Category Security

Meta has been fined €251m ($263m) by the Irish Data Protection Commission (DPC) for a massive 2018 data breach which impacted around 29 million Facebook accounts. The incident in question arose between September 14-28 2018, when unauthorized individuals exploited a vulnerability…

Dec 18, 2024The Hacker NewsThreat Detection / Endpoint Security Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data…

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode extensions and npm packages. These campaigns compromise local development environments and pose risks to broader software supply chains. From VSCode…

Dec 18, 2024Ravie LakshmananCyber Espionage / Malware The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files. The activity, which has targeted…

A sharp increase in phishing attacks, including a 202% rise in overall phishing messages in the second half of 2024, has been identified by cybersecurity experts. According to SlashNext’s 2024 Phishing Intelligence Report, a substantial 703% surge in credential phishing…

Having been at ActiveState for nearly eight years, I’ve seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code. ActiveState…

US federal agencies and departments have been mandated to implement new cybersecurity practices for cloud services. The Cybersecurity and Infrastructure Security Agency (CISA) published Binding Operational Directive 25-01: Implementing Secure Practices for Cloud Services on December 17, which sets out…

Dec 18, 2024Ravie LakshmananEmail Security / Cloud Security Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ Microsoft Azure cloud infrastructure. The campaign…

Online romance and investment scams are painful enough without its victims being described as “pigs.” And yet, for some years we’ve called fraud related to such frauds as “pig butchering.” INTERPOL has decided enough is enough and is calling for…

A threat actor has been observed using vishing via Microsoft Teams to deploy DarkGate malware and gain remote control over the victim’s computer network. Trend Micro reported that the attacker posed as an employee of a known client on an…