Ever wondered what it’s like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security. 12 Feb 2025 What if breaking into computer systems, tricking people into handing over passwords, and even sneaking into buildings was part of your
Feb 18, 2025Ravie LakshmananCyber Espionage / Malware The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor’s malicious payload
A pro-Russia hacker group, NoName057(16), has launched a wave of DDoS (distributed denial-of-service) attacks targeting key Italian organizations. Early on Monday, the group disrupted the websites of major airports in Milan, including Linate and Malpensa, as well as the Transport Authority, the Intesa San Paolo bank and the ports of Taranto and Trieste. The attacks were
Kids Online The virtual treasure chests and other casino-like rewards inside your children’s games may pose risks you shouldn’t play down 13 Feb 2025 • , 5 min. read Historically, many video games followed a straightforward economic model: pay once, play forever. These days, however, purchasing a game is often just the beginning. At the
Feb 17, 2025Ravie LakshmananArtificial Intelligence / Data Protection South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations. Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal
Chinese-linked espionage tools have been deployed in a ransomware attack, highlighting possible new links between China nation-state activity and cybercrime. Symantec researchers observed the connection while analyzing a ransomware attack against an Asian software and services company in November 2024. This attack resulted in the network’s machines being encrypted with the RA World ransomware, with
Feb 14, 2025Ravie LakshmananVulnerability / DevOps Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. “If executed at scale, this attack could be used to gain
The UK’s AI Safety Institute has rebranded to the AI Security Institute as the government shifts its AI strategy to focus on serious AI risks with security implications, including malicious cyber-attacks, cyber fraud and other cybercrimes. The UK Technology Secretary Peter Kyle announced the pivot at the Munich Security Conference, three days after the AI Action Summit
Feb 15, 2025Ravie LakshmananMobile Security / Technology Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The
Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this activity towards the end of January 2025, when the M365 account of one of its customers was successfully compromised in a highly targeted attack. The technique is more
Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: ‘As technology continues to evolve, so do cybercriminals’ tactics.’ This article explores some of the impacts of this GenAI-fueled acceleration.
A new alert from the US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) has outlined strategies to eliminate buffer overflow vulnerabilities in software. Part of the Secure by Design Alert series, the report published on Wednesday emphasizes using memory-safe programming languages and other secure development practices to prevent these defects, which are
Feb 13, 2025Ravie LakshmananUnited States A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black
The UK government-backed Digital Security by Design (DSbD) initiative must succeed to systematically address rising cyber risks to the nation, according to the National Cyber Security Centre’s (NCSC) CTO, Ollie Whitehouse. Whitehouse made the remarks during an event showcasing the technological advances from the ambitious program, which aims to secure the underlying computer hardware used
Feb 12, 2025Ravie LakshmananContainer Security / Vulnerability Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host. The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It
A 25-year-old Alabama man has pleaded guilty to charges related to the January 2024 hacking of the US Securities and Exchange Commission’s (SEC) X (formerly Twitter) account. This incident briefly caused a spike in the value of Bitcoin. Eric Council Jr., of Athens, Alabama, admitted in court to conspiring with others to gain unauthorized access
Feb 11, 2025The Hacker NewsIT Security / Threat Protection Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing
A newly uncovered cyber campaign has been observed exploiting Internet Information Services (IIS) vulnerabilities to distribute malware known as BadIIS. The attack, affecting several Asian countries, manipulates search engine optimization (SEO) results to redirect users to illegal gambling sites or malicious servers. Widespread Impact and Financial Motivation According to Trend Micro’s findings, the attack is financially
Feb 10, 2025Ravie LakshmananCybersecurity / Weekly Recap In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we’ve seen cybercriminals turn overlooked weaknesses into major security
Over half (58%) of large UK financial services firms suffered at least one third-party supply chain attack in 2024, according to a study by Orange Cyberdefense. Nearly a quarter (23%) of these companies were hit three or more times by third-party attacks. The research identified significant gaps in financial services third-party risk management strategies. Close
Feb 07, 2025Ravie LakshmananMobile Security / Artificial Intelligence A new audit of DeepSeek’s mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks. The assessment comes from NowSecure, which also found
Researchers at Reversing Labs have discovered two malicious machine learning (ML) models available on Hugging Face, the leading hub for sharing AI models and applications. While these models contain malicious code, they were not flagged as “unsafe” by Hugging Face’s security scanning mechanisms. The Reversing Labs researchers saw that these malicious models exploit a novel
Feb 08, 2025Ravie LakshmananArtificial Intelligence / Supply Chain Security Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual technique of “broken” pickle files to evade detection. “The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning of the file,” ReversingLabs
Most GDPR enforcement actions by the UK’s Information Commissioner’s Office (ICO) were against public sector organizations in 2024, an analysis by URM Consulting has revealed. A total of 27 UK public sector entities faced actions under the GDPR, compared to just four private companies. The actions took a range of forms, including fines, reprimands and
Feb 07, 2025The Hacker NewsVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit
A global law enforcement effort has led to the arrest of two suspected leaders of an extremist online group accused of grooming and coercing minors into acts of violence and sexual exploitation. Authorities in the US arrested the individuals on January 30 as part of a broader Europol-coordinated crackdown on “The Com” organization, an international
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple’s and Google’s respective app stores to steal victims’ mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2) server,
A new phishing campaign orchestrated by the financially motivated threat group UAC-0006 has been discovered targeting customers of PrivatBank, Ukraine’s largest state-owned financial institution. Cybersecurity analysts from CloudSEK identified an ongoing attack that employs password-protected archives containing malicious JavaScript, VBScript or LNK files to evade detection. Attack Methods and Payloads UAC-0006 has been observed deploying
Feb 05, 2025Ravie LakshmananCybersecurity / Cloud Security Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments. Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of
A new malware strain, ELF/Sshdinjector.A!tr, has been linked to the DaggerFly espionage group and used in the Lunar Peek campaign to target Linux-based network appliances. Its primary function is data exfiltration. How the Malware Works Uncovered by cybersecurity researchers at FortiGuard Labs, the malware operates using multiple binaries that work together to infect a system: Dropper: Checks if