OOh yeah oooh ooh oooh
The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.com
- Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniquesby info@thehackernews.com (The Hacker News) on December 14, 2024 at 10:16 am
Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. “The target of the threat actors were Thailand officials based on the nature of the lures,” Nikhil Hegde, senior engineer for Netskope’s Security Efficacy team, told The Hacker News. “The Yokai backdoor itself is not
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploitsby info@thehackernews.com (The Hacker News) on December 13, 2024 at 8:00 pm
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to “mysterious unattributed threat”) by Datadog Security Labs, that
- Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injectionby info@thehackernews.com (The Hacker News) on December 13, 2024 at 4:48 pm
A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting the
- DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Yearsby info@thehackernews.com (The Hacker News) on December 13, 2024 at 3:51 pm
The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People’s Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft by illegally seeking employment in U.S. companies and non-profit organizations. “The conspirators, who worked for
- Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platformsby info@thehackernews.com (The Hacker News) on December 13, 2024 at 11:44 am
Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras, routers, programmable