New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part...

So long and thanks for all the bits

Ian Levy, the NCSC’s departing Technical Director, discusses life, the universe, and everything....

U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service

A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in...

This 9-Course Bundle Can Take Your Cybersecurity Skills to the Next Level

If you regularly read The Hacker News, there’s a fair chance that you know something...

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android...

Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military

The threat actor behind a remote access trojan called RomCom RAT has been observed targeting...

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector

A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious...

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities

Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in...

VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform

VMware on Tuesday shipped security updates to address a critical security flaw in its VMware...

1 Comment

22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as...

Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company

The Hive ransomware-as-a-service (RaaS) group has claimed responsibility for a cyber attack against Tata Power that was...

Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog

Cybersecurity researchers have disclosed details about a pair of vulnerabilities in Microsoft Windows, one of...

How the Software Supply Chain Security is Threatened by Hackers

Introduction In many ways, the software supply chain is similar to that of manufactured goods,...

Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards

Two point-of-sale (PoS) malware variants have been put to use by a threat actor to...

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS...

Download eBook: Top virtual CISOs share 7 tips for vCISO service providers

Virtual Chief Information Security Officer (vCISO) services (also known as ‘Fractional CISO’ or ‘CISO-as-a-Service’) are...

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

SideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official...

CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware

U.S. cybersecurity and intelligence agencies have published a joint advisory warning of attacks perpetrated by...

Why Ransomware in Education on the Rise and What That Means for 2023

The breach of LA Unified School District (LAUSD) highlights the prevalence of password vulnerabilities, as...

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network

Researchers have disclosed details about a now-patched critical flaw in the Move virtual machine that...

Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware

The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage...

Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver...

Hackers Started Exploiting Critical “Text4Shell” Apache Commons Text Vulnerability

WordPress security company Wordfence on Thursday said it started detecting exploitation attempts targeting the newly...

A Quick Look at the “Strengthening America’s Cybersecurity” Initiative

Acknowledging that you have a problem is the first step to addressing the problem in...

Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak

Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following...

Google Launches GUAC Open Source Project to Secure Software Supply Chain

Google on Thursday announced that it’s seeking contributors to a new open source initiative called...

OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million Scheme

A Russian-speaking ransomware group dubbed OldGremlin has been attributed to 16 malicious campaigns aimed at...

IOTW: Medibank confirms 200GB of customer data stolen

Medibank is working with the Australian Federal Police to assess how customers have been affected...

Hackers Using New Version of FurBall Android Malware to Spy on Iranian Citizens

The Iranian threat actor known as Domestic Kitten has been attributed to a new mobile...

1 Comment

Not All Sandboxes Are for Children: How to Secure Your SaaS Sandbox

When creating a Sandbox, the mindset tends to be that the Sandbox is considered a...