thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:47a6  Public Scan

Form analysis
2 forms found in the DOM

GET https://www.google.com/cse

<form action="https://www.google.com/cse" id="searchform" method="get"><input autocomplete="off" id="s" name="q" placeholder="Search Here..." type="text">
  <input name="cx" type="hidden" value="partner-pub-7983783048239650:3179771210">
</form>

Name: f1 — POST https://inl02.netline.com/rssnews0001/

<form action="https://inl02.netline.com/rssnews0001/" class="clear cf" id="subform" method="post" name="f1" target="_blank">
  <div class="email-box-h3">Join 120,000+ Professionals</div>
  <p>Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.</p>
  <div class="email-input">
    <input name="_submit" type="hidden" value="0001">
    <input id="brand" name="brand" type="hidden" value="thehackernews">
    <div class="e-book"><input checked="yes" id="opt_001" name="opt_001" type="checkbox" value="Y"><input checked="yes" id="opt_003" name="opt_003" type="checkbox" value="Y"></div><label class="visuallyhidden" for="input-email">Email</label><input
      class="text" id="input-email" name="email" placeholder="Your e-mail address" required="" type="email">
    <button aria-label="Subscribe" id="submitform" type="submit" value="Subscribe"></button>
  </div>
</form>

Text Content

⚡ Cybersecurity Webinar ▶ Expert Strategies to Bulletproof Your Accounting Data
from Digital Pirates Join the Webinar
#1 Trusted Cybersecurity News Platform Followed by 4.50+ million  


 Get the Free Newsletter
 *  Home
 *  Newsletter
 *  Webinars

 * Home
 * Data Breaches
 * Cyber Attacks
 * Vulnerabilities
 * Webinars
 * Store
 * Contact





Resources
 * Webinars
 * THN Store
 * Free eBooks

About Site
 * About THN
 * Jobs
 * Advertise with us


Contact/Tip Us

Reach out to get featured—contact us to send your exclusive story idea,
research, hacks, or ask us a question or leave a comment/feedback!

Follow Us On Social Media
    
 RSS Feeds  Email Alerts  Telegram Channel



THE HACKER NEWS | #1 TRUSTED CYBERSECURITY NEWS SITE


N. KOREAN LAZARUS GROUP TARGETS SOFTWARE VENDOR USING KNOWN FLAWS

Oct 27, 2023 Cyber Attack / Malware
The North Korea-aligned  Lazarus Group  has been attributed as behind a new
campaign in which an unnamed software vendor was compromised through the
exploitation of known security flaws in another high-profile software. The
attack sequences, according to Kaspersky, culminated in the deployment of
malware families such as SIGNBT and  LPEClient , a known hacking tool used by
the threat actor for victim profiling and payload delivery. "The adversary
demonstrated a high level of sophistication, employing advanced evasion
techniques and introducing SIGNBT malware for victim control," security
researcher Seongsu Park  said . "The SIGNBT malware used in this attack employed
a diverse infection chain and sophisticated techniques." The Russian
cybersecurity vendor said the company that developed the exploited software had
been a victim of a Lazarus attack several times, indicating an attempt to steal
source code or poison the software supply chain, as in the case of the 


HOW TO KEEP YOUR BUSINESS RUNNING IN A CONTESTED ENVIRONMENT

Oct 27, 2023 Threat Detection / Vulnerability Management
When organizations start incorporating cybersecurity regulations and cyber
incident reporting requirements into their security protocols, it's essential
for them to establish comprehensive plans for preparation, mitigation, and
response to potential threats. At the heart of your business lies your
operational technology and critical systems. This places them at the forefront
of cybercriminal interest, as they seek to exploit vulnerabilities, compromise
your data, and demand ransoms. In today's landscape, characterized by the
ever-present risk of ransomware attacks and the challenges posed by fragmented
security solutions, safeguarding your organization is paramount. This is where 
The National Institute of Standards and Technology (NIST) advocates  for the
development of resilient, reliable security systems capable of foreseeing,
enduring, and rebounding from cyberattacks.  In this guide, we'll explore
strategies to fortify your defenses against cyber threats and ensure


KUBERNETES SECURITY: CHALLENGES & SOLUTIONS FOR CLOUD NATIVE APPLICATIONS

www.solo.ioKubernetes / Cloud Security
Steps to Simplifying Kubernetes Security - Combining Defense in Depth & Zero
Trust Security


GOOGLE EXPANDS ITS BUG BOUNTY PROGRAM TO TACKLE ARTIFICIAL INTELLIGENCE THREATS

Oct 27, 2023 Artificial Intelligence / Vulnerability
Google has announced that it's expanding its Vulnerability Rewards Program ( VRP
) to compensate researchers for finding attack scenarios tailored to generative
artificial intelligence (AI) systems in an effort to  bolster AI safety and
security . "Generative AI raises new and different concerns than traditional
digital security, such as the potential for unfair bias, model manipulation or
misinterpretations of data (hallucinations)," Google's Laurie Richardson and
Royal Hansen  said . Some of the categories that are in scope  include  prompt
injections, leakage of sensitive data from training datasets, model
manipulation, adversarial perturbation attacks that trigger misclassification,
and model theft. It's worth noting that Google earlier this July instituted an 
AI Red Team  to help address threats to AI systems as part of its Secure AI
Framework ( SAIF ). Also announced as part of its commitment to secure AI are
efforts to strengthen the AI supply chain


