1. Home
  2. Discover
  3. Technology
  4. The Hacker News

Today's Cybersecurity Stories: SpyNote Spyware, CircleCI Breach, Fortinet and Zoho Flaws

The Hacker News Daily Updates
Newsletter
cover

Cybersecurity -- Attack and Defense Strategies - Third Edition ($5.00 Value) FREE for a Limited Time

Cybersecurity -- Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture.

Download Now Sponsored
LATEST NEWS Jan 5, 2023

Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain

A financially motivated threat actor tracked as Blind Eagle has resurfaced with a refined toolset and an elaborate infection chain as part of its attacks targeting organizations in Colombia and Ecuador. Check Point's latest research offers new insights into the Spanish-speaking group's tactics and techniques, including the use of sophisticated tools and government-themed lures to activate ...

Read More
Twitter Facebook LinkedIn

Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations

A cybercrime group dubbed Bluebottle has been linked to a set of targeted attacks against the financial sector in Francophone countries located in Africa from at least July 2022 to September 2022. "The group makes extensive use of living-off-the-land, dual use tools, and commodity malware, with no custom malware deployed in this campaign," Symantec, a division of Broadcom Software, said in ...

Read More
Twitter Facebook LinkedIn

Leave manual compliance and risk tasks in 2022. Automate it with Drata.

Automate risk management, evidence collection, and control monitoring. Book a demo here.

Read More
Twitter Facebook LinkedIn

SpyNote Strikes Again: Android Spyware Targeting Financial Institutions

Financial institutions are being targeted by a new version of Android malware called SpyNote at least since October 2022. "The reason behind this increase is that the developer of the spyware, who was previously selling it to other actors, made the source code public," ThreatFabric said in a report shared with The Hacker News. "This has helped other actors [in] developing and distributing ...

Read More
Twitter Facebook LinkedIn

Mitigate the LastPass Attack Surface in Your Environment with this Free Tool

The latest breach announced by LastPass is a major cause for concern to security stakeholders. As often occurs, we are at a security limbo – on the one hand, as LastPass has noted, users who followed LastPass best practices would be exposed to practically zero to extremely low risk. However, to say that password best practices are not followed is a wild understatement. The reality is that ...

Read More
Twitter Facebook LinkedIn

CircleCI Urges Customers to Rotate Secrets Following Security Incident

DevOps platform CircleCI on Wednesday urged its customers to rotate all their secrets following an unspecified security incident. The company said an investigation is currently ongoing, but emphasized that "there are no unauthorized actors active in our systems." Additional details are expected to be shared in the coming days. "Immediately rotate any and all secrets stored in ...

Read More
Twitter Facebook LinkedIn

The Evolving Tactics of Vidar Stealer: From Phishing Emails to Social Media

The notorious information-stealer known as Vidar is continuing to leverage popular social media services such as TikTok, Telegram, Steam, and Mastodon as an intermediate command-and-control (C2) server. "When a user creates an account on an online platform, a unique account page that can be accessed by anyone is generated," AhnLab Security Emergency Response Center (ASEC) disclosed in ...

Read More
Twitter Facebook LinkedIn

Fortinet and Zoho Urge Customers to Patch Enterprise Software Vulnerabilities

Fortinet has warned of a high-severity flaw affecting multiple versions of FortiADC application delivery controller that could lead to the execution of arbitrary code. "An improper neutralization of special elements used in an OS command vulnerability in FortiADC may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted ...

Read More
Twitter Facebook LinkedIn
cover

Cybersecurity -- Attack and Defense Strategies - Third Edition ($5.00 Value) FREE for a Limited Time

Cybersecurity -- Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture.

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

FortiADC application delivery controller popular social media services elaborate infection chain FrenchSpeaking African Nations password best practices strong security posture Sophisticated Infection Chain Enterprise Software Vulnerabilities OS command vulnerability current threat landscape unspecified security incident Blind Eagle Hackers LastPass best practices unique account page DevOps platform CircleCI dual use tools LastPass Attack Surface Bluebottle Cybercrime Group

Older messages

Zero Trust Access for Dummies

Wednesday, January 4, 2023

The Hacker News eBook Update Newsletter Zero Trust Access for Dummies. Never trust. Always verify. Download For Free Throughout this book, you will see special icons that call attention to important

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner

Wednesday, January 4, 2023

The Hacker News Daily Updates Newsletter cover Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans

PyTorch Machine Learning Framework Compromised with Malicious Dependency

Tuesday, January 3, 2023

The Hacker News Daily Updates Newsletter cover Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans

WordPress Security Alert: New Linux Malware Exploiting Over Two Dozen CMS Flaws

Monday, January 2, 2023

The Hacker News Daily Updates Newsletter cover Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans

Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

Saturday, December 31, 2022

The Hacker News Daily Updates Newsletter cover Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans

You Might Also Like

Your Phone’s Other Number 📱

Saturday, April 27, 2024

Let's talk about your phone's IMEI number. Here's a version for your browser. Hunting for the end of the long tail • April 27, 2024 Today in Tedium: As you may know, Tedium is a blog and/or

🕹️ How to Play Retro Games for Free on iPhone — Why I Can't Live Without an eReader

Saturday, April 27, 2024

Also: Anker MagGo (Qi2) Power Bank Review, and More! How-To Geek Logo April 27, 2024 📩 Get expert reviews, the hottest deals, how-to's, breaking news, and more delivered directly to your inbox by

Weekend Reading — The Bob Ross of programming

Saturday, April 27, 2024

This week we use coffee tasting as our design practice, get as close to and as far away from the metal as possible, find an easier way to write documentation, discover why Google Search is getting so

Issue #538: All the Jam entries, Panthera 2, and Tristram

Saturday, April 27, 2024

Weekly newsletter about HTML5 Game Development. Is this email not displaying correctly? View it in your browser. Issue #538 - April 26th 2024 If you have anything you want to share with the HTML5 game

Daily Coding Problem: Problem #1424 [Easy]

Saturday, April 27, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Microsoft. Implement a URL shortener with the following methods: shorten(url) , which

Charted | Countries That Became More Happy (or Unhappy) Since 2010 😅

Saturday, April 27, 2024

Which countries had the highest happiness gains since 2010? Which became sadder? View Online | Subscribe Presented by Voronoi: The App Where Data Tells the Story FEATURED STORY Countries With the

Noonification: What Is E-Waste Hacking?

Saturday, April 27, 2024

Top Tech Content sent at Noon! The first AI-powered startup unlocking the “billionaire economy” for your benefit How are you, @newsletterest1? 🪐 What's happening in tech this week: The

TikTok faces a ban in the US, Tesla profits drop and healthcare data leaks

Saturday, April 27, 2024

Plus: Amazon's new delivery subscription and a deep dive on Rippling View this email online in your browser By Kyle Wiggers Saturday, April 27, 2024 Image Credits: TechCrunch Welcome, folks, to

🐍 New Python tutorials on Real Python

Saturday, April 27, 2024

Hey there, There's always something going on over at realpython.com as far as Python tutorials go. Here's what you may have missed this past week: Write Unit Tests for Your Python Code With

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Saturday, April 27, 2024

THN Daily Updates Newsletter cover Webinar -- Uncovering Contemporary DDoS Attack Tactics -- and How to Fight Back Stop DDoS Attacks Before They Stop Your Business... and Make You Headline News.