menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

2w

read

135

img
dot

Image Credit: Securityaffairs

China-linked APT UNC3886 targets EoL Juniper routers

  • China-linked APT UNC3886 deploys custom backdoors on Juniper Networks Junos OS MX routers.
  • Mandiant researchers discover TINYSHELL-based backdoors on Juniper MX routers targeting defense, technology, and telecommunications sectors in the US and Asia.
  • UNC3886 demonstrates in-depth knowledge of system internals and uses compromised credentials to access Junos OS CLI from terminal servers.
  • Mandiant provides Indicators of Compromise (IoCs) and Yara rules to detect the backdoors.

Read Full Article

like

8 Likes

share

1 Share

source image

Medium

2w

read

187

img
dot

Image Credit: Medium

Secure Coding || Ethical Hackers For Hire

  • Secure coding refers to the practice of developing software with a strong focus on security at every stage.
  • Secure coding techniques aim to prevent vulnerabilities and create resilient applications.
  • The emphasis is on incorporating security considerations throughout the entire software development lifecycle.
  • Secure coding helps protect sensitive data, user privacy, and the overall integrity of the system.

Read Full Article

like

11 Likes

share

2 Shares

source image

Hackingblogs

2w

read

174

img
dot

Image Credit: Hackingblogs

Jaguar Land Rover Hit by Data Breach: Tracking Data, Source Code, and Employee Info Leaked

  • Jaguar Land Rover, a UK-based automotive corporation, suffered a data breach.
  • Threat actor 'Rey' claims to have obtained internal information, including tracking data, source code, and employee details.
  • The leaked data includes personnel records, 700 internal papers, and exposes potential vulnerabilities in JLR's corporate network.
  • The breach could lead to risks like targeted cyberattacks, identity theft, and disclosure of sensitive corporate information.

Read Full Article

like

10 Likes

share

2 Shares

source image

Securityaffairs

2w

read

414

img
dot

Image Credit: Securityaffairs

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

  • The Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers.
  • The botnet spreads automatically using a remote code execution (RCE) flaw.
  • The Ballista botnet has been linked to an Italian-based threat actor.
  • The botnet has affected manufacturing, healthcare, services, and tech sectors in multiple countries.

Read Full Article

like

24 Likes

share

5 Shares

source image

Securityaffairs

2w

read

432

img
dot

Image Credit: Securityaffairs

Apple fixed the third actively exploited zero-day of 2025

  • Apple released emergency security updates to address a zero-day vulnerability, CVE-2025-24201, in the WebKit cross-platform web browser engine.
  • The vulnerability was exploited in 'extremely sophisticated' cyber attacks, and it is an out-of-bounds write issue.
  • The fix was released as a supplementary measure after blocking a similar attack in iOS 17.2.
  • Apple addressed the flaw with improved checks, releasing updates for various devices.

Read Full Article

like

26 Likes

share

6 Shares

source image

Securityaffairs

3w

read

83

img
dot

Image Credit: Securityaffairs

Switzerland’s NCSC requires cyberattack reporting for critical infrastructure within 24 hours

  • Switzerland’s NCSC mandates critical infrastructure organizations to report cyberattacks within 24 hours of discovery.
  • The policy is introduced in response to the increasing number of cyber incidents.
  • Non-compliance may result in fines up to CHF 100,000 after the grace period.
  • The new requirement aligns with international standards to enhance information exchange.

Read Full Article

like

4 Likes

share

1 Share

source image

Schneier

3w

read

65

img
dot

Silk Typhoon Hackers Indicted

  • The US Department of Justice has indicted 12 Chinese individuals for alleged hacker intrusions over more than a decade.
  • The indicted individuals include eight i-Soon contractors, two Ministry of Public Security officials, and two hackers from the group APT27, or Silk Typhoon.
  • The group targeted various US and foreign government agencies, Chinese dissidents, US-based media outlets, and breached the US Treasury in 2020.
  • The hackers operated with autonomy, selecting targets themselves and selling stolen information to Chinese government clients.

Read Full Article

like

3 Likes

share

Share

source image

Medium

3w

read

236

img
dot

Image Credit: Medium

All About Cookies: The Sweetest Web Trackers

  • Cookies are small text files that websites store in your browser to hold information about your login status, preferences, and tracking data.
  • There are different types of cookies, including session cookies, persistent cookies, first-party vs. third-party cookies, and secure cookies & HttpOnly cookies.
  • Cookies can be manipulated, stolen, or abused, posing risks such as tracking and privacy concerns, session hijacking, cross-site scripting (XSS), and cross-site request forgery (CSRF).
  • To take control of your cookies, it is advised to block third-party cookies, use HTTPS websites, avoid logging into sensitive accounts on public Wi-Fi, and be cautious of suspicious links.

Read Full Article

like

14 Likes

share

3 Shares

source image

Securelist

3w

read

161

img
dot

Image Credit: Securelist

DCRat backdoor returns

  • A new wave of DCRat distribution has been detected in 2025.
  • The DCRat backdoor is distributed through YouTube, disguised as gaming software.
  • The backdoor has various modules for keystroke logging, webcam access, file grabbing, and password exfiltration.
  • Most victims of DCRat are in Russia, with some cases in Belarus, Kazakhstan, and China.

Read Full Article

like

9 Likes

share

2 Shares

source image

Securityaffairs

3w

read

354

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog.
  • Vietnamese cybercrime group XE Group is exploiting the Advantive VeraCore vulnerabilities, deploying reverse shells and web shells for remote access.
  • No real-world attacks exploiting the Ivanti EPM flaws have been reported, but PoC exploit code is available.
  • CISA orders federal agencies to address these vulnerabilities by March 31, 2025.

Read Full Article

like

21 Likes

share

4 Shares

source image

Securityaffairs

3w

read

310

img
dot

Image Credit: Securityaffairs

Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies

  • Cross-border data transfers play a crucial role in global business operations but face cybersecurity challenges from diverse laws and cyber threats. The reliance on data movement across borders for e-commerce, cloud computing, and financial transactions exposes organizations to risks of cyberattacks and data breaches.
  • The complexity arises from differing national cybersecurity policies and data protection regulations that organizations must navigate while ensuring data security in cross-border transfers. Governments have implemented stringent laws like GDPR, China's Cybersecurity Law, and the US's CLOUD Act to regulate international data flow.
  • Challenges in cross-border data transfers include cyber threats, legal inconsistencies, and geopolitical factors, necessitating robust security and compliance strategies. Cyberattacks targeting data transfers exploit vulnerabilities in international exchange systems and challenge data integrity and confidentiality.
  • Legal and regulatory disparities across jurisdictions create compliance challenges for organizations navigating multiple data protection laws. The lack of a unified global regulatory framework leads to inefficiencies and potential legal risks for multinational corporations.
  • Geopolitical tensions and economic disputes impact the security of cross-border data transfers, forcing companies to comply with trade restrictions, data localization laws, and government surveillance policies. Proactive engagement with regulators and compliance frameworks can help mitigate risks.
  • Regulatory compliance strategies involve legal agreements, security frameworks, and privacy-enhancing technologies to ensure data protection and legal adherence in international data transfers. Privacy-enhancing technologies like encryption and data masking enhance security during cross-border transactions.
  • Data localization compliance strategies, continuous monitoring, and compliance automation are vital for organizations to navigate evolving data protection regulations. AI, ML, and blockchain technologies aid in automating compliance tasks, predicting risks, and ensuring regulatory adherence.
  • Maintaining compliance with international data regulations is crucial to avoid fines, legal actions, and reputational damage. Organizations must invest in compliance automation, cybersecurity awareness, and collaboration with policymakers to navigate the dynamic cybersecurity landscape.
  • A comprehensive approach that combines legal frameworks, privacy-enhancing technologies, and compliance automation is necessary to address the complexities of cross-border data transfers. Continuous adaptation to emerging cybersecurity challenges and regulatory reforms is essential for secure and compliant data exchange.
  • Author Arfi Siddik Mollashaik, a Solution Architect at Securiti.ai, specializes in data security, privacy, and compliance for global organizations. With experience in enhancing data protection programs, he emphasizes investments in compliance automation and cybersecurity awareness to mitigate risks.

Read Full Article

like

18 Likes

share

4 Shares

source image

Cybersecurity-Insiders

3w

read

415

img
dot

Image Credit: Cybersecurity-Insiders

Ship hacked to burn US Military Oil Tanker into a Fireball

  • Twitter (now known as X) servers were targeted in a DDoS attack, causing disruption for two hours.
  • A Portuguese cargo ship, MV Solong, had its GPS system hacked, resulting in a collision with a US military oil tanker and causing a massive explosion.
  • Millions of liters of oil from the tanker have spilled into the North Sea, posing a severe environmental threat to marine life.
  • Experts suspect a Russian hacker group orchestrated the attack, and the incident is being investigated by US intelligence and Pentagon teams.

Read Full Article

like

25 Likes

share

5 Shares

source image

TechCrunch

3w

read

380

img
dot

Image Credit: TechCrunch

What PowerSchool won’t say about its data breach affecting millions of students

  • PowerSchool, a K-12 software provider, suffered a significant data breach in December 2024, potentially affecting millions of students and staff across North America.
  • The breach originated from a compromised credential in the customer support portal, granting access to the school information system.
  • While some details of the breach have been disclosed, many crucial questions remain unanswered by PowerSchool.
  • The company has not revealed the exact number of individuals impacted by the breach, despite estimates from various sources.
  • Reports suggest that personal data of over 62 million students and 9.5 million teachers may have been accessed by the hacker.
  • The types of stolen data, including sensitive personal information and medical records, remain undisclosed by PowerSchool.
  • The company worked with a cyber-extortion incident response firm to negotiate with the hackers, hinting at a ransom payment.
  • Concerns linger about whether the stolen data has been completely deleted, as PowerSchool has not provided evidence of deletion.
  • The identity of the hacker responsible for the breach is unknown, raising questions about cybersecurity measures.
  • Forensic reports have shed some light on the breach timeline, indicating potential long-standing access to PowerSchool's network.

Read Full Article

like

22 Likes

share

5 Shares

source image

Securityaffairs

3w

read

166

img
dot

Image Credit: Securityaffairs

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

  • Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution.
  • Over 1,000 attacks detected globally.
  • The vulnerability tracked as CVE-2024-4577 allows for remote code execution on vulnerable servers using Apache and PHP-CGI.
  • GreyNoise researchers report a significant increase in attacks targeting multiple regions, including the US, UK, Singapore, and Japan.

Read Full Article

like

10 Likes

share

2 Shares

source image

Siliconangle

3w

read

381

img
dot

Image Credit: Siliconangle

Fortinet identifies thousands of malicious software packages exploiting open-source repositories

  • A new report from FortiGuard Labs highlights a wave of malicious software packages exploiting system vulnerabilities.
  • The report identifies thousands of malicious packages distributed across open-source repositories, using techniques such as low-file-count packages, suspicious installation scripts, and typosquatting.
  • Attackers employ deceptive tactics, including artificially high version numbers and empty descriptions, to obscure their true intent and mislead users.
  • Fortinet urges organizations to implement strong security hygiene, vet open-source dependencies, utilize threat intelligence solutions, and apply behavioral analysis techniques.

Read Full Article

like

22 Likes

share

5 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app