Oct 08, 2024The Hacker NewsWeb Security / Payment Fraud Is your store at risk? Discover how an innovative web security solution saved one global online retailer and its unsuspecting customers from an “evil twin” disaster. Read the full real-life case… Read More "The Evil Twin Checkout Page"
Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools
Oct 08, 2024Ravie LakshmananCyber Threat / APT Attack Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho. “The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the… Read More "Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools"
GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets
Oct 08, 2024Ravie LakshmananCyber Attack / Malware A little-known threat actor tracked as GoldenJackal has been linked to a series of cyber attacks targeting embassies and governmental organizations with an aim to infiltrate air-gapped systems using two disparate bespoke toolsets.… Read More "GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets"
Pro-Ukrainian Hackers Strike Russian State TV on Putin’s Birthday
Ukraine has claimed responsibility for a cyber attack that targeted Russia state media company VGTRK and disrupted its operations, according to reports from Bloomberg and Reuters. The incident took place on the night of October 7, VGTRK confirmed, describing it… Read More "Pro-Ukrainian Hackers Strike Russian State TV on Putin’s Birthday"
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
Oct 08, 2024Ravie LakshmananMobile Security / Privacy Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as… Read More "Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits"
Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection
Oct 07, 2024Ravie LakshmananCybersecurity / Mobile Security Google has announced that it’s piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection… Read More "Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection"
THN Cybersecurity Recap: Top Threats and Trends (Sep 30
Oct 07, 2024Ravie LakshmananCybersecurity / Weekly Recap Ever heard of a “pig butchering” scam? Or a DDoS attack so big it could melt your brain? This week’s cybersecurity recap has it all – government showdowns, sneaky malware, and even a… Read More "THN Cybersecurity Recap: Top Threats and Trends (Sep 30"
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
Oct 07, 2024Ravie LakshmananOpen Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw,… Read More "Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications"
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
Oct 07, 2024Ravie LakshmananIoT Security / Botnet Cybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month,… Read More "New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries"
Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually
Organizations are losing between $94 – $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The… Read More "Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually"