menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

4d

read

345

img
dot

Image Credit: Securityaffairs

U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog.
  • A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
  • CISA orders federal agencies to fix this vulnerability by December 27, 2024.
  • Experts recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

Read Full Article

like

20 Likes

source image

Securityaffairs

4d

read

81

img
dot

Image Credit: Securityaffairs

Raccoon Infostealer operator sentenced to 60 months in prison

  • Mark Sokolovsky, operator of Raccoon Infostealer, has been sentenced to 60 months in US prison.
  • He has been ordered to pay over $910,000 in restitution.
  • Raccoon Infostealer is a malware that steals credit card data, email credentials, and cryptocurrency wallets.
  • The malware infected over 100,000 users worldwide and resulted in the theft of millions of credentials and forms of identification.

Read Full Article

like

4 Likes

source image

Hackersking

5d

read

167

img
dot

Image Credit: Hackersking

WhatsApp’s New Year 2025 Update: Grab These 3 Festive Features Before They’re Gone

  • WhatsApp introduces new festive features for its 2025 New Year update.
  • Customizable New-Year themed chat backgrounds add vibrancy to conversations.
  • Limited-time animated stickers with exclusive designs for New-Year.
  • Group video call fireworks mode enhances video calls with virtual fireworks displays.
  • Features are designed to capture the spirit of the season and are available only for a limited time.
  • Expected to remain active until mid-January 2025, after which they'll be removed to make way for the next wave of updates.
  • WhatsApp encourages its users to celebrate and connect in new and creative ways.
  • Additional rumored updates include enhanced privacy controls, AR tools, and expanded monetization options for businesses.
  • Marketers and users should stay tuned for these updates as WhatsApp seeks to lead the way in digital communication.
  • Users can celebrate and connect with WhatsApp's festive features and make this season memorable.

Read Full Article

like

10 Likes

source image

Idownloadblog

5d

read

404

img
dot

Image Credit: Idownloadblog

New EverPwnage jailbreak for legacy devices on iOS 8.0-9.0.2 released with optional untether

  • A new jailbreak tool called EverPwnage has been released for 32-bit devices running iOS 8.0-9.0.2.
  • It supports various device types including iPhone 5c, iPhone 5, iPhone 4s, iPad, iPad mini, and iPod touch.
  • The jailbreak is open source and comes with the option of installing the daibutsu untether for a fully untethered experience.
  • Users of certain other jailbreaks can switch to the daibutsu untether by jailbreaking with EverPwnage.

Read Full Article

like

24 Likes

source image

Securityaffairs

5d

read

365

img
dot

Image Credit: Securityaffairs

Mirai botnet targets SSR devices, Juniper Networks warns

  • Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024.
  • Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. Threat actors initially compromised the devices and then employed them in DDoS attacks.
  • Mirai bot exploits devices using default credentials, enabling remote command execution through SSH attacks to facilitate various malicious activities, including DDoS attacks.
  • To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date.

Read Full Article

like

21 Likes

source image

Securityaffairs

5d

read

28

img
dot

Image Credit: Securityaffairs

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

  • Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure.
  • The vulnerability (CVE-2023-34990) allows a remote, unauthenticated attacker to read sensitive files through relative path traversal.
  • The vulnerability impacts FortiWLM versions 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4.
  • The vulnerability can be chained with another vulnerability to achieve remote arbitrary code execution.

