menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Hacking News

Hacking News

source image

Hackingblogs

1h

read

88

img
dot

Image Credit: Hackingblogs

NSO Group Held Liable for #Pegasus Hacking of 1400 WhatsApp Users in Landmark Ruling

  • NSO Group Technologies was sued by WhatsApp Inc. for using malware to compromise over 1,400 mobile devices via WhatsApp’s network.
  • The court found that NSO Group violated the Computer Fraud and Abuse Act (CFAA) and California’s Computer Data Access and Fraud Act (CDAFA).
  • NSO Group was also accused of breaking WhatsApp's terms of service and the court ruled against them.
  • WhatsApp has been awarded summary judgment for the breach of contract action and will receive damages for investigation and repair expenses.

Read Full Article

like

5 Likes

source image

Siliconangle

15h

read

1.2k

img
dot

Image Credit: Siliconangle

Fortinet warns of malicious Python packages targeting credentials and user data

  • Fortinet Inc.'s FortiGuard Labs has discovered two malicious Python packages that pose a high risk of credential theft, data exfiltration, and unauthorized system access.
  • The first vulnerability, Zebo-0.1.0, exhibits sophisticated malware behavior, including keylogging, screen capturing, and data exfiltration to remote servers.
  • The second vulnerability, Cometlogger-0.1, targets system credentials and user data, evades detection, and can steal a wide array of user data.
  • To prevent infection, it is recommended to verify third-party scripts, implement firewalls and intrusion detection systems, and train employees to recognize phishing attempts.

Read Full Article

like

11 Likes

source image

Hackingblogs

1d

read

195

img
dot

Image Credit: Hackingblogs

The Famous Lockbit Ransomware’s Developer Rostislav Panev Was Arrested UK NCA

  • The UK National Crime Agency has arrested Rostislav Panev, the developer of the LockBit ransomware.
  • LockBit is a powerful ransomware that gained popularity among cybercriminals in 2021.
  • Rostislav Panev, a dual citizen of Israel and Russia, is accused of building and maintaining the LockBit ransomware infrastructure.
  • Along with Panev, seven other members of the LockBit group have been charged.

Read Full Article

like

11 Likes

source image

Hackernoon

1d

read

361

img
dot

Image Credit: Hackernoon

Code Smell 284 - Encrypted Functions

  • Avoid obfuscated functions in your code.
  • Cryptic code makes your code unreadable and untrustworthy.
  • Using clear names and avoiding obfuscation can improve readability and trust in the code.
  • Manually reviewing code and using linters can help identify obfuscated functions.

Read Full Article

like

21 Likes

source image

Coinpedia

9h

read

313

img
dot

Image Credit: Coinpedia

Hyperliquid Faces $250 Million in Net Outflows Amid Lazarus Group Hacking Concerns

  • Hyperliquid, a Layer-1 DeFi platform, is facing $250 million in net outflows amid concerns of a hack by the North Korean Lazarus Group.
  • The platform recorded consecutive net outflows of over $250 million within a span of 30 hours.
  • The Hyperliquid token dropped 20% following fears of Lazarus Group involvement.
  • Experts are questioning the security of the platform and how it will navigate this crisis.

Read Full Article

like

18 Likes

source image

Securityaffairs

10h

read

139

img
dot

Image Credit: Securityaffairs

Apache Foundation fixed a severe Tomcat vulnerability

  • The Apache Software Foundation addressed a severe vulnerability, CVE-2024-56337, in its Tomcat server software.
  • Exploiting this vulnerability could lead to remote code execution under certain conditions.
  • Apache Tomcat is widely used as a web server and servlet container for Java-based web applications.
  • The vulnerability affects versions 11.0.0-M1 through 11.0.1, 10.1.0-M1 through 10.1.33, and 9.0.0.M1 through 9.0.97.

Read Full Article

like

8 Likes

source image

Securityaffairs

12h

read

270

img
dot

Image Credit: Securityaffairs

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

  • Italy’s data protection watchdog fined OpenAI €15 million for ChatGPT’s improper collection of personal data.
  • Garante Privacy fined OpenAI after investigating ChatGPT’s personal data collection practices.
  • OpenAI is obligated to conduct a six-month informational campaign on data management violations.
  • OpenAI plans to appeal the fine, considering it disproportionate.

Read Full Article

like

16 Likes

source image

Idownloadblog

17h

read

283

img
dot

Image Credit: Idownloadblog

Hackers successfully get iPadOS 18 running on an unsupported iPad (6th generation)

  • Hackers successfully get iPadOS 18 running on an unsupported iPad (6th generation)
  • Developers successfully ran iPadOS 18 on an iPad (6th generation) using the palera1n exploit.
  • The iPad (6th generation) shares the same internal processor as the iPad (7th generation) and may be compatible with iPadOS 18.
  • The hack opens up the possibility of expanding the list of palera1n-compatible iPadOS 18 devices.