F5 ISSUES WARNING: BIG-IP VULNERABILITY ALLOWS REMOTE CODE EXECUTION

Oct 27, 2023 Network Security / Vulnerability
F5 has alerted customers of a critical security vulnerability impacting BIG-IP
that could result in unauthenticated remote code execution. The issue, rooted in
the configuration utility component, has been assigned the CVE identifier 
CVE-2023-46747 , and carries a CVSS score of 9.8 out of a maximum of 10. "This
vulnerability may allow an unauthenticated attacker with network access to the
BIG-IP system through the management port and/or self IP addresses to execute
arbitrary system commands," F5  said  in an advisory released Thursday. "There
is no data plane exposure; this is a control plane issue only." The following
versions of BIG-IP have been found to be vulnerable - 17.1.0 (Fixed in 17.1.0.3
+ Hotfix-BIGIP-17.1.0.3.0.75.4-ENG) 16.1.0 - 16.1.4 (Fixed in 16.1.4.1 +
Hotfix-BIGIP-16.1.4.1.0.50.5-ENG) 15.1.0 - 15.1.10 (Fixed in 15.1.10.2 +
Hotfix-BIGIP-15.1.10.2.0.44.2-ENG) 14.1.0 - 14.1.5 (Fixed in 14.1.5.6 +
Hotfix-BIGIP-14.1.5.6.0.10.6-ENG) 13.1.0 -


ILEAKAGE: NEW SAFARI EXPLOIT IMPACTS APPLE IPHONES AND MACS WITH A- AND M-SERIES
CPUS

Oct 26, 2023 Data Security / Vulnerability
A group of academics has devised a novel side-channel attack dubbed  iLeakage
 that exploits a weakness in the A- and M-series CPUs running on Apple iOS,
iPadOS, and macOS devices, enabling the extraction of sensitive information from
the Safari web browser. "An attacker can induce Safari to render an arbitrary
webpage, subsequently recovering sensitive information present within it using
speculative execution," researchers Jason Kim, Stephan van Schaik, Daniel
Genkin, and Yuval Yarom  said  in a new study. In a practical attack scenario,
the weakness could be exploited using a malicious web page to recover Gmail
inbox content and even recover passwords that are autofilled by credential
managers. iLeakage, besides being the first case of a  Spectre-style  
speculative execution   attack  against Apple Silicon CPUs, also works against
all third-party web browsers available for iOS and iPadOS owing to Apple's App
Store policy that mandates all browser vendors to use Saf


MICROSOFT WARNS AS SCATTERED SPIDER EXPANDS FROM SIM SWAPS TO RANSOMWARE

Oct 26, 2023 Cyber Threat / Social Engineering
The prolific threat actor known as  Scattered Spider  has been observed
impersonating newly hired employees in targeted firms as a ploy to blend into
normal on-hire processes and takeover accounts and breach organizations across
the world. Microsoft, which disclosed the activities of the financially
motivated hacking crew, described the adversary as "one of the most dangerous
financial criminal groups," calling out its operational fluidity and its ability
to incorporate SMS phishing, SIM swapping, and help desk fraud into its attack
model. "Octo Tempest is a financially motivated collective of native
English-speaking threat actors known for launching wide-ranging campaigns that
prominently feature adversary-in-the-middle ( AiTM ) techniques, social
engineering, and SIM swapping capabilities," the company  said . It's worth
noting that the activity represented by  Octo Tempest  is tracked by other
cybersecurity companies under various monikers, including 0kta


RECORD-BREAKING 100 MILLION RPS DDOS ATTACK EXPLOITS HTTP/2 RAPID RESET FLAW

Oct 26, 2023 Network Security / Cyber Attack
Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP
distributed denial-of-service (DDoS) attacks that exploited a recently disclosed
flaw called  HTTP/2 Rapid Reset , 89 of which exceeded 100 million requests per
second (RPS). "The campaign contributed to an overall increase of 65% in HTTP
DDoS attack traffic in Q3 compared to the previous quarter ," the web
infrastructure and security company said in a report shared with The Hacker
News. "Similarly,  L3/4 DDoS attacks  also increased by 14%." The total number
of HTTP DDoS attack requests in the quarter surged to 8.9 trillion, up from 5.4
trillion in Q2 2023 and 4.7 trillion in Q1 2023. The number of attack requests
in Q4 2022 stood at 6.5 trillion. HTTP/2 Rapid Reset (CVE-2023-44487) came to
light earlier this month following an industry-wide coordinated disclosure that
delved into DDoS attacks orchestrated by an unknown actor by leveraging the flaw
to target various providers such as


THE DANGER OF FORGOTTEN PIXELS ON WEBSITES: A NEW CASE STUDY

Oct 26, 2023 Web Security / Data Protection
While cyberattacks on websites receive much attention, there are often
unaddressed risks that can lead to businesses facing lawsuits and privacy
violations even in the absence of hacking incidents. A new case study highlights
one of these more common cases.  Download the full case study here . It's a
scenario that could have affected any type of company, from healthcare to
finance, e-commerce to insurance, or any other industry. Recently, Reflectiz, an
advanced website security solution provider, released a  case study  focusing on
a forgotten and misconfigured pixel that had been associated with a leading
global healthcare provider. This overlooked piece of code surreptitiously
gathered private data without user consent, potentially exposing the company to
substantial fines and damage to its reputation. Nowadays, it has become common
practice for companies to embed such pixels into their websites. For instance,
the TikTok Pixel is a typical example, added to websites to track


IRANIAN GROUP TORTOISESHELL LAUNCHES NEW WAVE OF IMAPLOADER MALWARE ATTACKS

Oct 26, 2023 Cyber Threat / Malware
The Iranian threat actor known as  Tortoiseshell  has been attributed to a new
wave of watering hole attacks that are designed to deploy a malware dubbed
IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint
victim systems using native Windows utilities and acts as a downloader for
further payloads," the PwC Threat Intelligence team  said  in a Wednesday
analysis. "It uses email as a [command-and-control] channel and is able to
execute payloads extracted from email attachments and is executed via new
service deployments." Active since at least 2018, Tortoiseshell has a history of
using strategic website compromises as a ploy to facilitate the distribution of
malware. Earlier this May, ClearSky  linked the group  to the breach of eight
websites associated with shipping, logistics, and financial services companies
in Israel. The threat actor is  aligned  with the Islamic Revolutionary Guard
Corps ( IRGC ) and is also tracked by the broade


CRITICAL FLAW IN NEXTGEN'S MIRTH CONNECT COULD EXPOSE HEALTHCARE DATA

Oct 26, 2023 Vulnerability / Network Security
Users of  Mirth Connect , an open-source data integration platform from NextGen
HealthCare, are being urged to update to the latest version following the
discovery of an unauthenticated remote code execution vulnerability. Tracked as 
CVE-2023-43208 , the vulnerability has been addressed in  version 4.4.1
 released on October 6, 2023. "This is an easily exploitable, unauthenticated
remote code execution vulnerability," Horizon3.ai's Naveen Sunkavally  said  in
a Wednesday report. "Attackers would most likely exploit this vulnerability for
initial access or to compromise sensitive healthcare data." Called the "Swiss
Army knife of healthcare integration," Mirth Connect is a cross-platform
interface engine used in the healthcare industry to communicate and exchange
data between disparate systems in a  standardized manner . Additional technical
details about the flaw have been withheld in light of the fact that Mirth
Connect versions going as far bac
Next Page 

Trending News
Okta's Support System Breach Exposes Customer Data to Unidentified Threat Actors
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of
Devices
Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability
Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer
iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation
Triangulation
Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection
ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware
Malvertisers Using Google Ads to Target Users Searching for Popular Software
Popular Resources
Identity Attacks Are Skyrocketing – Learn How to Shield Your Organization
New Data Security Report Reveals Key Threats You Can't Afford to Miss
Explore Cybercrime Trends with the Big Book of the Deep and Dark Web Now
Bulletproof Your Servers: Deploy Gcore's Multi-Layer Global DDoS Protection
Cybersecurity Resources
The IT Professional's Blueprint for Compliance
Learn how to align with HIPAA, NIST, CIS-CSC, Essential Eight, and Cyber
Essentials frameworks.
Webinar: Web App Security: From Challenges to Solutions - Expert Insights
Industry experts from EY Technology Solutions and OPSWAT dive deep into current
security challenges and solutions.
The Ultimate Guide to Vulnerability Scanning
Everything you need to know to get started with vulnerability scanning and
choose the right product for your business.
Want To Excel in Cybersecurity Risk Management?
Manage cybersecurity risk with a master's from Georgetown. Learn more in our
Oct. 30 webinar.

Join 120,000+ Professionals

Sign up for free and start receiving your daily dose of cybersecurity news,
insights and tips.


Email

Connect with us!

905,000 Followers

1,950,000 Followers

500,000 Followers

22,000 Subscribers

148,000 Followers

120,000 Subscribers
Company
 * About THN
 * Advertise with us
 * Contact

Pages
 * Webinars
 * Deals Store
 * Privacy Policy

Deals
 * Hacking
 * Development
 * Android

 RSS Feeds
 Contact Us
© The Hacker News, 2023. All Rights Reserved.