Collaborate Disseminate
Researchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild.
The post North Korean-linked hackers were caught experimenting with new macOS malware appeared first on CyberScoop.
Continue reading North Korean-linked hackers were caught experimenting with new macOS malware
Really interesting story of Sophos’s five-year war against Chinese hackers.
Continue reading Sophos Versus the Chinese Hackers
A US $10 million reward is being offered to anyone who has information about four members of an Iranian hacking group.
The US government’s Rewards for Justice initiative is making the reward available for information about four men believed to be me… Continue reading US offers $10 million bounty for members of Iranian hacking gang
At least 50 organizations have been hit by the campaign, Fortinet and Mandiant say, and federal agencies are on the hook to patch.
The post Fortinet warns of active campaign exploiting bug in FortiManager products appeared first on CyberScoop.
Continue reading Fortinet warns of active campaign exploiting bug in FortiManager products
At least 50 organizations have been hit by the campaign, Fortinet and Mandiant say, and federal agencies are on the hook to patch.
The post Fortinet warns of active campaign exploiting bug in FortiManager products appeared first on CyberScoop.
Continue reading Fortinet warns of active campaign exploiting bug in FortiManager products
AI adoption and integration has continued its rapid momentum within the hacking community, according to Bugcrowd. Nevertheless, it continues to pose both benefits and unfortunate cyber risks. This year’s report revealed a significant shift in the… Continue reading Hackers are finding new ways to leverage AI
The Xbox 360 was a difficult console to jailbreak. Microsoft didn’t want anyone running unsigned code, and darn if they didn’t make it difficult to do so. However, some nifty …read more Continue reading A Robust Guide To The Xbox 360 Glitch Hack
Well, that was “fun”. Last week, we wrote a newsletter post about the state of Hackaday’s comments. We get good ones and bad ones, and almost all the time, we …read more Continue reading Hackaday Hacked!
Data from Egress looks at how hackers are successfully evading email security filters.
The post Here’s how attackers are getting around phishing defenses appeared first on CyberScoop.
Continue reading Here’s how attackers are getting around phishing defenses
Perfectl in an impressive piece of malware:
The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. It can also exploit CVE-2023-33246, a vulnerability with a severity rating of 10 out of 10 that was patched last year in Apache RocketMQ, a messaging and streaming platform that’s found on many Linux machines.
The researchers are calling the malware Perfctl, the name of a malicious component that surreptitiously mines cryptocurrency. The unknown developers of the malware gave the process a name that combines the perf Linux monitoring tool and ctl, an abbreviation commonly used with command line tools. A signature characteristic of Perfctl is its use of process and file names that are identical or similar to those commonly found in Linux environments. The naming convention is one of the many ways the malware attempts to escape notice of infected users…