Read Full Article

like

1 Like

source image

Securelist

5d

read

86

img
dot

Image Credit: Securelist

Attackers exploiting a patched FortiClient EMS vulnerability in the wild

  • Attackers are exploiting a FortiClient EMS vulnerability that was already patched and available since 2019.
  • The vulnerability in question is an improper filtering of SQL command input, making the system vulnerable to SQL injection and affects Fortinet FortiClient EMS versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2.
  • If successfully exploited, attackers can execute unauthorized code or commands by sending specially crafted data packets, endangering users across various regions.
  • The attackers used our client’s exposed Windows server running FortiClient EMS over the internet as the initial point of attack.
  • They utilized a curl command to download an installer for the ScreenConnect remote access application.
  • Additionally, they used the Windows native binary certutil tool to facilitate the same action, ultimately storing the downloaded installer as 'update.exe' in the root of the C: drive.
  • After installation, the attackers uploaded payloads to the compromised system to begin discovery and lateral movement activities, as well as generating further persistence via remote control tools such as AnyDesk.
  • While further tracking this threat on October 23, 2024, GERT analysts detected active attempts to exploit CVE-2023-48788 in the wild by executing a similar command.
  •  The analysis of this incident helped us establish that the techniques currently used by the attackers to deploy remote access tools are constantly being updated and growing in complexity.
  • We strongly recommend always installing an EPP agent on every host running an OS and configuring additional controls like Application Control.

Read Full Article

like

5 Likes

source image

Securityaffairs

5d

read

353

img
dot

Image Credit: Securityaffairs

CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army

  • The Computer Emergency Response Team of Ukraine (CERT-UA) warns that the threat actor UAC-0125 abuses Cloudflare Workers services to target the Ukrainian army with Malware.
  • The threat actor UAC-0125 exploits Cloudflare Workers to spread malware disguised as the mobile app Army+ app from Ukraine's Ministry of Defence.
  • Visitors to the malicious websites are prompted to download an executable file, which triggers a decoy file and a PowerShell script that sets up covert SSH access for attackers via Tor.
  • The UAC-0125 activity is linked to the UAC-0002 cluster (Sandworm/APT44), and previous attacks used trojanized Microsoft Office files for deeper intrusions.

Read Full Article

like

21 Likes

source image

Securelist

5d

read

312

img
dot

Image Credit: Securelist

Lazarus group evolves its infection chain with old and new malware

  • Lazarus group delivers archive files containing malicious files using new and old malware samples to two employees associated with same nuclear-related organization.
  • The group used multiple types of malware, such as a downloader, loader, and backdoor.
  • The DeathNote campaign is a series of cyber attacks by the Lazarus group that has been distributing its malicious software components by exploiting fake job opportunities to target employees in various sectors.
  • Lazarus group tends to pose as recruiters and contact targets on platforms like LinkedIn, Telegram, WhatsApp, etc.
  • They have been distributing trojanized remote access tools to convince the targets to connect to a specific server for skills assessment.
  • Their recently discovered attack adapted the same method of distributing trojanized remote access tools, but the infection chain has completely changed.
  • The group delivered malicious compressed ISO files to its victims to go undetected, since ZIP archives are easily detected by many services.
  • The malware-to-malware flowchart created by the group defines the cookies and payloads that were sent and received by its malware components.
  • CookiePlus is a new modular malware introduced by the Lazarus group that disguises itself as open-source plugins.
  • The group has been using compromised web servers running WordPress as C2s for most of their campaigns.

Read Full Article

like

18 Likes

source image

Hackersking

6d

read

345

img
dot

Image Credit: Hackersking

Instagram Updates for 2025: Essential Insights for Marketers

  • Instagram is leveraging AI like never before to provide personalized content to users based on advanced machine learning analysis of user preferences, interactions, and behaviors.
  • Instagram is offering creators more ways to earn revenue through subscription-based exclusive content, virtual merchandise stores, and enhanced ad-sharing models, strengthening influencer and content creator collaboration.
  • AR continues to evolve in Instagram’s 2025 updates, offering advanced AR tools for creating immersive experiences in Stories and Reels, enabling marketers to allow customers to try products virtually, such as clothing or makeup.
  • Reels remain a central focus, enabling marketers to develop compelling short-form video content to maximize reach, tap into viral challenges, music, and hashtags to maximize visibility, and monitor performance through analytics to refine strategies.
  • Instagram Shopping has undergone significant upgrades with AI-driven product recommendations, 3D product displays, and integrated checkout for faster transactions, allowing marketers to optimize product pages, leverage 3D product models, and showcase user-generated content and reviews to build trust and credibility.
  • Instagram rolled out features to support sustainability and social impact campaigns, enabling brands to add “impact badges” to their profiles, highlight their commitment to environmental and social causes, and collaborate with non-profits to run campaigns that resonate with their audience.
  • Instagram’s direct messaging system includes AI-powered suggestions, group polls, and community spaces for niche audiences, enabling marketers to respond promptly to inquiries, create and manage niche groups around their brand, and use polls in DMs to gather feedback and insights.
  • Instagram’s new analytics dashboard provides marketers with granular insights into audience demographics, content performance, and campaign ROI, enabling data-driven decisions to refine marketing strategies and track KPIs such as engagement rate, reach, and conversions.
  • Instagram offers privacy-centric advertising options with access to aggregated and anonymized data, enabling marketers to create compelling ads that rely less on detailed targeting and more on storytelling, communicate how user data is handled in campaigns, and use contextual ad placement to reach the right audience without relying on personal data.
  • Marketers who embrace AI-driven tools, leverage AR and video, and focus on authenticity are poised for unparalleled success in Instagram’s dynamic ecosystem. Staying ahead of updates requires adaptability, creativity, and a commitment to understanding evolving user behaviors.

Read Full Article

like

20 Likes

source image

Siliconangle

6d

read

218

img
dot

Image Credit: Siliconangle

Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives

  • Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives
  • Spear phishing campaigns targeting corporate executives are becoming more sophisticated, particularly through mobile devices.
  • Threat actors impersonate trusted business platforms and internal communications to improve the effectiveness of their attacks.
  • Companies are advised to educate employees, prioritize mobile device security, and keep security policies and detection tools updated.

Read Full Article

like

13 Likes

source image

Securityaffairs

6d

read

367

img
dot

Image Credit: Securityaffairs

Russia-linked APT29 group used red team tools in rogue RDP attacks

  • Russia-linked APT29 group used red team tools in rogue RDP attacks
  • APT29 group used malicious RDP configuration files in phishing emails to compromise systems
  • Targets lacked RDP connection restrictions allowing rogue RDP attacks
  • APT29 group heavily used anonymization layers like VPNs and TOR for the attacks

Read Full Article

like

22 Likes

source image

Securityaffairs

6d

read

214

img
dot

Image Credit: Securityaffairs

Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677

  • Threat actors are attempting to exploit the vulnerability CVE-2024-53677 in Apache Struts.
  • The vulnerability allows attackers to achieve path traversal and remote code execution via file upload exploitation.
  • The root cause of the issue is an incomplete fix for another vulnerability tracked as CVE-2023-50164.
  • Users are recommended to upgrade to the latest version Struts 6.4.0 or greater and use Action File Upload Interceptor.

Read Full Article

like

12 Likes

source image

Hackingblogs

6d

read

359

img
dot

Image Credit: Hackingblogs

Here’s How A User Found A Denial-Of-Service Bug On Facebook Messenger Using 😡 Emojis

  • A security researcher discovered a Denial of Service (DOS) bug in Facebook Messenger for iOS version 477.0.0.
  • The researcher used emojis to identify the bug, reverse engineered the Messenger APK using JADX and conducted dynamic investigations with Frida.
  • It was found that the data being transmitted to the recipient is a string containing an emoji in hexadecimal.
  • The researcher also demonstrated that sending an invalid string caused the Messenger app to crash.

Read Full Article

like

21 Likes

source image

Siliconangle

6d

read

119

img
dot

Image Credit: Siliconangle

SlashNext report warns of eightfold rise in credential phishing as AI drives sophistication

  • A new report by phishing protection company SlashNext Inc. highlights a significant increase in phishing attacks in the second half of 2024, with an eightfold rise.
  • The rise in credential phishing attacks is attributed to the availability of advanced phishing kits on the dark web, as well as the use of generative artificial intelligence.
  • Email-based attacks saw a threefold surge, driven by sophisticated techniques and AI-generated targeted messages.
  • The report emphasizes the need for organizations to implement real-time, adaptive security measures to combat the evolving nature of phishing campaigns.

Read Full Article

like

7 Likes

For uninterrupted reading, download the app