thehackernews.com Open in urlscan Pro
2606:4700:20::ac43:47a6  Public Scan

Form analysis
2 forms found in the DOM

GET https://www.google.com/cse

<form action="https://www.google.com/cse" id="searchform" method="get"><input autocomplete="off" id="s" name="q" placeholder="Search Here..." type="text">
  <input name="cx" type="hidden" value="partner-pub-7983783048239650:3179771210">
</form>

Name: f1 — POST https://inl02.netline.com/rssnews0001/

<form action="https://inl02.netline.com/rssnews0001/" class="clear cf" id="subform" method="post" name="f1" target="_blank">
  <div class="email-box-h3">Join 120,000+ Professionals</div>
  <p>Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.</p>
  <div class="email-input">
    <input name="_submit" type="hidden" value="0001">
    <input id="brand" name="brand" type="hidden" value="thehackernews">
    <div class="e-book"><input checked="yes" id="opt_001" name="opt_001" type="checkbox" value="Y"><input checked="yes" id="opt_003" name="opt_003" type="checkbox" value="Y"></div><label class="visuallyhidden" for="input-email">Email</label><input
      class="text" id="input-email" name="email" placeholder="Your e-mail address" required="" type="email">
    <button aria-label="Subscribe" id="submitform" type="submit" value="Subscribe"></button>
  </div>
</form>

Text Content

#1 Trusted Cybersecurity News Platform Followed by 3.45+ million  


 Subscribe to Newsletter
 *  Home
 *  Newsletter
 *  Store

 * Home
 * Data Breaches
 * Cyber Attacks
 * Vulnerabilities
 * Webinars
 * Store
 * Contact





Resources
 * Webinars
 * THN Store
 * Free eBooks

About Site
 * About THN
 * Jobs
 * Advertise with us


Contact/Tip Us

Reach out to get featured—contact us to send your exclusive story idea,
research, hacks, or ask us a question or leave a comment/feedback!

Follow Us On Social Media
    
 RSS Feeds  Email Alerts  Telegram Channel



THE HACKER NEWS | #1 TRUSTED CYBERSECURITY NEWS SITE


NEW POWERDROP MALWARE TARGETING U.S. AEROSPACE INDUSTRY

Jun 07, 2023 Malware / Cyber Attack
An unknown threat actor has been observed targeting the U.S. aerospace industry
with a new PowerShell-based malware called PowerDrop . "PowerDrop uses advanced
techniques to evade detection such as deception, encoding, and encryption,"
according to Adlumin, which  found the malware  implanted in an unnamed domestic
aerospace defense contractor in May 2023. "The name is derived from the tool,
Windows PowerShell, used to concoct the script, and 'Drop' from the DROP (DRP)
string used in the code for padding." PowerDrop is also a post-exploitation
tool, meaning it's designed to gather information from victim networks after
obtaining initial access through other means. The malware employs Internet
Control Message Protocol (ICMP) echo request messages as beacons to initiate
communications with a command-and-control (C2) server. The server, for its part,
responds back with an encrypted command that's decoded and run on the
compromised host. A similar


NEW MALWARE CAMPAIGN LEVERAGING SATACOM DOWNLOADER TO STEAL CRYPTOCURRENCY

Jun 06, 2023 Cryptocurrency / Cyber Threat
A recent malware campaign has been found to leverage  Satacom downloader  as a
conduit to deploy stealthy malware capable of siphoning cryptocurrency using a
rogue extension for Chromium-based browsers. "The main purpose of the malware
that is dropped by the Satacom downloader is to steal BTC from the victim's
account by performing web injections into targeted cryptocurrency websites,"
Kaspersky researchers Haim Zigel and Oleg Kupreev  said . Targets of the
campaign include Coinbase, Bybit, KuCoin, Huobi, and Binance users primarily
located in Brazil, Algeria, Turkey, Vietnam, Indonesia, India, Egypt, and
Mexico. Satacom downloader, also called  Legion Loader , first emerged in 2019
as a dropper for next-stage payloads, including information stealers and
cryptocurrency miners. Infection chains involving the malware begin when users
searching for cracked software are redirected to bogus websites that host ZIP
archive files containing the malware. "Various types


SAY GOODBYE TO SAAS BLIND SPOTS: WING SECURITY UNVEILS FREE DISCOVERY TOOL

www.wing.securitySaaS Security / Attack Surface
Wing Security finds and ranks all SaaS applications completely for free,
removing unnecessary risk.


