FreshRSS

🔒
☐ ☆ ✇ The Hacker News

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

By Newsroom — October 14th 2023 at 06:29
Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said. "New features for Windows 11 include
☐ ☆ ✇ The Hacker News

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

By Newsroom — October 10th 2023 at 15:24
Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487,
☐ ☆ ✇ The Hacker News

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

By THN — September 21st 2023 at 12:51
The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. "This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware's developers are operating at an extremely high development cadence," Cado Security researcher Matt Muir
☐ ☆ ✇ The Hacker News

Protecting Your Microsoft IIS Servers Against Malware Attacks

By The Hacker News — September 8th 2023 at 11:27
Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging fruit for finding and exploiting vulnerabilities that facilitate access to IT environments.  Recently, a
☐ ☆ ✇ The Hacker News

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks

By THN — August 9th 2023 at 06:49
Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it's introducing a second user setting to turn off support, at the model level, for null-ciphered cellular connections. "The Android Security Model assumes that all networks are hostile to keep users safe from
☐ ☆ ✇ The Hacker News

A Penetration Testing Buyer's Guide for IT Security Teams

By The Hacker News — August 3rd 2023 at 12:47
The frequency and complexity of cyber threats are constantly evolving. At the same time, organizations are now collecting sensitive data that, if compromised, could result in severe financial and reputational damage. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion in 2023 and will grow to $10.5 trillion by 2025. There is also increasing public and
☐ ☆ ✇ The Hacker News

How Pen Testing can Soften the Blow on Rising Costs of Cyber Insurance

By The Hacker News — July 6th 2023 at 10:47
As technology advances and organizations become more reliant on data, the risks associated with data breaches and cyber-attacks also increase. The introduction of data privacy laws, such as the GDPR, has made it mandatory for organizations to disclose breaches of personal data to those affected. As such, it has become essential for businesses to protect themselves from the financial and
☐ ☆ ✇ The Hacker News

The Importance of Managing Your Data Security Posture

By The Hacker News — June 2nd 2023 at 10:16
Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it?  Data security posture management (DSPM) became mainstream following the publication
☐ ☆ ✇ The Hacker News

Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

By Ravie Lakshmanan — May 30th 2023 at 12:29
Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI) said in a report published last week. The vulnerabilities were demonstrated by three different teams from Qrious Secure, STAR Labs, and DEVCORE at the Pwn2Own hacking contest held in Toronto late last year,
☐ ☆ ✇ The Hacker News

The Different Methods and Stages of Penetration Testing

By The Hacker News — March 15th 2023 at 09:43
The stakes could not be higher for cyber defenders. With the vast amounts of sensitive information, intellectual property, and financial data at risk, the consequences of a data breach can be devastating. According to a report released by Ponemon institute, the cost of data breaches has reached an all-time high, averaging $4.35 million in 2022. Vulnerabilities in web applications are often the
☐ ☆ ✇ The Hacker News

Does Your Help Desk Know Who's Calling?

By The Hacker News — March 9th 2023 at 12:25
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they take
☐ ☆ ✇ The Hacker News

Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks

By Ravie Lakshmanan — February 22nd 2023 at 07:18
An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel. Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023 targeting an unnamed government organization that utilized Havoc. "While C2 frameworks are prolific, the
☐ ☆ ✇ The Hacker News

Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

By Ravie Lakshmanan — February 7th 2023 at 12:58
Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control (C2) framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center (ASEC), which found that security vulnerabilities in Sunlogin, a remote desktop program developed in China, are being abused to deploy a wide range of payloads. "Not
☐ ☆ ✇ The Hacker News

Is Once-Yearly Pen Testing Enough for Your Organization?

By The Hacker News — January 26th 2023 at 14:21
Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization's reputation and bottom line. There are two main reasons why regular pen testing is necessary for secure web application development: Security: Web applications are constantly evolving, and new
☐ ☆ ✇ The Hacker News

4 Places to Supercharge Your SOC with Automation

By The Hacker News — January 17th 2023 at 11:07
It's no secret that the job of SOC teams continues to become increasingly difficult. Increased volume and sophistication of attacks are plaguing under-resourced teams with false positives and analyst burnout. However, like many other industries, cybersecurity is now beginning to lean on and benefit from advancements in automation to not only maintain the status quo, but to attain better security
☐ ☆ ✇ The Hacker News

Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages

By Ravie Lakshmanan — November 28th 2022 at 05:25
Twitter chief executive Elon Musk confirmed plans for end-to-end encryption (E2EE) for direct messages on the platform. The feature is part of Musk's vision for Twitter 2.0, which is expected to be what's called an "everything app." Other functionalities include longform tweets and payments, according to a slide deck shared by Musk over the weekend. <!--adsense--> The company's plans for
☐ ☆ ✇ The Hacker News

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware

By Ravie Lakshmanan — September 28th 2022 at 10:09
The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves the mouse," cybersecurity firm Cluster25 said in a technical report. "The code execution runs a
☐ ☆ ✇ The Hacker News

Researchers Identify 3 Hacktivist Groups Supporting Russian Interests

By Ravie Lakshmanan — September 26th 2022 at 14:33
At least three alleged hacktivist groups working in support of Russian interests are likely doing so in collaboration with state-sponsored cyber threat actors, according to Mandiant. The Google-owned threat intelligence and incident response firm said with moderate confidence that "moderators of the purported hacktivist Telegram channels 'XakNet Team,' 'Infoccentr,' and 'CyberArmyofRussia_Reborn
☐ ☆ ✇ The Hacker News

Why Vulnerability Scanning is Critical for SOC 2

By The Hacker News — September 12th 2022 at 11:04
SOC 2 may be a voluntary standard, but for today's security-conscious business, it's a minimal requirement when considering a SaaS provider. Compliance can be a long and complicated process, but a scanner like Intruder makes it easy to tick the vulnerability management box. Security is critical for all organisations, including those that outsource key business operations to third parties like
☐ ☆ ✇ The Hacker News

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers

By Ravie Lakshmanan — August 25th 2022 at 13:24
The threat actor behind the SolarWinds supply chain attack has been linked to yet another "highly targeted" post-exploitation malware that could be used to maintain persistent access to compromised environments. Dubbed MagicWeb by Microsoft's threat intelligence teams, the development reiterates Nobelium's commitment to developing and maintaining purpose-built capabilities. Nobelium is the tech
☐ ☆ ✇ The Hacker News

Crypto Miners Using Tox P2P Messenger as Command and Control Server

By Ravie Lakshmanan — August 24th 2022 at 17:59
Threat actors have begun to use the Tox peer-to-peer instant messaging service as a command-and-control method, marking a shift from its earlier role as a contact method for ransomware negotiations. The findings from Uptycs, which analyzed an Executable and Linkable Format (ELF) artifact ("72client") that functions as a bot and can run scripts on the compromised host using the Tox protocol. Tox
☐ ☆ ✇ The Hacker News

Hackers Behind Twilio Breach Also Targeted Cloudflare Employees

By Ravie Lakshmanan — August 10th 2022 at 10:13
Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio. The attack, which transpired around the same time Twilio was targeted, came from four phone numbers associated with T-Mobile-issued SIM cards
❌