1. Home
  2. Discover
  3. Technology
  4. The Hacker News

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

The Hacker News Daily Updates
Newsletter
cover

Protecting the Endpoint to Work from Anywhere

As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts.

Download Now Sponsored
LATEST NEWS Dec 29, 2022

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), which were addressed by the virtualization services provider on November 8 and December 13, 2022, respectively. While ...

Read More
Twitter Facebook LinkedIn

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software

Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google search results in the form of malicious ads by hijacking searches for ...

Read More
Twitter Facebook LinkedIn

BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies

Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users' digital currencies. "With maliciously implanted code, the altered APK led to the leak of user's private keys and enabled the hacker to move funds," BitKeep CEO Kevin Como said, describing it as a ...

Read More
Twitter Facebook LinkedIn

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Microsoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as an initial intrusion ...

Read More
Twitter Facebook LinkedIn

BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain, Kaspersky disclosed in a report published today. ...

Read More
Twitter Facebook LinkedIn

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed third-party apps such as those used by Cambridge Analytica to access users' personal information without their consent for ...

Read More
Twitter Facebook LinkedIn

GuLoader Malware Utilizing New Techniques to Evade Security Software

Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. "New shellcode anti-analysis technique attempts to thwart researchers and hostile environments by scanning entire process memory for any virtual machine (VM)-related strings," CrowdStrike researchers Sarang Sonawane and Donato Onofri said in ...

Read More
Twitter Facebook LinkedIn

2022 Top Five Immediate Threats in Geopolitical Context

As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate security posture management platform between January 1st ...

Read More
Twitter Facebook LinkedIn
cover

Protecting the Endpoint to Work from Anywhere

As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts.

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

Decentralized multichain crypto wallet Citrix Application Delivery Controller New shellcode antianalysis technique CrowdStrike researchers Sarang Sonawane BitKeep CEO Kevin Como two critical security flaws Cambridge Analytica Data Leak Top Five Immediate Threats many threat actors advanced malware downloader virtualization services provider typosquatted domain names notorious Lazarus Group optical disk image novel infection chain social media giant entire process memory New Malvertising Campaign virtual hard disk Google search results commodity malware families Malicious Excel Addins Initial Intrusion Vector Windows MotW Protection running classaction lawsuit BlueNoroff APT Hackers users digital currencies

Older messages

Go For DevOps ($5.00 Value) FREE for a Limited Time

Wednesday, December 28, 2022

The Hacker News eBook Update Newsletter Go For DevOps ($5.00 Value) FREE for a Limited Time Download For Free With the help of Go for DevOps, you'll learn how to deliver services with ease and

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Wednesday, December 28, 2022

The Hacker News Daily Updates Newsletter cover Moving Past Passwords (At Last!) 7 Key Takeaways to Passwordless Authentication Download Now Sponsored LATEST NEWS Dec 28, 2022 BitKeep Confirms Cyber

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Tuesday, December 27, 2022

The Hacker News Daily Updates Newsletter cover Data in Motion to Accelerate Your Mission Learn how a cohesive enterprise data strategy that fosters data movement with built-in analytics and AI can help

GuLoader Malware Utilizing New Techniques to Evade Security Software

Monday, December 26, 2022

The Hacker News Daily Updates Newsletter cover Top 10 CMMS Software for 2022--Free Analyst Report Get an expert comparison of the top computerized maintenance management system (CMMS) software.

FrodoPIR: New Privacy-Focused Database Querying System

Saturday, December 24, 2022

The Hacker News Daily Updates Newsletter cover Top 10 CMMS Software for 2022--Free Analyst Report Get an expert comparison of the top computerized maintenance management system (CMMS) software.

You Might Also Like

🐍 New Python tutorials on Real Python

Saturday, April 27, 2024

Hey there, There's always something going on over at realpython.com as far as Python tutorials go. Here's what you may have missed this past week: Write Unit Tests for Your Python Code With

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Saturday, April 27, 2024

THN Daily Updates Newsletter cover Webinar -- Uncovering Contemporary DDoS Attack Tactics -- and How to Fight Back Stop DDoS Attacks Before They Stop Your Business... and Make You Headline News.

This Smart Scale for iPhone Is the Best on the Market

Saturday, April 27, 2024

The ultimate checkup, with electrocardiogram.¹ Learn about your body at every weigh-in: pinpoint muscle and fat mass, monitor your cardiovascular health and detect a cardiac anomaly. Body Scan, the

How are you liking the Tip of the Day?

Saturday, April 27, 2024

Dear iPhone Life Reader, Now that you've been enjoying Tip of the Day for a few weeks, we have a quick favor to ask: If you've found the daily emails helpful, please share this link with a

📧 Request Response Messaging Pattern With MassTransit

Saturday, April 27, 2024

​ Request Response Messaging Pattern With MassTransit Read on: m​y website / Read time: 5 minutes BROUGHT TO YOU BY ​ Get ready for POST/CON 24! ​ Join us in San Francisco from April 30 - May 1 for

Tesla Autopilot investigation closed

Friday, April 26, 2024

Inside the IBM-HashiCorp deal and Thoma Bravo takes another company private View this email online in your browser By Christine Hall Friday, April 26, 2024 Good afternoon, and welcome to TechCrunch PM.

Microsoft's and Google's bet on AI is paying off - Weekly News Roundup - Issue #464

Friday, April 26, 2024

Plus: AI-controlled F-16 has been dogfighting with humans; Grok-1.5 Vision; BionicBee; Microsoft's AI generates realistic deepfakes from a single photo; and more! ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

🤓 The Meta Quest Might Be the VR Steam Deck Soon — Games to Play After Finishing Wordle

Friday, April 26, 2024

Also: Why a Cheap Soundbar Is Better Than Nothing, and More! How-To Geek Logo April 26, 2024 Did You Know TMI: Rhinotillexomania is the medical term for obsessive nose picking. 🖥️ Get Those Updates

JSK Daily for Apr 26, 2024

Friday, April 26, 2024

JSK Daily for Apr 26, 2024 View this email in your browser A community curated daily e-mail of JavaScript news A Solid primer on Signals with Ryan Carniato (JS Party #320) Ryan Carniato joins Amal

So are we banning TikTok or what?

Friday, April 26, 2024

Also: Can an influencer really tank an $800M company? View this email online in your browser By Haje Jan Kamps Friday, April 26, 2024 Image Credits: Jonathan Raa/NurPhoto / Getty Images Welcome to