OVER 60K ADWARE APPS POSING AS CRACKED VERSIONS OF POPULAR APPS TARGET ANDROID
DEVICES

Jun 06, 2023 Mobile Security / Malvertising
Thousands of adware apps for Android have been found to masquerade as cracks or
modded versions of popular applications to serve unwanted ads to users as part
of a campaign ongoing since October 2022. "The campaign is designed to
aggressively push adware to Android devices with the purpose to drive revenue,"
Bitdefender said in a technical report shared with The Hacker News. "However,
the threat actors involved can easily switch tactics to redirect users to other
types of malware such as banking Trojans to steal credentials and financial
information or ransomware." The Romanian cybersecurity company said it has
discovered 60,000 unique apps carrying the adware, with a majority of the
detections located in the U.S., South Korea, Brazil, Germany, the U.K., France,
Kazakhstan, Romania, and Italy. It's worth pointing out that none of the apps
are distributed through the official Google Play Store. Instead, users searching
for apps like Netflix, PDF viewers, se


5 REASONS WHY IT SECURITY TOOLS DON'T WORK FOR OT

Jun 06, 2023 Operational Technology Security
Attacks on critical infrastructure and other OT systems are on the rise as
digital transformation and OT/IT convergence continue to accelerate. Water
treatment facilities, energy providers, factories, and chemical plants — the
infrastructure that undergirds our daily lives could all be at risk. Disrupting
or manipulating OT systems stands to pose real physical harm to citizens,
environments, and economies. Yet the landscape of OT security tools is far less
developed than its information technology (IT) counterpart. According to a
recent  report from Takepoint Research and Cyolo , there is a notable lack of
confidence in the tools commonly used to secure remote access to industrial
environments.  Figure 1: New research reveals a large gap across industries
between the level of concern about security risks and the level of confidence in
existing solutions for industrial secure remote access (I-SRA). The traditional
security strategy of industrial environments was isolation – isolatio


ZERO-DAY ALERT: GOOGLE ISSUES PATCH FOR NEW CHROME VULNERABILITY - UPDATE NOW!

Jun 06, 2023 Browser Security / Vulnerability
Google on Monday released security updates to patch a high-severity flaw in its
Chrome web browser that it said is being actively exploited in the wild. Tracked
as  CVE-2023-3079 , the vulnerability has been described as a type confusion bug
in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group
(TAG) has been credited with reporting the issue on June 1, 2023. "Type
confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote
attacker to potentially exploit heap corruption via a crafted HTML page," 
according  to the NIST's National Vulnerability Database (NVD). The tech giant,
as is typically the case, did not disclose details of the nature of the attacks,
but  noted  it's "aware that an exploit for CVE-2023-3079 exists in the wild."
With the latest development, Google has addressed a total of three actively
exploited zero-days in Chrome since the start of the year - CVE-2023-2033  (CVSS
score: 8.8) - Type Co


CYCLOPS RANSOMWARE GANG OFFERS GO-BASED INFO STEALER TO CYBERCRIMINALS

Jun 06, 2023 Endpoint Security / Data Security
Threat actors associated with the  Cyclops ransomware  have been observed
offering an information stealer malware that's designed to capture sensitive
data from infected hosts. "The threat actor behind this
[ransomware-as-a-service] promotes its offering on forums," Uptycs  said  in a
new report. "There it requests a share of profits from those engaging in
malicious activities using its malware." Cyclops ransomware is notable for
targeting all major desktop operating systems, including Windows, macOS, and
Linux. It's also designed to terminate any potential processes that could
interfere with encryption. The macOS and Linux versions of Cyclops ransomware
are written in Golang. The ransomware further employs a complex encryption
scheme that's a mix of asymmetric and symmetric encryption. The Go-based
stealer, for its part, is designed to target Windows and Linux systems,
capturing details such as operating system information, computer name, number o


CHINESE POSTALFURIOUS GANG STRIKES UAE USERS WITH SNEAKY SMS PHISHING SCHEME

Jun 06, 2023
A Chinese-speaking phishing gang dubbed  PostalFurious  has been linked to a new
SMS campaign that's targeting users in the U.A.E. by masquerading as postal
services and toll operators, per Group-IB. The fraudulent scheme entails sending
users bogus text messages asking them to pay a vehicle trip fee to avoid
additional fines. The messages also contain a shortened URL to conceal the
actual phishing link. Clicking on the link directs the unsuspecting recipients
to a fake landing page that's designed to capture payment credentials and
personal data. The campaign is estimated to be active as of April 15, 2023. "The
URLs from the texts lead to fake branded payment pages that ask for personal
details, such as name, address, and credit card information," Group-IB  said .
"The phishing pages appropriate the official name and logo of the impersonated
postal service provider." The exact scale of the attacks is currently unknown.
What's known is that the tex


ZYXEL FIREWALLS UNDER ATTACK! URGENT PATCHING REQUIRED

Jun 06, 2023 Network Security / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday 
placed  two recently disclosed flaws in Zyxel firewalls to its Known Exploited
Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. The
vulnerabilities, tracked as  CVE-2023-33009 and CVE-2023-33010 , are buffer
overflow vulnerabilities that could enable an unauthenticated attacker to cause
a denial-of-service (DoS) condition and remote code execution. Patches to plug
the security holes were released by Zyxel on May 24, 2023. The following list of
devices are affected - ATP (versions ZLD V4.32 to V5.36 Patch 1, patched in ZLD
V5.36 Patch 2) USG FLEX (versions ZLD V4.50 to V5.36 Patch 1, patched in ZLD
V5.36 Patch 2) USG FLEX50(W) / USG20(W)-VPN (versions ZLD V4.25 to V5.36 Patch
1, patched in ZLD V5.36 Patch 2) VPN (versions ZLD V4.30 to V5.36 Patch 1,
patched in ZLD V5.36 Patch 2), and ZyWALL/USG (versions ZLD V4.25 to V4.73 Patch
1, patched in ZLD V4.73 Patch 2) While the exa


MICROSOFT: LACE TEMPEST HACKERS BEHIND ACTIVE EXPLOITATION OF MOVEIT TRANSFER
APP

Jun 05, 2023 Zero Day / Cyber Attack
Microsoft has officially linked the  ongoing active exploitation  of a critical
flaw in the Progress Software MOVEit Transfer application to a threat actor it
tracks as  Lace Tempest . "Exploitation is often followed by deployment of a web
shell with data exfiltration capabilities," the Microsoft Threat Intelligence
team  said  in a series of tweets today. "CVE-2023-34362 allows attackers to
authenticate as any user." Lace Tempest, also called Storm-0950, is a ransomware
affiliate that overlaps with other groups such as FIN11, TA505, and Evil Corp.
It's also known to operate the Cl0p extortion site.  The threat actor also has a
track record of exploiting different zero-day flaws to siphon data and extort
victims, with the group recently observed weaponizing a  severe bug in PaperCut
servers . CVE-2023-34362 relates to an SQL injection vulnerability in MOVEit
Transfer that enables unauthenticated, remote attackers to gain access to the
application database
Next Page 

Trending News
Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal
MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited
New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware
Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and
Ring
Popular Resources
Gain Insights, Minimize Risks: Decode the Secrets of Modern Exposure Management
Risk-based Patch Management: Discover, Prioritize, Fix Vulnerabilities with Ease
Discover the Secrets to Effective Threat Hunting for Unbeatable Cybersecurity
Cybersecurity Resources
Save Time on Network Security With This Guide
See how Perimeter 81's network security platform makes an IT Manager's workday
more efficient.
How to Prevent Your Network (And Your Job) From Being at Risk
Learn how to achieve better network security, and reduce your TCO, with a
converged, cloud-based solution. Get your free guide.
The Ultimate Guide to Vulnerability Scanning
Everything you need to know to get started with vulnerability scanning and
choose the right product for your business.
Earn a Master's in Cybersecurity Risk Management
Lead the future of cybersecurity risk management with an online Master's from
Georgetown.

Join 120,000+ Professionals

Sign up for free and start receiving your daily dose of cybersecurity news,
insights and tips.


Email

Connect with us!

894,000 Followers

1,950,000 Followers

452,000 Followers

20,900 Subscribers

144,000 Followers

110,000 Subscribers
Company
 * About THN
 * Advertise with us
 * Contact

Pages
 * Webinars
 * Deals Store
 * Privacy Policy

Deals
 * Hacking
 * Development
 * Android

 RSS Feeds
 Contact Us
© The Hacker News, 2023. All Rights Reserved.