Amazing News...

At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country. "Collectively, the cyber and kinetic actions work to disrupt or degrade Ukrainian government and military functions and from The Hacker News https://ift.tt/u3OtXSa via IFTTT

Airbnb’s design to live and work anywhere 582 by mji | 413 comments on Hacker News.

Bits of advice I wish I had known 568 by npalli | 324 comments on Hacker News.

Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. "By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass from The Hacker News https://ift.tt/EWYfUVb via IFTTT

India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber from The Hacker News https://ift.tt/3bEWzN2 via IFTTT

Gnome patent troll stripped of patent rights 506 by reedciccio | 153 comments on Hacker News.

A new campaign leveraging an exploit kit has been observed abusing an Internet Explorer flaw patched by Microsoft last year to deliver the RedLine Stealer trojan. "When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN from The Hacker News https://ift.tt/j6Xmv8e via IFTTT

Public Money, Public Code 476 by modinfo | 171 comments on Hacker News.

Log4Shell, ProxyShell, ProxyLogon, ZeroLogon, and flaws in Zoho ManageEngine AD SelfService Plus, Atlassian Confluence, and VMware vSphere Client emerged as some of the top exploited security vulnerabilities in 2021. <!--adsense--> That's according to a "Top Routinely Exploited Vulnerabilities" report released by cybersecurity authorities from the Five Eyes nations Australia, Canada, New Zealand from The Hacker News https://ift.tt/BLFZxQh via IFTTT

Cloudflare on Wednesday disclosed that it acted to mitigate a 15.3 million request-per-second (RPS) distributed denial-of-service (DDoS) attack. The web infrastructure and website security company called it one of the "largest HTTPS DDoS attacks on record."  "HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS from The Hacker News https://ift.tt/ZUor5Ox via IFTTT

Network-attached storage (NAS) appliance maker QNAP on Wednesday said it's working on updating its QTS and QuTS operating systems after Netatalk last month released patches to contain seven security flaws in its software. Netatalk is an open-source implementation of the Apple Filing Protocol (AFP), allowing Unix-like operating systems to serve as file servers for Apple macOS computers. <!- from The Hacker News https://ift.tt/AGQkFdW via IFTTT

Be careful with that thing, it's a confidential coffee maker 472 by signa11 | 157 comments on Hacker News.

Apple’s Self Service Repair now available 453 by todsacerdoti | 212 comments on Hacker News.

Elegant six-page proof reveals the emergence of random structure 548 by davidvarela_us | 160 comments on Hacker News.

Principles of Engineering Management 437 by im_dario | 117 comments on Hacker News.

Ask HN: Have you used SQLite as a primary database? 485 by barryhennessy | 313 comments on Hacker News. I periodically hear about projects that use/have used sqlite as their sole datastore. The theory seems to be is that you can test out an idea with fewer dependencies (and cost) and that it scales surprisingly far. There are even distributed versions being built for reliability in the cloud: dqlite by canonical (of Ubuntu fame) and rqlite Given the complexity it seems like there are use cases or needs here that I'm not seeing and I'd be very interested to know more from those who've tried. Have you tried this? Did it go well? Or blow up? Were there big surprises along the way? - https://sqlite.org - https://dqlite.io - https://ift.tt/JOG2SPt

10 years since Google said to “hang tight” about Linux support for Google Drive 514 by politelemon | 209 comments on Hacker News.

Internet spring cleaning: How to delete Instagram, Facebook and other accounts 545 by Ashoka_rkt | 203 comments on Hacker News.

Show HN: This AI Does Not Exist 428 by thesephist | 68 comments on Hacker News. Hey HN! Author of the site here. I tried a few tricks to keep the text-generation part of the site up, but even leaning hard on Huggingface's API and bumping time-outs up, it looks like the site is struggling a bit. I'm going to see if there's anything I can do to keep the text-generation part available, but in the meantime, the pre-generated set should stay pretty stable. Not sure if there's much else I can do without burning a hole in my cloud bills — sorry for the troubles! I've put up a more detailed description of how this works on the GitHub - https://ift.tt/l0fm8rp PS - if anyone at Huggingface is reading this and wants to help out with keeping the API up, that would be super :)

