Welcome, Guest
You have to register before you can post on our site.

Username/Email:
  

Password
  





Search Forums

(Advanced Search)

Online Users
There are currently 12 online users.
» 0 Member(s) | 10 Guest(s)
Bing, Google

Latest Threads
Mysterious Kill Switch Di...
Forum: The Hacker News
Last Post: yazrozzarn
01-10-2026, 04:36 AM
» Replies: 1
» Views: 874
UAW drops unfair labor pr...
Forum: Other Automakers
Last Post: BillyMum
06-16-2025, 09:15 PM
» Replies: 2
» Views: 2,571
Uber's Ex-CISO Appeals Co...
Forum: Dark Reading.com
Last Post: BillyMum
06-15-2025, 05:26 AM
» Replies: 2
» Views: 3,815
2021 Hyundai Ioniq SEL
Forum: Kia USB Entry
Last Post: HackMaster
03-31-2025, 07:17 AM
» Replies: 0
» Views: 463
Vulnerability of Remote K...
Forum: Keyless entry
Last Post: HackMaster
03-31-2025, 07:14 AM
» Replies: 0
» Views: 358
The (In)Security of Autom...
Forum: Keyless entry
Last Post: HackMaster
03-31-2025, 07:12 AM
» Replies: 0
» Views: 337
Relay Attacks on Passive ...
Forum: Keyless entry
Last Post: HackMaster
03-31-2025, 07:07 AM
» Replies: 0
» Views: 328
Hacking Tesla from Wirele...
Forum: Tesla
Last Post: HackMaster
03-31-2025, 06:58 AM
» Replies: 0
» Views: 367
Hacking Tesla from Wirele...
Forum: Tesla
Last Post: HackMaster
03-31-2025, 06:22 AM
» Replies: 0
» Views: 354
Schematics and Datasheets
Forum: Schematics
Last Post: HackMaster
02-27-2025, 12:26 AM
» Replies: 0
» Views: 314

 
  Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket.
"[RustBucket] communicates with command and control (C2) servers to download and execute various payloads," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week. 
The Apple device management company attributed it

https://thehackernews.com/2023/04/lazaru...apple.html

Print this item

  Modernizing Vulnerability Management: The Move Toward Exposure Management
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Modernizing Vulnerability Management: The Move Toward Exposure Management

Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present the same level of risk. Traditional metrics such as CVSS score or the number of vulnerabilities are insufficient for effective vulnerability management as they lack business context, prioritization, and understanding of

https://thehackernews.com/2023/04/modern...ement.html

Print this item

  Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to deploy an updated version of a Windows backdoor called PowerLess.
Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated Manticore, which exhibits "strong overlaps" with a hacking crew known as APT35, Charming Kitten,

https://thehackernews.com/2023/04/irania...cated.html

Print this item

  New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks

Details have emerged about a high-severity security vulnerability impacting Service Location Protocol (SLP) that could be weaponized to launch volumetric denial-of-service attacks against targets.
"Attackers exploiting this vulnerability could leverage vulnerable instances to launch massive Denial-of-Service (DoS) amplification attacks with a factor as high as 2,200 times, potentially making it

https://thehackernews.com/2023/04/new-sl...d-let.html

Print this item

  VMware Releases Critical Patches for Workstation and Fusion Software
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

VMware Releases Critical Patches for Workstation and Fusion Software

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution.
The vulnerability, tracked as CVE-2023-20869 (CVSS score: 9.3), is described as a stack-based buffer-overflow vulnerability that resides in the functionality for sharing host Bluetooth devices with the

https://thehackernews.com/2023/04/vmware...s-for.html

Print this item

  Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE

The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution.
The vulnerability, tracked as CVE-2023-27524 (CVSS score: 8.9), impacts versions up to and including 2.0.1 and relates to the use of a default SECRET_KEY that could be abused by attackers to authenticate and access

https://thehackernews.com/2023/04/apache...ecure.html

Print this item

  Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks

The browser serves as the primary interface between the on-premises environment, the cloud, and the web in the modern enterprise. Therefore, the browser is also exposed to multiple types of cyber threats and operational risks. 
In light of this significant challenge, how are CISOs responding?
LayerX, Browser Security platform provider, has polled more than 150 CISOs across multiple verticals and

https://thehackernews.com/2023/04/browse...-saas.html

Print this item

  Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China

The advanced persistent threat (APT) group referred to as Evasive Panda has been observed targeting an international non-governmental organization (NGO) in Mainland China with malware delivered via update channels of legitimate applications like Tencent QQ.
The attack chains are designed to distribute a Windows installer for MgBot malware, ESET security researcher Facundo Muñoz said in a new

https://thehackernews.com/2023/04/chines...re-to.html

Print this item

  Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks

The prolific Iranian nation-state group known as Charming Kitten is actively targeting multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools.
Discovered by Bitdefender Labs, BellaCiao is a "personalized dropper" that's capable of delivering other malware payloads onto a victim machine based on

https://thehackernews.com/2023/04/charmi...lware.html

Print this item

  Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks
Posted by: The Hacker News - 04-26-2023, 06:40 PM - Forum: The Hacker News - No Replies

Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks

The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033.
That's according to findings from Palo Alto Networks Unit 42, which discovered recent malicious cyber activity carried out by the group targeting South Africa and Nepal.
Alloy Taurus is the constellation-themed moniker assigned to a

https://thehackernews.com/2023/04/chines...linux.html

Print this item