The Hacker News
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals.
- New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin Americaby info@thehackernews.com (The Hacker News) on June 2, 2023 at 12:03 pm
Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. “Horabot enables the threat actor to control the victim’s Outlook mailbox, exfiltrate contacts’ email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim’s mailbox,” Cisco Talos researcher Chetan Raghuprasad
- The Importance of Managing Your Data Security Postureby info@thehackernews.com (The Hacker News) on June 2, 2023 at 10:16 am
Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it? Data security posture management (DSPM) became mainstream following the publication
- Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gatheringby info@thehackernews.com (The Hacker News) on June 2, 2023 at 10:08 am
The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of “basic machine enumeration and command execution via PowerShell or Goroutines.” What the malware lacks in
- North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacksby info@thehackernews.com (The Hacker News) on June 2, 2023 at 5:45 am
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors. The “sustained information gathering efforts” have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (
- MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploitedby info@thehackernews.com (The Hacker News) on June 2, 2023 at 3:25 am
A critical flaw in Progress Software’s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems. The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL injection vulnerability that could lead to escalated privileges and potential unauthorized access to the environment. “An SQL injection
Security Magazine
Security magazine provides security industry news and trends on video surveillance, cyber security, physical security, security guards, access management and more for security executives and the security industry.
- OSHA cites retail chain for exposing employees to electrical hazardson June 2, 2023 at 7:49 pm
Following several investigations, the Occupational Health and Safety Administration (OSHA) has cited Dollar General for workplace safety violations.
- Health tracking app charged by FTC for sharing sensitive informationon June 2, 2023 at 6:57 pm
Fertility app Premom was charged by the FTC for sharing users’ sensitive information with third parties, and sharing sensitive health data to Google.
- 90% of CISOs say certifications improved security confidenceon June 2, 2023 at 6:27 pm
According to a report focusing on Chief Information Security Officer (CISO) perspectives, 50% identified cloud security as their top concern.
- CISA seeks input from public safety agencies, organizationson June 2, 2023 at 4:56 pm
Public safety organizations are asked to complete the SAFECOM Nationwide Survey to help assess emergency communications capabilities and needs.
- Report: Advanced phishing attacks grew 356% in 2022on June 2, 2023 at 2:48 pm
A new report analyzed the most prevalent cyberattack trends and identified an 87% increase in the total number of attacks over the course of last year.
Threatpost
The first stop for security news.
- Student Loan Breach Exposes 2.5M Recordsby Nate Nelson on August 31, 2022 at 12:57 pm
2.5 million people were affected, in a breach that could spell more trouble down the line.
- Watering Hole Attacks Push ScanBox Keyloggerby Nate Nelson on August 30, 2022 at 4:00 pm
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
- Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firmsby Nate Nelson on August 29, 2022 at 2:56 pm
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
- Ransomware Attacks are on the Riseby Nate Nelson on August 26, 2022 at 4:44 pm
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
- Cybercriminals Are Selling Access to Chinese Surveillance Camerasby Nate Nelson on August 25, 2022 at 6:47 pm
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Security Weekly
Connecting the Security Industry with the Security Community