Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected

A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant's threat intelligence team is tracking the activity, which includes post-compromise credential access and network system discovery, under the name Volt Typhoon. The

The Hacker News
Open in Source
#web#mac#windows#microsoft#git#intel#backdoor#zero_day#The Hacker News
Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware

The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations. Agrius, also known as Pink Sandstorm (formerly Americium), has a track record of staging destructive data-wiping attacks aimed at Israel under the guise of ransomware infections. Microsoft has attributed the threat actor to Iran's Ministry of

The Security Hole at the Heart of ChatGPT and Bing

Indirect prompt-injection attacks can leave people vulnerable to scams and data theft when they use the AI chatbots.

China Hacks US Critical Networks in Guam, Raising Cyberwar Fears

Researchers say the state-sponsored espionage operation may also lay the groundwork for disruptive cyberattacks.

'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs

According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.

Appdome Launches Build-to-Test, Automated Testing Option for Protected Mobile Apps

New capability streamlines automated testing of cybersecurity and anti-fraud features in android and iOS apps in virtual and cloud testing suites.

FusionInvoice 2023-1.0 Cross Site Scripting

FusionInvoice version 2023-1.0 suffers from a persistent cross site scripting vulnerability.

Memcyco Introduces Real-Time Solution to Combat Brandjacking

By Owais Sultan Memcyco Unveils Groundbreaking Solution to Combat Brandjacking in Real Time, Safeguarding Digital Trust and Reinforcing Brand Reputation. This is a post from HackRead.com Read the original post: Memcyco Introduces Real-Time Solution to Combat Brandjacking

Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Iranian threat actor tracked as Tortoiseshell, which is also called Crimson Sandstorm (previously Curium), Imperial Kitten, and TA456. "The infected

N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware

The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center (ASEC), which detailed the advanced persistent threat's (APT) continued abuse of DLL side-loading techniques to deploy malware. "The