The threat actor behind the prolific Emotet botnet is testing new attack methods on a small scale before co-opting them into their larger volume malspam campaigns, potentially in response to Microsoft's move to disable Visual Basic for Applications (VBA) macros by default across its products. Calling the new activity a "departure" from the group's typical behavior, ProofPoint alternatively  from The Hacker News https://ift.tt/UDch3HQ via IFTTT

The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research. Conti, attributed to a Russia-based threat actor known as Gold Ulrick, is one of the most prevalent malware strains in the ransomware landscape, accounting for 19% of all attacks during the three-month-period from The Hacker News https://ift.tt/xZQnPhN via IFTTT

A state-backed threat actor with ties to the Democratic People's Republic of Korea (DRPK) has been attributed to a spear-phishing campaign targeting journalists covering the country with the ultimate goal of deploying a backdoor on infected Windows systems. The intrusions, said to be the work of Ricochet Chollima, resulted in the deployment of a novel malware strain called GOLDBACKDOOR, an from The Hacker News https://ift.tt/J03hKWX via IFTTT

An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and from The Hacker News https://ift.tt/1ueIEv5 via IFTTT

Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to "execute commands remotely within VirusTotal platform and gain access to its various scans capabilities," Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said in a report from The Hacker News https://ift.tt/Zcsejyd via IFTTT

Twitter set to accept Musk's $43B offer – sources 718 by marban | 1142 comments on Hacker News.

A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim's wallet. "By exploiting the vulnerability, it's possible to decrypt the private keys and seed phrases that are stored in the browser's local storage," Israeli cybersecurity company Check Point said in a report shared from The Hacker News https://ift.tt/GpUhHxa via IFTTT

A new variant of an IoT botnet called BotenaGo has emerged in the wild, specifically singling out Lilin security camera DVR devices to infect them with Mirai malware. Dubbed "Lilin Scanner" by Nozomi Networks, the latest version is designed to exploit a two-year-old critical command injection vulnerability in the DVR firmware that was patched by the Taiwanese company in February 2020. <!- from The Hacker News https://ift.tt/gH06YiW via IFTTT

French fighter jet joy ride goes très, très wrong (2020) 569 by curmudgeon22 | 202 comments on Hacker News.

The U.S. Federal Bureau of Investigation (FBI) is sounding the alarm on the BlackCat ransomware-as-a-service (RaaS), which it said victimized at least 60 entities worldwide between as of March 2022 since its emergence last November. Also called ALPHV and Noberus, the ransomware is notable for being the first-ever malware written in the Rust programming language that's known to be memory safe and from The Hacker News https://ift.tt/G6KQ9Z7 via IFTTT

No one expects young men to do anything and they are responding by doing nothing 496 by Bostonian | 714 comments on Hacker News.

Apple says they're removing my game because it's more than 2 years old 480 by keleftheriou | 279 comments on Hacker News.

My upgrade to 25 Gbit/s Fiber To The Home 506 by secure | 365 comments on Hacker News.

Web color is still broken 597 by Aissen | 196 comments on Hacker News.

Go will use pdqsort in next release 427 by ngaut | 121 comments on Hacker News.

California grid set record of 97% renewable power on April 3 425 by lizparody23 | 267 comments on Hacker News.

Memray: a memory profiler for Python 471 by shcheklein | 45 comments on Hacker News.

Changing std:sort at Google’s scale and beyond 553 by ashvardanian | 154 comments on Hacker News.

A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online.  The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2 from The Hacker News https://ift.tt/NdvTLfp via IFTTT

LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. "It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses," CrowdStrike said in a new report. "It evades detection by targeting Alibaba Cloud's monitoring service and disabling it." Known to strike from The Hacker News https://ift.tt/w5YtsqP via IFTTT

Network-attached storage (NAS) appliance maker QNAP on Thursday said it's investigating its lineup for potential impact arising from two security vulnerabilities that were addressed in the Apache HTTP server last month. The critical flaws, tracked as CVE-2022-22721 and CVE-2022-23943, are rated 9.8 for severity on the CVSS scoring system and impact Apache HTTP Server versions 2.4.52 and earlier from The Hacker News https://ift.tt/X89N7wa via IFTTT

Networking equipment maker Cisco has released security updates to address three high-severity vulnerabilities in its products that could be exploited to cause a denial-of-service (DoS) condition and take control of affected systems. The first of the three flaws, CVE-2022-20783 (CVSS score: 7.5), affects Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software, and stems from The Hacker News https://ift.tt/ZVCv674 via IFTTT

Column – a chartered bank for developers 638 by whockey | 237 comments on Hacker News.

Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if left unresolved, could allow an adversary to remotely gain access to media and audio conversations from affected mobile devices. According to Israeli cybersecurity company Check Point, the issues could be used as a launchpad to carry out remote code execution (RCE) attacks simply by from The Hacker News https://ift.tt/BzJi1kx via IFTTT

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the environment in less than 72 hours from the initial compromise," Varonis security researcher, Nadav Ovadia,  from The Hacker News https://ift.tt/ikEm6gv via IFTTT

Overhauling Mario 64's code to reach 30 FPS and render 6x faster on N64 [video] 512 by kibwen | 179 comments on Hacker News.

The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukraine. "Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks," authorities from Australia, from The Hacker News https://ift.tt/zVUqZBn via IFTTT

Google Docs will “warn you away from inappropriate words”? 503 by memish | 937 comments on Hacker News.

Show HN: Make your PDF look scanned in browser 553 by seedgou | 173 comments on Hacker News. Implement scanyourpdf.com in JavaScript. No backend servers needed.

De-AMP: Cutting out Google and enhancing privacy 524 by w0ts0n | 232 comments on Hacker News.

Canada bans foreign home buyers for two years 606 by cwwc | 784 comments on Hacker News.

Six companies control 90% of what you read, watch, and hear 464 by tomohawk | 236 comments on Hacker News.

James Webb telescope's coldest instrument reaches operating temperature 544 by wglb | 243 comments on Hacker News.

“YouTube-dl” and “Pirate Bay” back on DDG 463 by ikt | 208 comments on Hacker News.

A previously unknown zero-click exploit in Apple's iMessage was used to install mercenary spyware from NSO Group and Candiru against at least 65 individuals as part of a "multi-year clandestine operation." "Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations," the University of Toronto's Citizen Lab said in a from The Hacker News https://ift.tt/Q7c1JZK via IFTTT

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI) and the Treasury Department, warned of a new set of ongoing cyber attacks carried out by the Lazarus Group targeting blockchain companies. Calling the activity cluster TraderTraitor, the infiltrations involve the North Korean state-sponsored advanced persistent threat (APT) from The Hacker News https://ift.tt/whoQ8NM via IFTTT

GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and Travis CI. "Customers should also continue to monitor Heroku and Travis CI for updates on their own investigations into the affected OAuth applications," the from The Hacker News https://ift.tt/IgfAHjF via IFTTT

How well do your Linux security practices stack up in today's challenging operating environment? Are you following the correct processes to keep systems up-to-date and protected against the latest threats? Now you can find out thanks to research independently conducted by the Ponemon Institute. The research sponsored by TuxCare sought to understand better how organizations are currently managing from The Hacker News https://ift.tt/qCJSnTW via IFTTT

The best engineering interview question I've ever gotten 652 by db48x | 318 comments on Hacker News.

Cybersecurity researchers have disclosed a new version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar. "The recent version demonstrated an evolution from Windows Portable Executables (EXE files) to working with Windows installer package files (MSI files)," Palo Alto Networks Unit 42 researchers said in from The Hacker News https://ift.tt/S4ZzaqK via IFTTT

How to write more clearly, think more clearly, and learn complex material [pdf] 618 by Secrethus | 110 comments on Hacker News.

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information. Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, the agency said the infection sequence begins with an email containing a Microsoft Excel document ( from The Hacker News https://ift.tt/doeBkp7 via IFTTT

Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an authenticated remote code execution flaw that could be abused to take over affected websites. Plugin Vulnerabilities, which disclosed the flaw last week, said the bug was introduced in version 3.6.0 that was released on March 22, 2022. Roughly 37% of users of the from The Hacker News https://ift.tt/tACWuYM via IFTTT

Show HN: Slow Social, a social network built for friends, not influencers 588 by CitrusFruits | 303 comments on Hacker News.

Zig self hosted compiler is now capable of building itself 571 by marcthe12 | 180 comments on Hacker News.

My take on Elon's offer for Twitter 551 by slg | 552 comments on Hacker News.

Twitter board adopts poison pill after Musk’s $43B bid to buy company 585 by grogu88 | 888 comments on Hacker News.

Reversing hearing loss with regenerative therapy 534 by maxerickson | 193 comments on Hacker News.

5-min breathing workout lowers blood pressure as much as exercise, drugs (2021) 539 by car | 222 comments on Hacker News.

The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets Control's (OFAC) from The Hacker News https://ift.tt/tTrIzyZ via IFTTT

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. "An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM from The Hacker News https://ift.tt/skNrVgB via IFTTT

DuckDuckGo Removes Pirate Sites and YouTube-DL from Its Search Results 554 by TangerineDream | 301 comments on Hacker News.

A crimeware-related threat actor known as Haskers Gang has released an information-stealing malware called ZingoStealer for free on, allowing other criminal groups to leverage the tool for nefarious purposes. "It features the ability to steal sensitive information from victims and can download additional malware to infected systems," Cisco Talos researchers Edmund Brumaghin and Vanja Svajcer  from The Hacker News https://ift.tt/hzYcFsO via IFTTT

With the ongoing conflict in Eurasia, cyberwarfare is inevitably making its presence felt. The fight is not only being fought on the fields. There is also a big battle happening in cyberspace. Several cyber-attacks have been reported over the past months. Notably, cyber attacks backed by state actors are becoming prominent. There have been reports of a rise of ransomware and other malware from The Hacker News https://ift.tt/B8xUk9N via IFTTT

A U.S. court has sentenced former Ethereum developer Virgil Griffith to five years and three months in prison and pay a $100,000 fine for conspiring with North Korea to help use cryptocurrencies to circumvent sanctions imposed on the country. "There is no question North Korea poses a national security threat to our nation, and the regime has shown time and again it will stop at nothing to ignore from The Hacker News https://ift.tt/p1q6azM via IFTTT

Cybersecurity researchers have disclosed a now-fixed security flaw in the Rarible non-fungible token (NFT) marketplace that, if successfully exploited, could have led to account takeover and theft of cryptocurrency assets. "By luring victims to click on a malicious NFT, an attacker can take full control of the victim's crypto wallet to steal funds," Check Point researchers Roman Zaikin, Dikla from The Hacker News https://ift.tt/IwjnY1i via IFTTT

A threat group that pursues crypto mining and distributed denial-of-service (DDoS) attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things (IoT) devices since last month. "This botnet is mainly derived from Gafgyt's source code but has been observed to borrow several modules from Mirai's original source code," Fortinet from The Hacker News https://ift.tt/b5aGqg8 via IFTTT

Microsoft and a consortium of cybersecurity companies took legal and technical steps to disrupt the ZLoader botnet, seizing control of 65 domains that were used to control and communicate with the infected hosts. "ZLoader is made up of computing devices in businesses, hospitals, schools, and homes around the world and is run by a global internet-based organized crime gang operating malware as a from The Hacker News https://ift.tt/KnqFl46 via IFTTT

The U.S. government on Wednesday warned of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices. "The APT actors have developed custom-made tools for targeting ICS/SCADA devices," multiple U.S. agencies said in an alert. "The tools enable them to scan for, compromise, and control from The Hacker News https://ift.tt/oTCN47i via IFTTT

A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun to actively exploit one of the critical flaws in the wild. Tracked as CVE-2022-22954, the critical issue relates to a remote code execution vulnerability that stems from server-side template injection in VMware Workspace ONE Access and Identity Manager. The from The Hacker News https://ift.tt/7N04iwc via IFTTT

The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday disclosed that it thwarted a cyberattack by Sandworm, a hacking group affiliated with Russia's military intelligence, to sabotage the operations of an unnamed energy provider in the country. "The attackers attempted to take down several infrastructure components of their target, namely: Electrical substations, Windows-operated from The Hacker News https://ift.tt/byUIzRg via IFTTT

Eden 540 by tosh | 190 comments on Hacker News.

An international law enforcement operation raided and took down RaidForums, one of the world's largest hacking forums notorious for selling access to hacked personal information belonging to users. Dubbed Tourniquet, the seizure of the cybercrime website involved authorities from the U.S., U.K., Sweden, Portugal, and Romania, with the criminal investigation resulting in the arrest of the forum's from The Hacker News https://ift.tt/g2AzdrW via IFTTT

Microsoft's Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others. 10 of the 128 bugs fixed are rated Critical, 115 are rated Important, and three are rated Moderate in severity, with one of the flaws from The Hacker News https://ift.tt/SeHibyL via IFTTT

Unsurprisingly, here at Rewind, we've got a lot of data to protect (over 2 petabytes worth). One of the databases we use is called Elasticsearch (ES or Opensearch, as it is currently known in AWS). To put it simply, ES is a document database that facilitates lightning-fast search results. Speed is essential when customers are looking for a particular file or item that they need to restore using  from The Hacker News https://ift.tt/RlSnbwd via IFTTT

Human brain compresses working memories into low-res ‘summaries’ 507 by nihkolberg | 244 comments on Hacker News.

A new traffic direction system (TDS) called Parrot has been spotted leveraging tens of thousands of compromised websites to launch further malicious campaigns. "The TDS has infected various web servers hosting more than 16,500 websites, ranging from adult content sites, personal websites, university sites, and local government sites," Avast researchers Pavel Novák and Jan Rubín said in a report from The Hacker News https://ift.tt/SiAsIr7 via IFTTT

Etsy Strike 656 by KarlKemp | 353 comments on Hacker News.

I must announce the immediate end of service of SSLPing 525 by WelcomeShorty | 211 comments on Hacker News.

Van life (cancer edition) finale 618 by BadCookie | 235 comments on Hacker News.

Sounding the alarm: How noise hurts the heart (2021) 551 by karlzt | 466 comments on Hacker News.

An Ode to Apple’s Hide My Email 536 by mlapida | 270 comments on Hacker News.

MIT graduate students vote to unionize 629 by Metacelsus | 375 comments on Hacker News.

Why I'll never use Affirm again 504 by mabunday | 270 comments on Hacker News.

Cybersecurity researchers are warning of two different information-stealing malware, named FFDroider and Lightning Stealer, that are capable of siphoning data and launching further attacks. "Designed to send stolen credentials and cookies to a Command & Control server, FFDroider disguises itself on victim's machines to look like the instant messaging application 'Telegram,'" Zscaler ThreatLabz from The Hacker News https://ift.tt/DoOeL0k via IFTTT

Heresy 792 by prtkgpt | 1189 comments on Hacker News.

Microsoft last week announced that it intends to make generally available a feature called Autopatch as part of Windows Enterprise E3 in July 2022. "This service will keep Windows and Office software on enrolled endpoints up-to-date automatically, at no additional cost," said Lior Bela, senior product marketing manager at Microsoft, in a post last week. "The second Tuesday of every month will be from The Hacker News https://ift.tt/rsbu2zB via IFTTT

Persepolis of ancient Persia rendered in WebGL 765 by avestura | 182 comments on Hacker News.

Dall-E 2 illustrations of Twitter bios 758 by manesioz | 343 comments on Hacker News.

The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. "The exploitation allows threat actors to download the Mirai sample to the '/tmp' folder and execute them after permission change using 'chmod,'" Trend Micro researchers Deep Patel, Nitesh from The Hacker News https://ift.tt/gxW4znN via IFTTT

China-linked adversaries have been attributed to an ongoing onslaught against Indian power grid organizations, one year after a concerted campaign targeting critical infrastructure in the country came to light. Most of the intrusions involved a modular backdoor named ShadowPad, according to Recorded Future's Insikt Group, a sophisticated remote access trojan which has been dubbed a "masterpiece from The Hacker News https://ift.tt/MNAUkX9 via IFTTT

Cybersecurity researchers have uncovered further links between BlackCat (aka AlphaV) and BlackMatter ransomware families, the former of which emerged as a replacement following international scrutiny last year. "At least some members of the new BlackCat group have links to the BlackMatter group, because they modified and reused a custom exfiltration tool [...] and which has only been observed in from The Hacker News https://ift.tt/kh8aXK7 via IFTTT

The computers used to do 3D animation for Final Fantasy VII in 1996 688 by marcobambini | 327 comments on Hacker News.

A 32-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for the individual's criminal work as a "high-level hacker" in the financially motivated group FIN7. Denys Iarmak, who worked as a penetration tester for the cartel from November 2016 through November 2018, had been previously arrested in Bangkok, Thailand in November 2019, before being extradited to the U.S. from The Hacker News https://ift.tt/syoNJpT via IFTTT

Canada to ban foreigners from buying homes 713 by thazework | 697 comments on Hacker News.

Microsoft on Thursday disclosed that it obtained a court order to take control of seven domains used by APT28, a state-sponsored group operated by Russia's military intelligence service, with the goal of neutralizing its attacks on Ukraine. "We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium's current use of these domains and enable from The Hacker News https://ift.tt/Kv3EYtj via IFTTT

A number of rogue Android apps that have been cumulatively installed from the official Google Play Store more than 50,000 times are being used to target banks and other financial entities. The rental banking trojan, dubbed Octo, is said to be a rebrand of another Android malware called ExobotCompact, which, in turn, is a "lite" replacement for its Exobot predecessor, Dutch mobile security firm from The Hacker News https://ift.tt/ROXvYUJ via IFTTT

A first-of-its-kind malware targeting Amazon Web Services' (AWS) Lambda serverless computing platform has been discovered in the wild. Dubbed "Denonia" after the name of the domain it communicates with, "the malware uses newer address resolution techniques for command and control traffic to evade typical detection measures and virtual network access controls," Cado Labs researcher Matt Muir said from The Hacker News https://ift.tt/Kjd3H6z via IFTTT

A threat actor with affiliations to the cyber warfare division of Hamas has been linked to an "elaborate campaign" targeting high-profile Israeli individuals employed in sensitive defense, law enforcement, and emergency services organizations. "The campaign operators use sophisticated social engineering techniques, ultimately aimed to deliver previously undocumented backdoors for Windows and from The Hacker News https://ift.tt/HJb26ZT via IFTTT

During the last week of March, three major tech companies - Microsoft, Okta, and HubSpot - reported significant data breaches. DEV-0537, also known as LAPSUS$, performed the first two. This highly sophisticated group utilizes state-of-the-art attack vectors to great success. Meanwhile, the group behind the HubSpot breach was not disclosed. This blog will review the three breaches based on from The Hacker News https://ift.tt/SK1nley via IFTTT

As many as seven malicious Android apps discovered on the Google Play Store masqueraded as antivirus solutions to deploy a banking trojan called SharkBot. "SharkBot steals credentials and banking information," Check Point researchers Alex Shamshur and Raman Ladutska said in a report shared with The Hacker News. "This malware implements a geofencing feature and evasion techniques, which makes it from The Hacker News https://ift.tt/UF0ZdIT via IFTTT

Cybersecurity researchers have detailed a "simple but efficient" persistence mechanism adopted by a relatively nascent malware loader called Colibri, which has been observed deploying a Windows information stealer known as Vidar as part of a new campaign. "The attack starts with a malicious Word document deploying a Colibri bot that then delivers the Vidar Stealer," Malwarebytes Labs said in an from The Hacker News https://ift.tt/m1oIsKC via IFTTT

The U.S. Department of Justice (DoJ) announced that it neutralized Cyclops Blink, a modular botnet controlled by a threat actor known as Sandworm, which has been attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). "The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used from The Hacker News https://ift.tt/8QBZcep via IFTTT

VMware has released security updates to patch eight vulnerabilities spanning its products, some of which could be exploited to launch remote code execution attacks. Tracked from CVE-2022-22954 to CVE-2022-22961 (CVSS scores: 5.3 - 9.8), the issues impact VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager from The Hacker News https://ift.tt/xKyZ9Dn via IFTTT

Dall-E 2 655 by yigitdemirag | 223 comments on Hacker News.

Threat actors have been distributing malicious applications under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks since at least November 2021. The attacks involved setting up fraudulent but legitimate-looking websites to trick users into downloading the apps, Slovak cybersecurity firm ESET said in a report shared with The Hacker News. The copycat from The Hacker News https://ift.tt/zQnkBOt via IFTTT

Ukraine's technical security and intelligence service is warning of a new wave of cyber attacks that are aimed at gaining access to users' Telegram accounts. "The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS," the State Service of Special Communication and from The Hacker News https://ift.tt/9nJojVa via IFTTT

Block, the company formerly known as Square, has disclosed a data breach that involved a former employee downloading unspecified reports pertaining to its Cash App Investing that contained information about its U.S. customers. "While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after from The Hacker News https://ift.tt/bJIR2X6 via IFTTT