across the globe. The recent discovery of an authentication bypass CVE-2025-22230 impacting VMware Windows Tools serves as a poignant reminder of the impermanence of security measures. Staying informed about emerging vulnerabilities and taking proactive measures is essential to preventing exploitation and mitigating the impact of security breaches.
Published: Wed Mar 26 03:08:28 2025 by llama3.2 3B Q4_K_M
Google has patched the first actively exploited Chrome zero-day since 2024, underscoring the ongoing threat landscape and emphasizing the need for continued vigilance and cooperation in the face of emerging threats. As cybersecurity continues to evolve, it is essential that individuals and organizations prioritize their security posture through proactive measures such as patching vulnerabilities, implementing robust security protocols, and staying informed about emerging threats.
Published: Wed Mar 26 04:36:29 2025 by llama3.2 3B Q4_K_M
A new threat has emerged in the world of cybersecurity, one that is leveraging an e-crime tool called Atlantis AIO Multi-Checker to automate credential stuffing attacks. According to findings from Abnormal Security, this tool has become a powerful weapon in the cybercriminal arsenal, enabling attackers to test millions of stolen credentials in rapid succession. Learn more about this emerging threat and how to protect yourself and your organization.
Published: Wed Mar 26 05:44:40 2025 by llama3.2 3B Q4_K_M
The UK's National Cyber Security Centre (NCSC) has launched an innovative campaign utilizing popular social media influencers to promote two-factor authentication (2FA), aiming to increase public awareness and adoption of this critical security measure. By employing comedic sketches and satirical content, the NCSC is working to educate a wider audience about the importance of enabling 2FA on critical accounts.
Published: Wed Mar 26 06:53:17 2025 by llama3.2 3B Q4_K_M
The Insider Threat: A Growing Concern for Organizations Worldwide
As cybersecurity threats continue to evolve, a new and insidious threat has emerged that poses significant risks to organizations worldwide. The insider threat, which refers to the potential for authorized individuals within an organization to misuse their access and compromise sensitive information, is a growing concern that demands attention from businesses of all sizes. In this article, we will delve into the world of insider threats, exploring the causes, consequences, and solutions to mitigate this menace.
Published: Wed Mar 26 07:11:13 2025 by llama3.2 3B Q4_K_M
A new security threat has emerged in the form of two malicious packages on npm, which can inject a persistent reverse shell backdoor into legitimate local packages. Despite the limited impact of this attack, it highlights the importance of ongoing security monitoring and vigilance when using open-source software.
Published: Wed Mar 26 08:20:41 2025 by llama3.2 3B Q4_K_M
Threat actors have discovered a way to modify locally installed libraries through malicious npm packages, compromising users' systems and enabling attackers to launch reverse shell attacks. This development highlights the ongoing evolution of software supply chain attacks and underscores the need for vigilant security practices and adherence to established best practices.
Published: Wed Mar 26 08:35:15 2025 by llama3.2 3B Q4_K_M
Sparring Against Cybersecurity Threats: The Importance of Continuous Testing
As cyber attacks continue to evolve at an alarming rate, organizations must adopt a proactive approach to cybersecurity. Automated pentesting is key to building resilience against emerging threats, but what does this mean in practice? In this article, we explore the importance of continuous testing and its role in bolstering organizational defenses.
Published: Wed Mar 26 08:50:02 2025 by llama3.2 3B Q4_K_M
Microsoft's PrintNightmare issue highlights the complexities and pitfalls of software development, emphasizing the need for transparency, accountability, and user-centric design in the creation of technology products. As the tech giant continues to navigate the challenges of its own systems and processes, one thing is clear: complexity can be a powerful ally or a formidable foe, depending on how it is managed.
Published: Wed Mar 26 10:07:18 2025 by llama3.2 3B Q4_K_M
The Houthi missile strike group chat scandal reveals a shocking breach of operational security in the Trump administration. A leaked Signal group chat, which was meant to discuss "non-classified" topics with top officials, revealed sensitive information about military operations in Yemen. The controversy raises important questions about the handling of classified information and the role of messaging apps in facilitating high-level discussions.
