menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

4w

read

35

img
dot

Image Credit: Securityaffairs

CISA maintains stance on Russian cyber threats despite policy shift

  • US CISA confirms no change in defense against Russian cyber threats despite the Trump administration’s pause on offensive operations.
  • US Defense Secretary Pete Hegseth has recently ordered US Cyber Command to pause offensive cyber operations against Russia.
  • The decision to halt offensive cyber actions has ignited debate, weighing the need for diplomacy against the risk of exposure to cyber attacks by foreign threat actors.
  • CISA is undergoing a leadership transition after director Jen Easterley’s departure, and is currently in the midst of a leadership change.

Read Full Article

like

2 Likes

share

Share

source image

Idownloadblog

4w

read

226

img
dot

Image Credit: Idownloadblog

DynamicNotLand jailbreak tweak disables the Dynamic Island on iPhone 14 Pro series devices when not in use

  • A new jailbreak tweak called DynamicNotLand has been released, which disables the Dynamic Island on iPhone 14 Pro series devices when not in use.
  • The Dynamic Island is a feature that integrates the TrueDepth camera system into the display to create a seamless look.
  • DynamicNotLand activates the unused pixels between the TrueDepth camera components, allowing users to see more of their image when the Dynamic Island is not in use.
  • The tweak is only compatible with iPhone 14 Pro and 14 Pro Max devices and can be downloaded for free from the developer's personal repository.

Read Full Article

like

13 Likes

share

3 Shares

source image

Securityaffairs

4w

read

280

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog.
  • CISA added several vulnerabilities to its Known Exploited Vulnerabilities catalog, including Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold.
  • The vulnerabilities include command injection vulnerability in Cisco routers, authorization bypass and special element injection vulnerabilities in Hitachi Vantara Pentaho BA Server, improper resource shutdown vulnerability in Microsoft Windows Win32k, and path traversal vulnerability in Progress WhatsUp Gold.
  • Affected parties have been urged to address these vulnerabilities by the specified deadlines to protect their networks from potential attacks.

Read Full Article

like

16 Likes

share

3 Shares

source image

TechCrunch

4w

read

329

img
dot

Image Credit: TechCrunch

US said to halt offensive cyber operations against Russia 

  • The United States has suspended its offensive cyber operations against Russia, according to reports. The reported order was authorized by U.S. Defense Secretary Pete Hegseth and affects operations carried out by U.S. Cyber Command.
  • The order was handed down before a meeting between President Donald Trump, Vice President JD Vance, and Ukrainian President Volodymyr Zelensky. The New York Times said that the instruction came as part of a broader effort to draw Russian President Vladimir Putin into talks about the country’s ongoing war in Ukraine.
  • The Trump administration has reportedly ordered U.S. cybersecurity agency CISA to no longer report on Russian threats, signaling a change in policy. However, the Department of Homeland Security denied the report.
  • This shift in U.S. policy towards Russia comes after the U.S. intelligence community warned that Russia poses an 'enduring cyber threat' to the United States.

Read Full Article

like

19 Likes

share

4 Shares

source image

Securityaffairs

4w

read

200

img
dot

Image Credit: Securityaffairs

U.S. Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist

  • U.S. authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance.
  • Uranium Finance is a decentralized finance (DeFi) protocol built on Binance’s BNB Chain.
  • The cyberattacks on Uranium Finance exploited smart contract flaws, resulting in theft and money laundering.
  • US authorities, with the help of TRM Labs, successfully tracked and seized $31 million in stolen assets.

Read Full Article

like

12 Likes

share

2 Shares

source image

Coinpedia

4w

read

396

img
dot

Image Credit: Coinpedia

Crypto Hack Feb Breakdown: Unpacking a $1.53B Month of Losses

  • The cryptocurrency sector experienced its largest hack in history, with the Bybit hack resulting in a loss of around $1.4 billion.
  • In February, the total losses from crypto hacks reached approximately $1.53 billion, a significant increase compared to January.
  • The Bybit hack, orchestrated by the Lazarus Group, a North Korean hacking group, accounted for the majority of the losses.
  • Other major hacks in February included the Infini hack, resulting in a loss of nearly $49 million, and the ZkLend hack, which led to a loss of $10 million.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securelist

4w

read

200

img
dot

Image Credit: Securelist

Mobile malware evolution in 2024

  • In 2024, there were 33.3 million attacks involving mobile malware, adware, or unwanted software prevented by Kaspersky Security Network.
  • Adware accounted for 35% of total detections, making it the most common mobile threat.
  • 1.1 million malicious installation packages were detected, with nearly 69,000 linked to mobile banking Trojans.
  • Cybercriminals targeted mobile devices with 2.8 million monthly attacks, totaling 33,265,112 attacks blocked in 2024.
  • New distribution schemes for banking Trojans like Mamont and NFC banking scams were identified, targeting users in Russia and the Czech Republic.
  • Several new preinstalled malicious apps were discovered, including the LinkDoor backdoor and SparkCat implant targeting Android users primarily for cryptocurrency theft.
  • The year saw a rise in banking Trojans and fraudulent apps on platforms like Google Play and the App Store.
  • Region-specific threats were prominent in countries like Turkey and India, with banking Trojans being a common type of attack.
  • The number of unique malware installation packages decreased in 2024, but mobile banking Trojan activity continued to increase.
  • Despite a decline in unique installation packages, cybercriminals focused on distributing the same malware to a larger number of victims.

Read Full Article

like

12 Likes

share

2 Shares

source image

Securityaffairs

4w

read

84

img
dot

Image Credit: Securityaffairs

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

  • Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist.
  • The exploit involved a zero-day exploit chain targeting Android USB drivers developed by Cellebrite, impacting over a billion Android devices.
  • Google patched vulnerabilities identified in the Cellebrite zero-day exploit chain in Android's February 2025 update and the Linux kernel.
  • The exploit targeted Linux kernel USB drivers, allowing physical access to bypass Android lock screens and gain privileged access.
  • Serbian police used the Cellebrite exploit to unlock a student activist's Samsung Galaxy A32 and install an unknown Android application, likely NoviSpy spyware.
  • Amnesty International documented the incident of the activist being detained, interrogated, and having his phone exploited by Serbian authorities.
  • Cellebrite suspended its technology provision to Serbia following reports of abuse by local police, as confirmed by an Amnesty International report.
  • The Security Lab at Amnesty International emphasized the importance of investigating and holding accountable those misusing digital forensic technology.
  • According to Donncha Ó Cearbhaill, further exports of surveillance technology to Serbia should be halted until proper oversight is in place to protect privacy and rights.

Read Full Article

like

5 Likes

share

1 Share

source image

Securityaffairs

4w

read

351

img
dot

Image Credit: Securityaffairs

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

  • The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, stealing 350GB of data.
  • Lee Enterprises, Inc. is a publicly traded American media company with 79 newspapers in 25 states.
  • Qilin ransomware gang threatened to leak the stolen data on March 5.
  • Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022.

Read Full Article

like

21 Likes

share

4 Shares

source image

Idownloadblog

4w

read

57

img
dot

Image Credit: Idownloadblog

Tedious approach of getting JIT to work in the iOS debugger of iOS 18.4 developer beta 1 shown off

  • A workaround has been found for using just-in-time (JIT) compilation in the iOS debugger of iOS 18.4 developer beta 1.
  • The method involves utilizing the debugger for JIT on iOS & iPadOS platforms.
  • The hacky workaround uses split rx/rw regions to make the debugger write to memory pages for JIT compilation.
  • Since Apple may patch this workaround, it is both tedious and may not work in the future.

Read Full Article

like

3 Likes

share

Share

source image

Idownloadblog

4w

read

311

img
dot

Image Credit: Idownloadblog

Alfie CG publishes write-up on Trigon, a deterministic kernel exploit based on CVE-2023-32434 that can’t fail

  • Security researcher Alfie CG published a blog post about a new deterministic kernel exploit called Trigon.
  • Trigon is based on CVE-2023-32434, the same bug that the Kernel File Descriptor (KFD) exploit used and was patched in iOS & iPadOS 16.5.1.
  • Trigon is a stable exploit that can be thought of as an exploit to refine existing tools for older handsets.
  • Trigon is limited in device and firmware support, with older devices and earlier iOS versions being compatible.

Read Full Article

like

18 Likes

share

4 Shares

source image

Medium

4w

read

396

img
dot

Image Credit: Medium

OpSec 101: How to Stay Invisible and Protect Your Privacy Like a Ghost

  • OpSec (Operational Security) is important in today's hyper-connected world to protect against compromise.
  • OpSec is necessary for everyone, not just the military or intelligence agencies.
  • OpSec mistakes can lead to exposures and arrests, highlighting the importance of staying hidden and secure.
  • The guide discusses OpSec fundamentals, tools, and strategies to maintain anonymity and protect privacy.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securityaffairs

4w

read

245

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION

  • Ransomware gangs exploited a Paragon Partition Manager BioNTdrv.sys driver zero-day.
  • Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service.
  • Enhanced capabilities sustain the rapid growth of Vo1d botnet.
  • China-linked threat actors stole 10% of Belgian State Security Service's staff emails.
  • Criminal group UAC-0173 targets the Notary Office of Ukraine.
  • DragonForce Ransomware group targeted Saudi Arabia.
  • New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus.
  • GitVenom campaign targets gamers and crypto investors posing as fake GitHub projects.
  • Lazarus APT stole $1.5B from Bybit, the largest cryptocurrency heist ever.
  • Australia bans Kaspersky over national security concerns.

Read Full Article

like

14 Likes

share

3 Shares

source image

Securityaffairs

4w

read

378

img
dot

Image Credit: Securityaffairs

Meta fired 20 employees for leaking information, more firings expected

  • Meta fired about 20 employees for leaking confidential information outside the company, with more firings expected.
  • The company takes leaks seriously and has a policy against leaking internal information.
  • Meta's CEO, Mark Zuckerberg, expressed concern about leaks and limited discussion in internal meetings.
  • No details about the leaked content have been disclosed by Meta.

Read Full Article

like

22 Likes

share

5 Shares

source image

Securityaffairs

4w

read

401

img
dot

Image Credit: Securityaffairs

Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day

  • Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs in attacks.
  • The IT giant reported that one of the discovered vulnerabilities (CVE-2025-0289) is currently being exploited by ransomware groups in zero-day attacks.
  • Paragon Software has released an update (BioNTdrv.sys v2.0.0) to address the vulnerabilities.
  • Users are advised to update Paragon Partition Manager and enable Windows' Vulnerable Driver Blocklist for protection.

Read Full Article

like

24 Likes

share

5 Shares

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app