VMWare, a leader in cloud computing and virtualization, rolled out an update on Thursday that addresses a critical security hole in its Cloud Director product that could be weaponized to launch remote code execution attacks. A CVSS score of 9.1 ou ...
Zingostealer Malware given to other cybercriminals for free by Haskers Gang
The Haskers Gang which is a crimeware-related threat actor has released ZingoStealer for free on the Web. Other criminal groups can use the malware for nefarious purposes. In a report shared with The Hacker News, Cisco Talos researchers Edmund Bru ...
Industroyer2 malware breached Ukraine’s power grid by Russian hackers
The Computer Emergency Response Team of Ukraine (CERT-UA) announced on Tuesday that it halted a cyberattack on an unnamed Ukrainian energy company by Sandworm, a hacking group affiliated with Russia's military intelligence. SSSCIP said that the at ...
The FBI and Europol seize the RaidForums Hacker Forum and arrest the administrators
The investigation led to the taking down of RaidForums, one of the largest hacking forums known for selling hacked personal information belonging to users. Last month, the administrator of the cybercrime forum, dubbed Tourniquet, was arrested at h ...
The NGINX team shares mitigations for the zero-day bug that affects LDAP implementation
A number of mitigations have been issued to address security flaws in NGINX's Lightweight Directory Access Protocol (LDAP) Reference Implementation. According to an advisory published Monday, "both NGINX Open Source and NGINX Plus are not affected ...
A report warns that FFDroider and Lightning steal data from users online
Researchers warn about two types of data-stealing malware, dubbed FFDroider and Lightning Stealer, that are capable of siphoning data and launching further attacks. Avinash Kumar and Niraj Shivtarkar of Zscaler ThreatLabz wrote in their report pub ...
The new Microsoft autopatch feature will help businesses keep their systems updated
Last week, Microsoft announced that it intends to make general availability a feature called Autopatch as part of Windows Enterprise E3 in July 2022. "With this service, Office and Windows will always be up-to-date on enrolled endpoints, automatic ...
The Mirai botnet is deployed by hackers exploiting the Spring4Shell vulnerability
Recently disclosed critical Spring4Shell vulnerabilities are being actively exploited by threat actors to spread the Mirai botnet malware throughout Singapore, specifically since April 2022. Using this exploit, threat actors can download the Mirai ...
Indian power grid assets continue to be targeted by Chinese hackers
One year after being made aware of a concerted attack on India's critical infrastructure by Chinese-linked adversaries, Indian power grid entities are reportedly being targeted. ShadowPad, a sophisticated remote access trojan deemed to b ...
Hackers are distributing fake shopping apps to steal bank data from Malaysian citizens
The threat actors distributed malicious applications designed to look like harmless shopping applications to target eight banks in Malaysia since November 2021. In a report shared with The Hacker News, Slovakian cybersecurity firm ESET described t ...