1. Home
  2. Discover
  3. Technology
  4. The Hacker News

Linux Users Beware - SysUpdate Malware Strikes Again with Sneaky Evasion Tactics!

The Hacker News Daily Updates
Newsletter
cover

The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats

Say goodbye to the myths and hello to the facts - Register for our webinar on file-based threats now!

Download Now Sponsored
LATEST NEWS Mar 2, 2023

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers

Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. "Underpinning this campaign was the use of transfer[.]sh," Cado Security said in a report shared with The Hacker News. "It's possible that it's an attempt at evading detections based on other common ...

Read More
Twitter Facebook LinkedIn

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser security vendor, finds that attackers are exploiting this reality and are targeting it in ...

Read More
Twitter Facebook LinkedIn

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind. "The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to ...

Read More
Twitter Facebook LinkedIn

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity company Trend ...

Read More
Twitter Facebook LinkedIn

Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack

Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input. ...

Read More
Twitter Facebook LinkedIn

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates (aka SocGholish) malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware. It notably employs search engine optimization ...

Read More
Twitter Facebook LinkedIn

BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape. "This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled," Slovak cybersecurity company ESET said in a report shared with The Hacker ...

Read More
Twitter Facebook LinkedIn

CISOs Are Stressed Out and It's Putting Companies at Risk

Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of how employee mental health impacts business outcomes.  But for cybersecurity professionals, stress has always been a part of the job. A new survey revealed that one of the most concerning aspects of employee mental health is how it impacts cybersecurity programs ...

Read More
Twitter Facebook LinkedIn
cover

The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats

Say goodbye to the myths and hello to the facts - Register for our webinar on file-based threats now!

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

two disparate threat campaigns Cyber Threat Intelligence team Six different law firms The Hacker News Webinar New Cryptojacking Campaign Leverages Cisco IP Phone Series First UEFI Bootkit Malware webbased management interface novel cryptojacking campaign primary working interface A MythBusting Special Redis Database Servers Major Browsing Risks search engine optimization New Evasion Tactics FullyFeatured Info Stealer CVSS scoring system employee mental health Secure Boot defenses UEFI Secure Boot SocGholish malware strains remote access trojan Cybersecurity company Trend Slovak cybersecurity company malicious Python package Python Package Index command injection bug browser security vendor

Older messages

BlackLotus UEFI Bootkit Malware Successfully Bypasses Windows 11 Secure Boot

Wednesday, March 1, 2023

The Hacker News Daily Updates Newsletter cover The Hacker News Webinar: A MythBusting Special -- 9 Myths about File-based Threats Say goodbye to the myths and hello to the facts - Register for our

BREAKING: LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

Tuesday, February 28, 2023

The Hacker News eBook Update Newsletter Cybersecurity Webinar: How to Tackle the Top SaaS Security Challenges of 2023 Download For Free Don't let your SaaS apps become the next target - Join our

BREAKING: LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

Tuesday, February 28, 2023

The Hacker News Daily Updates Newsletter cover Cybersecurity Webinar: How to Tackle the Top SaaS Security Challenges of 2023 Don't let your SaaS apps become the next target - Join our expert-led

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

Monday, February 27, 2023

The Hacker News Daily Updates Newsletter cover Cybersecurity Webinar: How to Tackle the Top SaaS Security Challenges of 2023 Don't let your SaaS apps become the next target - Join our expert-led

Watch Out! Trojanized macOS Apps Deploying Evasive Cryptocurrency Mining Malware

Saturday, February 25, 2023

The Hacker News Daily Updates Newsletter cover Cloud Security For Dummies ($21.00 Value) FREE for a Limited Time Embrace the cloud and kick hackers to the curb with this accessible guide on cloud

You Might Also Like

The Chilling of TikTok

Wednesday, April 24, 2024

Ban or not, this is the end of TikTok as we know it The Chilling of TikTok By MG Siegler • 24 Apr 2024 View in browser View in browser The tok is tiking... Later today, President Biden will sign a bill

GenAI is transforming materials design

Wednesday, April 24, 2024

‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

⚙️ Meta Smart Glasses

Wednesday, April 24, 2024

Plus: $3B valuation for AI startup ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Endpoint Security Tips Curated by Experts - Get This Guide Now

Wednesday, April 24, 2024

Endpoint Security Tips Curated by Experts Hey there, It's no secret that endpoints are prime targets for hackers—so how can you defend them better? Well, we have some suggestions for where you can

Senate passes the bill that could ban TikTok

Wednesday, April 24, 2024

The Morning After It's Wednesday, April 24, 2024. The Senate approved a measure that will require ByteDance to sell TikTok or face a ban, in a vote of 79 to 18. The Protecting Americans from

[Incubator] Dates for our next Student Orientation and Demo Day

Wednesday, April 24, 2024

Also, here's the link to our last student demo day. ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌

Warning: Security Flaws Exposed Keystrokes of Over 1 Billion Chinese Keyboard App Users

Wednesday, April 24, 2024

THN Daily Updates Newsletter cover Webinar -- Uncovering Contemporary DDoS Attack Tactics -- and How to Fight Back Stop DDoS Attacks Before They Stop Your Business... and Make You Headline News.

Post from Syncfusion Blogs on 04/24/2024

Wednesday, April 24, 2024

New blogs from Syncfusion What's New in React Query Builder: 2024 Volume 1 By Satheeskumar S This blog explores the new features added to the Syncfusion React Query Builder in the 2024 Volume 1

Tesla's ride hailing app 🚗, Apple AI server chips 🤖, building a new city 🏙️

Wednesday, April 24, 2024

Tesla teased screenshots of its ride-hailing feature along with the release of its Q1 2024 financial results Sign Up |Advertise|View Online TLDR Together With Dollar Flight Club TLDR 2024-04-24 Save Up

AI search engine startup Perplexity eyes a $3B valuation

Tuesday, April 23, 2024

Plus: It's Tesla earnings day and AWS wants to host your AI models View this email online in your browser By Cody Corrall Tuesday, April 23, 2024 Welcome back to TechCrunch PM. Today we have big