The Hacker News

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass

Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024.

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration.

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft's "Microsoft Corporation UEFI CA 2011" third-party UEFI certificate, according to a new report from ESET.

Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks

Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution.

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains

The new evidence suggests that Pyongyang-based threat groups may have pulled off illicit money-making scams that predate the use of IT workers, SecureWorks Counter Threat Unit (CTU) said in a report shared with The Hacker News.

Researchers Uncover Flaws in Rsync File Synchronization Tool

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client.

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms.

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

The value of cryptocurrency received by wallets used by HuiOne Guarantee and its vendors surpassed $4 billion in the fourth quarter of 2024 alone. In contrast, the Hydra marketplace received approximately $5.2 billion during its six-year lifespan.

RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns

Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024.

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics

Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags