Hacker News | Latest Cyber Hacking News on Techminis

A naukri.com initiative

New

Home

Hacking News

Securityaffairs

240

Image Credit: Securityaffairs

Citrix addressed NetScaler console privilege escalation flaw

Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent.
The vulnerability, tracked as CVE-2024-12284, allows attackers to escalate privileges under certain conditions.
The vulnerability impacts specific versions of NetScaler Agent and NetScaler Console.
Cloud Software Group released updated versions to address the vulnerability.

Read Full Article

14 Likes

NullTX

159

Image Credit: NullTX

Urgent Warning: Active Phishing Campaign Targeting Jupiter Users

A phishing campaign targeting Jupiter users through ads claiming a 'Jupiter Exchange exploit' is active.
Malicious actors trick users into pasting JS code into their browser consoles leading to wallet drain.
Deceitful operation involves fake bug reports urging users to interact with malicious links.
The fraudsters use a malicious API (solapi.network) to access and drain crypto wallets.
Users are warned against engaging with unsound advertisements or links and advised to verify code sources.
Protective measures include using hardware wallets, verifying updates from platforms, and enabling 2FA.
Jupiter users are urged to stay vigilant against phishing attempts and act promptly if compromised.
Staying informed about cryptocurrency threats and scams is crucial for safeguarding investments.
Disclosure: This is not trading or investment advice. Always research before investing in cryptocurrencies.

Read Full Article

9 Likes

Securelist

118

Image Credit: Securelist

Managed detection and response in 2024

Kaspersky Managed Detection and Response service (MDR) provides round-the-clock monitoring and threat detection.
In 2024, the MDR infrastructure processed an average of 15,000 telemetry events per host daily, with over two high-severity incidents detected per day.
The largest concentration of Kaspersky MDR customers is in Europe, the CIS, and the META regions.
General observations from 2024 include decreased high-severity incidents with increased complexity, a rise in human-driven targeted attacks, attackers often returning after a successful breach, prevalent use of Living off the Land techniques, and top threats being User Execution and Phishing.

Read Full Article

7 Likes

Securityaffairs

431

Image Credit: Securityaffairs

Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacks

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls.
The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, allowing an attacker to read files that are readable by the 'nobody' user.
Palo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched PAN-OS web management interfaces.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the CVE-2025-0108 vulnerability to its Known Exploited Vulnerabilities catalog.

Read Full Article

25 Likes

Discover more

Hackers-Arise

154

Image Credit: Hackers-Arise

Cyberwar Mission #3: Using QRCodes in Phishing and Social Media Attacks

Social engineering tactics utilized in cyber warfare can be turned against adversaries, as demonstrated by Master OTW's strategy.
The use of QR codes in phishing emails can bypass anti-spam filters and evade browser security warnings.
Reconnaissance involves gathering email addresses of target individuals, like employees in a company, using tools such as Crosslinked and Hunter.io.
Phishing campaigns can be executed using tools like GoPhish integrated with Evilginx for enhanced phishing attacks.
GoPhish provides features such as user-friendly interface, tracking, and integration capabilities, making it popular among hackers.
Challenges of integrating Evilginx and GoPhish include setup complexities and user desensitization to frequent phishing attempts.
Connecting GoPhish with Evilginx involves configuring admin URLs, API keys, and SMTP settings for effective phishing campaigns.
CloudFlare integration can help in obscuring server IPs for anonymity and faster DNS propagation.
Generating QR codes to entice users involves embedding QR codes in emails using HTML and sending phishing emails with compelling content.
Effective social engineering tactics and phishing campaigns require continuous learning from adversaries and innovative approaches.

Read Full Article

9 Likes

Hackingblogs

Image Credit: Hackingblogs

Snake Keyloggers: Protect Your IT Companies As Soon As Possible

Snake Keylogger, a malicious program designed to steal confidential information, is targeting IT companies.
The Snake Keylogger records keystrokes, captures images, and monitors the clipboard to collect sensitive data.
IT firms recently experienced a malspam campaign using phishing emails to distribute the Snake Keylogger.
The malware uses persistence and process hollowing to evade detection and maintain access to compromised systems.

Read Full Article

2 Likes

Medium

250

Image Credit: Medium

Exploring the Layers of the Internet: Surface Web, Deep Web, and Dark Web

The internet is comprised of three main layers: the Surface Web, the Deep Web, and the Dark Web.
The Surface Web is the part of the internet that is indexed and easily accessible by search engines.
The Deep Web represents the vast majority of the internet and includes unindexed content like private databases and academic journals.
The Dark Web is a small portion of the Deep Web that is intentionally hidden and associated with anonymity and sometimes illicit activities.

Read Full Article

15 Likes

Securityaffairs

301

Image Credit: Securityaffairs

Venture capital firm Insight Partners discloses security breach

Venture capital firm Insight Partners disclosed a security breach involving unauthorized access to its information systems.
The breach was detected on January 16, 2025, and the attacker was removed the same day.
Insight Partners is conducting an investigation with the help of cybersecurity experts.
No significant impact on operations, portfolio companies, funds, or stakeholders is expected.

Read Full Article

18 Likes

Securityaffairs

432

Image Credit: Securityaffairs

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions.
The first vulnerability (CVE-2025-26465) enables an attacker to conduct an active MitM attack when the VerifyHostKeyDNS option is enabled.
The second vulnerability (CVE-2025-26466) affects both the OpenSSH client and server, allowing a pre-authentication DoS attack.
These vulnerabilities have been fixed in OpenSSH 9.9p2, released by OpenSSH maintainers.

Read Full Article

26 Likes

Siliconangle

414

Image Credit: Siliconangle

Google report warns of Russian threat groups targeting Signal Messenger

Russian state-backed threat actors are targeting Signal Messenger users to intercept sensitive communications.
Multiple Russian-aligned cyber espionage groups are compromising Signal accounts through phishing tactics.
The threat groups are primarily targeting Ukrainian individuals, but the tactics are expected to spread beyond the Ukrainian theater.
The report advises implementing strong security measures and exercising caution with QR codes and suspicious web links.

Read Full Article

24 Likes

Securelist

241

Image Credit: Securelist

Spam and phishing in 2024

In 2024, 27% of all emails sent worldwide were spam, with 48.57% in the Russian web segment being spam.
Kaspersky Mail Anti-Virus blocked 125,521,794 malicious email attachments in 2024.
893,216,170 attempts to follow phishing links were thwarted by Kaspersky's Anti-Phishing system in the same year.
Phishing scams in 2024 targeted travel enthusiasts through fake hotel and airline booking websites, requesting login credentials and bank card details.
Cybercriminals targeted employees of travel agencies by gaining access to corporate accounts for financial transactions and access to customer databases.
Social media scams involved luring victims with promises of free items or bonus features, including fake giveaways, adult content, and unauthorized premium subscriptions.
Scammers exploited the popularity of Facebook and Instagram by offering services to find profiles or download advanced versions of popular apps, leading to malware downloads on victims' devices.
Cryptocurrency scams in 2024, such as the Hamster Kombat game scheme, aimed to trick users into paying fees for non-existent services or fraudulent investments.
In phishing attacks, cybercriminals mimicked legitimate companies' HR departments or sellers/buyers to deceive victims into providing personal information or credentials through fake links or attachments.
The year saw a rise in malicious email attachments, with the top malware families including Agensla stealers, Badun Trojans, and Makoob spyware among others.

Read Full Article

14 Likes

Securityaffairs

Image Credit: Securityaffairs

U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog.
CVE-2025-0108 Palo Alto PAN-OS Authentication Bypass Vulnerability and CVE-2024-53704 SonicWall SonicOS SSLVPN Improper Authentication Vulnerability were added to the catalog.
Threat actors have been observed exploiting the CVE-2025-0108 vulnerability in Palo Alto PAN-OS firewalls.
CISA orders federal agencies to fix the vulnerabilities by March 11, 2025.

Read Full Article

2 Likes

Medium

Top Search Engines for Hackers: The Ultimate Guide

Shodan is a search engine that discovers internet-connected devices.
Censys provides insights into SSL certificates, exposed services, and misconfigured cloud assets.
GrayHatWarfare indexes open S3 buckets to find exposed files.
Google Dorking uses advanced search techniques to uncover sensitive information.
Hunter.io helps find professional email addresses associated with domains.
ZoomEye is a Chinese search engine for scanning exposed devices and services.
BinaryEdge offers in-depth internet scanning for cybersecurity professionals.
These search engines are useful for ethical hacking and security research.

Read Full Article

Securityaffairs

232

Image Credit: Securityaffairs

Juniper Networks fixed a critical flaw in Session Smart Routers

Juniper Networks has fixed a critical flaw in its Session Smart Router.
The vulnerability, tracked as CVE-2025-21589, allows an attacker to bypass authentication and take administrative control of the device.
The affected products include Session Smart Router, Session Smart Conductor, and WAN Assurance Managed Routers.
Juniper Networks has released patches to address the vulnerability and recommends upgrading to the fixed versions.

Read Full Article

13 Likes

Securityaffairs

254

Image Credit: Securityaffairs

China-linked APT group Winnti targets Japanese organizations since March 2024

China-linked APT group Winnti targeted Japanese organizations in a cyberespionage campaign named RevivalStone in March 2024.
The campaign focused on manufacturing, materials, and energy sectors, utilizing an advanced version of the Winnti malware.
Winnti is part of a larger umbrella group consisting of several APT groups, including Winnti, Gref, PlayfullDragon, APT17, and others.
The attack chain involved exploiting an SQL injection, deploying a WebShell, conducting reconnaissance, and installing Winnti malware through a shared account.

Read Full Article

15 Likes

For uninterrupted reading, download the app