Read Full Article

like

17 Likes

source image

Securityaffairs

20h

read

37

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Acclaim Systems USAHERDS flaw to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Acclaim Systems USAHERDS vulnerability to its Known Exploited Vulnerabilities catalog.
  • The vulnerability was exploited by the Chinese cyber-espionage group APT41 to breach multiple U.S. state government networks.
  • The flaw is rooted in the use of hard-coded credentials and allows arbitrary code execution on affected systems.
  • CISA has ordered federal agencies to fix this vulnerability by January 13, 2025.

Read Full Article

like

2 Likes

source image

Hackersking

1d

read

244

img
dot

Image Credit: Hackersking

Instagram’s AI-Powered Editing Tool: Transforming Video Content Creation

  • Instagram is introducing an AI-powered video editing tool to revolutionize video content creation on the platform.
  • The tool will simplify the editing process, introduce cutting-edge technology, and empower users to create professional-quality content effortlessly.
  • Key features include AI-driven video suggestions, text-to-video functionality, collaborative editing options, and personalized video templates.
  • Users including influencers, casual users, and small businesses stand to benefit from saving time, boosting engagement, and reaching target audiences.

Read Full Article

like

14 Likes

source image

Securityaffairs

1d

read

230

img
dot

Image Credit: Securityaffairs

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

  • A U.S. court ruled in favor of WhatsApp against NSO Group, holding the spyware vendor liable for exploiting a flaw to deliver Pegasus spyware.
  • WhatsApp won a legal case against NSO Group in a U.S. court over exploiting a vulnerability to deliver Pegasus spyware.
  • The court found NSO Group liable for breaching WhatsApp's terms of service by using the platform for malicious purposes.
  • NSO Group was ordered to provide details regarding the complete functionality of the spyware, covering the period before and after the alleged attack.

Read Full Article

like

13 Likes

source image

Securelist

1d

read

266

img
dot

Image Credit: Securelist

Cloud Atlas seen using a new tool in its attacks

  • Cloud Atlas has been found to be using a previously undocumented toolset in which the group heavily used in 2024.
  • The group targets Eastern Europe and Central Asia mostly.
  • Victims get infected through phishing emails with a malicious document.
  • The HTA files in the document exploit vulnerabilities in formula editors to download and execute malware code.
  • After the download is complete, the malware adds a registry key to run an auto script 'VBShower Launcher'.
  • VBCloud, a new tool, is being used to steal data from the infected system.
  • VBCloud module duplicates the core functionality of VBShower and uses public cloud storage as C2 server.
  • The group uses PowerShell scripts to perform a range of tasks on the infected system.
  • Phishing emails continue to play an important role as an initial access point.
  • Cloud Atlas has been observed to attack victims in Russia, Belarus, Canada, Moldova, Israel, Kyrgyzstan, Vietnam, and Turkey.

Read Full Article

like

16 Likes

source image

Securityaffairs

1d

read

137

img
dot

Image Credit: Securityaffairs

Lazarus APT targeted employees at an unnamed nuclear-related organization

  • The North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024.
  • The attacks are believed to be part of the cyber espionage campaign Operation Dream Job.
  • Lazarus used a complex infection chain involving multiple types of malware.
  • The group used compromised WordPress web servers as command and control servers.

Read Full Article

like

8 Likes

source image

Silicon

1d

read

3

img
dot

Image Credit: Silicon

North Koreans Stole $1.34bn In Crypto This Year

  • Hackers linked to North Korea have stolen a record $1.34 billion in cryptocurrency this year.
  • The hacks accounted for over half of the total amount stolen in all cryptocurrency hacks.
  • North Korea uses the funds obtained from hacking to finance its missile and nuclear programs.
  • The hacking activity has slowed down in the second half of the year after a strategic partnership was signed.

Read Full Article

like

Like

source image

Hackersking

1d

read

336

img
dot

Image Credit: Hackersking

WhatsApp to Stop Working on Older Android Phones in January 2025

  • WhatsApp will stop supporting older Android devices starting January 2025.
  • This decision aims to enhance performance, introduce new features, and ensure robust security.
  • Affected devices include Samsung Galaxy S3, HTC Desire 500, and Sony Xperia M.
  • Users are advised to upgrade their devices or software to continue enjoying WhatsApp's features.

Read Full Article

like

20 Likes

For uninterrupted reading, download the app