1. Home
  2. Discover
  3. Technology
  4. The Hacker News

New NAPLISTENER Malware by REF2924 Group is Leaving Networks Vulnerable!

The Hacker News Daily Updates
Newsletter
cover

THN Webinar: Master the Six Phases of Incident Response

React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader!

Download Now Sponsored
LATEST NEWS Mar 22, 2023

Preventing Insider Threats in Your Active Directory

Active Directory (AD) is a powerful authentication and directory service used by organizations worldwide. With this ubiquity and power comes the potential for abuse. Insider threats offer some of the most potentials for destruction. Many internal users have over-provisioned access and visibility into the internal network. Insiders' level of access and trust in a network leads to ...

Read More
Twitter Facebook LinkedIn

Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware

The NuGet repository is the target of a new "sophisticated and highly-malicious attack" aiming to infect .NET developer systems with cryptocurrency stealer malware. The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down. "The packages contained a PowerShell script that would execute upon installation and trigger a download of a ...

Read More
Twitter Facebook LinkedIn

NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection

The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia. The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C# and is designed to evade "network-based forms of detection." REF2924 is the moniker assigned to an activity cluster linked to attacks against an ...

Read More
Twitter Facebook LinkedIn

BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023, that the hacking forum has been officially taken down but emphasized that "it's not the end." "You are allowed to hate me, and disagree with my decision but I promise what is to come will be better for us all," Baphomet noted in a message posted on the BreachForums ...

Read More
Twitter Facebook LinkedIn

New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War

Amid the ongoing war between Russia and Ukraine, government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea have been attacked as part of an active campaign that drops a previously unseen, modular framework dubbed CommonMagic. "Although the initial vector of compromise is unclear, the details of the next stage imply the use of spear phishing or ...

Read More
Twitter Facebook LinkedIn

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report. ShellBot is installed on servers ...

Read More
Twitter Facebook LinkedIn

The Best Defense Against Cyber Threats for Lean Security Teams

H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That is, if you're in charge of cybersecurity for a small-to-midsize enterprise (SME). Why? Bad actors know that SMEs typically have a smaller security budget, less infosec manpower, and possibly weak or missing security controls to protect their data ...

Read More
Twitter Facebook LinkedIn

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significant uptick in recent years of threat actors leveraging unknown security flaws to their advantage. ...

Read More
Twitter Facebook LinkedIn
cover

THN Webinar: Master the Six Phases of Incident Response

React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader!

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

Poorly Managed Linux Servers statesponsored hacker groups Elastic Security Labs Lean security teams smaller security budget missing security controls DDoS Bot malware Linux SSH servers The NuGet repository less infosec manpower unseen modular framework cryptocurrency stealer malware Infamous Hacking Forum Many internal users Rogue NuGet Packages

Older messages

Hackers Stole $1.6 Million from Crypto ATMs via Zero-Day Vulnerability

Tuesday, March 21, 2023

The Hacker News Daily Updates Newsletter cover Guide to Open Source Software Security How to gain visibility to all your security risks Download Now Sponsored LATEST NEWS Mar 21, 2023 New ShellBot DDoS

Researchers Shed Light on CatB Ransomware's Evasion Techniques

Monday, March 20, 2023

The Hacker News Daily Updates Newsletter cover THN Webinar: Master the Six Phases of Incident Response React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader!

Cyber Kingpin – BreachForums' Mastermind Finally Caught in New York!

Saturday, March 18, 2023

The Hacker News Daily Updates Newsletter cover THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter Don't Let Cybercriminals Sneak in Through the Identity Perimeter: Get Actionable

Attention Samsung Users! Google Uncovers 18 Alarming Security Flaws in Exynos Chips

Friday, March 17, 2023

The Hacker News Daily Updates Newsletter cover THN Webinar: Master the Six Phases of Incident Response React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader!

Act Now: Microsoft's New Security Patches Address 80 Flaws — Two Under Active Attack!

Thursday, March 16, 2023

The Hacker News Daily Updates Newsletter cover SBOM and Connected Device Security When it comes to device firmware and connected device security, where does a manufacturer or buyer start? Here's

You Might Also Like

📧 What's inside MMA and how it can help you

Friday, April 26, 2024

What's Inside Modular Monolith Architecture? Hey there! 👋 I wish you an excellent end to the week. What better way to spend the weekend than diving headfirst into a 12+ hour course? Well, maybe

Data Science Weekly - Issue 544

Friday, April 26, 2024

Curated news, articles and jobs related to Data Science, AI, & Machine Learning ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

Develop highly relevant search applications using AI

Friday, April 26, 2024

New Elasticsearch and AI training ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ elastic | Search. Observe. Protect A world of AI possibilities door-test 2.png Explore

Stripe makes more changes

Thursday, April 25, 2024

TikTok is in trouble, and net neutrality is back View this email online in your browser By Christine Hall Thursday, April 25, 2024 Welcome back to TechCrunch PM, your home for all things startups,

💎 Issue 414 - From a Lorry Driver to Ruby on Rails Developer at 38

Thursday, April 25, 2024

This week's Awesome Ruby Newsletter Read this email on the Web The Awesome Ruby Newsletter Issue » 414 Release Date Apr 25, 2024 Your weekly report of the most popular Ruby news, articles and

💻 Issue 414 - JavaScript Features That Most Developers Don’t Know

Thursday, April 25, 2024

This week's Awesome Node.js Weekly Read this email on the Web The Awesome Node.js Weekly Issue » 414 Release Date Apr 25, 2024 Your weekly report of the most popular Node.js news, articles and

💻 Issue 407 - The Performance Impact of C++'s `final` Keyword

Thursday, April 25, 2024

This week's Awesome .NET Weekly Read this email on the Web The Awesome .NET Weekly Issue » 407 Release Date Apr 25, 2024 Your weekly report of the most popular .NET news, articles and projects

💻 Issue 414 - Everyone Has JavaScript, Right?

Thursday, April 25, 2024

This week's Awesome JavaScript Weekly Read this email on the Web The Awesome JavaScript Weekly Issue » 414 Release Date Apr 25, 2024 Your weekly report of the most popular JavaScript news, articles

📱 Issue 408 - All web browsers on iOS are just Safari with different design

Thursday, April 25, 2024

This week's Awesome iOS Weekly Read this email on the Web The Awesome iOS Weekly Issue » 408 Release Date Apr 25, 2024 Your weekly report of the most popular iOS news, articles and projects Popular

💧 Don't Bother Liquid Cooling Your AMD CPU — Why You Should Keep Using Live Photos on iPhone

Thursday, April 25, 2024

Also: We review the Unistellar Odyssey iPhone Telescope, and More! How-To Geek Logo April 25, 2024 Did You Know Charles Darwin and Abraham Lincoln were both born on the same day: February 12, 1809. 💻