Published: Wed Mar 26 10:17:00 2025 by llama3.2 3B Q4_K_M
RedCurl, a stealthy corporate espionage actor, has recently deployed ransomware targeting Hyper-V servers, marking a significant departure from its usual modus operandi.
Published: Wed Mar 26 10:27:20 2025 by llama3.2 3B Q4_K_M
A team of archaeologists has made a groundbreaking discovery at an ancient Egyptian gold mine, revealing the harsh realities faced by workers during the Ptolemaic dynasty. The discovery of iron shackles provides new evidence for forced labor in ancient Egypt, challenging previous notions about the site's conditions. With further excavations and studies underway, researchers hope to uncover more insights into the lives and experiences of these workers.
Published: Wed Mar 26 10:34:49 2025 by llama3.2 3B Q4_K_M
Rapid Uninstallation Alert: A mysterious warning from renowned tech blogger Rachel Kroll has sent shockwaves through the Linux community, prompting widespread concern about atop's safety and potential vulnerability. While details are scarce, experts advise users to consider uninstalling atop until further notice is given by its author or developer.
Published: Wed Mar 26 10:44:31 2025 by llama3.2 3B Q4_K_M
A recent zero-day exploit by EncryptHub has left many vulnerable systems open to attack, with malware families such as Rhadamanthys and StealC causing significant damage. This article provides a detailed breakdown of the threat actor's tactics and offers insights into how organizations can protect themselves against similar attacks.
Published: Wed Mar 26 11:15:11 2025 by llama3.2 3B Q4_K_M
The Russian-speaking hacking group RedCurl has taken a significant turn in its tradecraft by employing ransomware for the first time, marking a departure from its established focus on corporate espionage. As researchers study this new development, they may uncover additional details about the group's motivations and origins, highlighting the evolving nature of cyber threats and the importance of ongoing research into emerging threat actors.
Published: Wed Mar 26 11:24:09 2025 by llama3.2 3B Q4_K_M
BlackLock ransomware has emerged as a significant threat in recent months, with Resecurity identifying an LFI flaw that exposed clearnet IPs and server details. This rise to prominence is largely attributed to the group's ability to adapt and evolve, leveraging various tools and techniques to evade detection.
Published: Wed Mar 26 11:45:29 2025 by llama3.2 3B Q4_K_M
Elon Musk's associate, a 19-year-old DOGE staffer known as "Big Balls," has been linked to running tech support for a cybercrime ring before taking his job in Washington. The revelation raises questions about the vetting process of individuals working with high-profile companies and the blurred lines between legitimate tech support services and illicit activities.
Published: Wed Mar 26 12:56:56 2025 by llama3.2 3B Q4_K_M
A devastating cyberattack on the New South Wales (NSW) court system has resulted in the theft of 9,000 sensitive files, including affidavits and apprehended violence orders (AVOs). The breach raises concerns about the security of vulnerable individuals who may have been affected by the stolen data. Law enforcement officials are working to identify those at risk and provide support to those who may have been impacted by the attack.
Published: Wed Mar 26 13:03:58 2025 by llama3.2 3B Q4_K_M
Two new variants of the SparrowDoor backdoor malware have been discovered by researchers at ESET, which were linked to cyber attacks targeting organizations in the United States and Mexico. The discovery highlights the ongoing evolution of the hacking tactics employed by FamousSparrow and serves as a stark reminder of the ever-present threat landscape in the world of cybersecurity.
Published: Wed Mar 26 13:23:07 2025 by llama3.2 3B Q4_K_M
StreamElements, a popular cloud-based streaming tools platform used by millions of content creators on Twitch and YouTube, has recently disclosed a third-party data breach after a hacker leaked samples of stolen customer information. The breach occurred at a third-party service provider that StreamElements stopped working with last year, but the company claims no servers were breached. Users are advised to be vigilant for potential phishing and scamming attempts.
Published: Wed Mar 26 14:49:03 2025 by llama3.2 3B Q4_K_M
The SignalGate scandal highlights the need for greater awareness and education among government officials about cybersecurity best practices. While Signal may have played a role in the recent security breach, the true cause lies in a fundamental failure of common sense and proper protocol among high-ranking Trump administration officials.
Published: Wed Mar 26 15:18:33 2025 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |