The Hacker News

New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits

A new highly capable and persistent threat actor has been targeting major high-profile public and private entities in the U.S. as part of a series of targeted cyber intrusion attacks by exploiting internet-facing Microsoft Internet Information Services (IIS) servers to infiltrate their networks. Israeli cybersecurity …

New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits Read More »

Dutch Police Arrest Two Hackers Tied to “Fraud Family” Cybercrime Ring

Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what’s known as a “Fraud-as-a-Service” operation. The apprehended suspects, a 24-year-old software …

Dutch Police Arrest Two Hackers Tied to “Fraud Family” Cybercrime Ring Read More »

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection

Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed “MosaicLoader” that singles out individuals searching for cracked software as part of a global campaign. The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the …

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection Read More »

16-Year-Old Security Bug Affects Millions of HP, Samsung, Xerox Printers

Details have emerged about a high severity security vulnerability affecting a software driver used in HP, Xerox, and Samsung printers that has remained undetected since 2005. Tracked as CVE-2021-3438 (CVSS score: 8.8), the issue concerns a buffer overflow in a print driver installer package named …

16-Year-Old Security Bug Affects Millions of HP, Samsung, Xerox Printers Read More »

China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government

The Cyberspace Administration of China (CAC) has issued new stricter vulnerability disclosures regulations that mandate security researchers uncovering critical flaws in computer systems to mandatorily disclose them first-hand to the government authorities within two days of filing a report. The “Regulations on the Management of …

China’s New Law Requires Researchers to Report All Zero-Day Bugs to Government Read More »

China’s Cyberspies Targeting Southeast Asian Government Entities

A sweeping and “highly active campaign” that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research. Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them …

China’s Cyberspies Targeting Southeast Asian Government Entities Read More »

16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain

Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. The arrests were made in Ribeira (A Coruña), Madrid, Parla and Móstoles …

16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain Read More »

Chinese Hackers Exploit Latest SolarWinds 0-Day to Target U.S. Defense Firms

Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution (RCE) exploit is the handiwork of a Chinese threat actor dubbed “DEV-0322.” The revelation comes days after the Texas-based IT monitoring software …

Chinese Hackers Exploit Latest SolarWinds 0-Day to Target U.S. Defense Firms Read More »

Scroll to Top