Category: Uncategorized
-
![⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February] info@thehackernews.com (The Hacker News)](https://sekuritasit.com/wp-content/uploads/2025/02/recap-article-hH6tUs.png)
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 February] [email protected] (The Hacker News)
This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky…
-

Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions [email protected] (The Hacker News)
Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. “Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials,” Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. TheRead…
-

What Is Attack Surface Management? [email protected] (The Hacker News)
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker’s…
-

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware [email protected] (The Hacker News)
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer. “Specializing in identity fraud, cryptocurrency theft, and information-stealing malware,…
-

U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network [email protected] (The Hacker News)
U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online marketplaces originating from Pakistan. The action, which took place on January 29, 2025, has been codenamed Operation Heart Blocker. The vast array of sites in question peddled…
-

BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key [email protected] (The Hacker News)
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local…
-

Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists [email protected] (The Hacker News)
Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024. In a statement to The Guardian,…
-

Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts [email protected] (The Hacker News)
Cybersecurity researchers have discovered a malvertising campaign that’s targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials. “These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft’s advertising platform,” Jérôme Segura, seniorRead…
-
What is a certificate revocation list (CRL) and how is it used?
Post ContentRead More
-

CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two…
