Congratulations!

[Valid Atom 1.0] This is a valid Atom 1.0 feed.

Recommendations

This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.

Source: http://www.thehackernews.com/feeds/posts/default

  1. <?xml version='1.0' encoding='UTF-8'?><?xml-stylesheet href="http://www.blogger.com/styles/atom.css" type="text/css"?><feed xmlns='http://www.w3.org/2005/Atom' xmlns:openSearch='http://a9.com/-/spec/opensearchrss/1.0/' xmlns:blogger='http://schemas.google.com/blogger/2008' xmlns:georss='http://www.georss.org/georss' xmlns:gd="http://schemas.google.com/g/2005" xmlns:thr='http://purl.org/syndication/thread/1.0'><id>tag:blogger.com,1999:blog-4802841478634147276</id><updated>2024-05-12T04:47:55.152+05:30</updated><title type='text'>The Hacker News | #1 Trusted Cybersecurity News Site</title><subtitle type='html'>The Hacker News is the most trusted and popular cybersecurity publication for information security professionals seeking breaking news, actionable insights and analysis.</subtitle><link rel='http://schemas.google.com/g/2005#feed' type='application/atom+xml' href='https://thehackernews.com/feeds/posts/default'/><link rel='self' type='application/atom+xml' href='https://thehackernews.com/feeds/posts/default?redirect=false'/><link rel='alternate' type='text/html' href='https://thehackernews.com/'/><link rel='hub' href='http://pubsubhubbub.appspot.com/'/><link rel='next' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default?start-index=26&amp;max-results=25&amp;redirect=false'/><author><name>Unknown</name><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><generator version='7.00' uri='http://www.blogger.com'>Blogger</generator><openSearch:totalResults>13015</openSearch:totalResults><openSearch:startIndex>1</openSearch:startIndex><openSearch:itemsPerPage>25</openSearch:itemsPerPage><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-9134946758131362119</id><published>2024-05-11T12:59:00.004+05:30</published><updated>2024-05-11T12:59:41.765+05:30</updated><title type='text'>FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT</title><summary type="html">
  2. The financially motivated threat actor known as&amp;nbsp;FIN7&amp;nbsp;has&amp;nbsp;been observed&amp;nbsp;leveraging malicious Google ads spoofing legitimate brands&amp;nbsp;as a means&amp;nbsp;to deliver MSIX installers that culminate in the deployment of&amp;nbsp;NetSupport RAT.
  3. &quot;The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/9134946758131362119'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/9134946758131362119'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/fin7-hacker-group-leverages-malicious.html' title='FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidGxM7ADAzrplKASUpJQ3bzcolJSyabMKaYKT4HClyzRgCOuWCVvr4duu8KJkPW_9Ga8ADrETgYfu0Pwx9QosFgHep34F7jq5lOwmpYTooakEW-L3-1pyG0UDv5s2UEUJ-etPxVPf3FsuaCnRzo-2SfgR6sBYGaiuMLgIfVMCeQ_eylo2l6zR3vJ-i3oYb/s260-e100/browser.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-7409501442093616848</id><published>2024-05-10T20:24:00.005+05:30</published><updated>2024-05-11T12:53:15.627+05:30</updated><title type='text'>North Korean Hackers Deploy New Golang Malware &#39;Durian&#39; Against Crypto Firms</title><summary type="html">
  4. The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed&amp;nbsp;Durian&amp;nbsp;as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms.
  5. &quot;Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files,&quot; </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7409501442093616848'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7409501442093616848'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/north-korean-hackers-deploy-new-golang.html' title='North Korean Hackers Deploy New Golang Malware &#39;Durian&#39; Against Crypto Firms'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidJpCh60Y9OeOx9Vlo9dCf4aW8aHjXqU-MHJt8NBiVPiHKC7wWrDk1vRCuo90pQ3mtyy9t9A3ouhAdU6aUe5MxKQm5Tvt9XRGYYiX5EDVnNXthkbqKLKD-YikG_sWfHjatO8QRZIClAHjB2novZftoHKSkAEs50ZfCDkCDZzrPE_qZgIrvet1tAfPwa4L2/s260-e100/map.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-8379047691854193637</id><published>2024-05-10T18:22:00.001+05:30</published><updated>2024-05-10T18:22:08.856+05:30</updated><title type='text'>CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)</title><summary type="html">
  6. Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats.
  7. Join us for an exciting webinar, &quot;The Future of Threat Hunting is Powered by Generative AI,&quot; where you&#39;ll explore how AI tools are shaping the future of cybersecurity defenses.
  8. During the session, Censys Security Researcher Aidan Holland will </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/8379047691854193637'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/8379047691854193637'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/censysgpt-ai-powered-threat-hunting-for.html' title='CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)'/><author><name>The Hacker News</name><uri>http://www.blogger.com/profile/16801458706306167627</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrQzKHxF9wi3LGibNRnANXUG8_15lCG3M1Xufs8A98ul3VXJnGRM_LhxYgNXMMIF6bEVuMk1irdTzogocwMaUQgv6xl34h-r4-TpWtnaV9dpLC3ZsX2XyRYNMvMQTjJmpIZrScfZJdRhQcn0hVrVjH-4EAxWu-EXyDq0ebtYgGX787Xuf40HWe1XQYxVC3/s260-e100/webinar.jpg" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-3078501596385678139</id><published>2024-05-10T15:53:00.005+05:30</published><updated>2024-05-11T12:53:31.948+05:30</updated><title type='text'>Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability</title><summary type="html">
  9. Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.
  10. Tracked as&amp;nbsp;CVE-2024-4671, the high-severity vulnerability has&amp;nbsp;been described&amp;nbsp;as a case of use-after-free in the Visuals component.&amp;nbsp;It was reported by an anonymous researcher on May 7, 2024.
  11. Use-after-free bugs, which arise when a program </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3078501596385678139'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3078501596385678139'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/chrome-zero-day-alert-update-your.html' title='Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPhSx8fwDELvWKGNqNBlu-6Ndi0sPJb5p7SWiIt3zy9vzwPZSe7riuvdLHazxW6fjyi7S27qv4kzvcF9xE_ftF8djTvTvdEzg1Oh4XMApFiK4rwg7xw_hB5QuQ5S7y76OVPdl2zVCKaS0gHR54fTN805N7NUzdgw-Ivg3EOYBvCPBwOlveakXMpHVZXvAY/s260-e100/chrome.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-3317230244060844565</id><published>2024-05-10T15:52:00.002+05:30</published><updated>2024-05-10T16:18:33.968+05:30</updated><title type='text'>What&#39;s the Right EDR for You? </title><summary type="html">
  12. A guide to finding the right endpoint detection and response (EDR) solution for your&amp;nbsp;business’&amp;nbsp;unique needs.
  13. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint</summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3317230244060844565'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3317230244060844565'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/whats-right-edr-for-you.html' title='What&#39;s the Right EDR for You? '/><author><name>The Hacker News</name><uri>http://www.blogger.com/profile/16801458706306167627</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgf4ObBPhLrcp9eQ4wBjjsqmgCiTTduqn2Z86NyBvqJIICGm88V2AZbHI3LUgw2V6T2O_Stp9triqnH0DHUM2PlpbZy9cNfIlkbHRMq_H6aQHjOuDTHBQ88jPyn6Lm913dcGTutJLCvyWd4BPWNKYVHQCApwvtTP2wbDwosiP6wzj2L7Yh4HDgCoxNwkHo/s260-e100/HUNT.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-5737789241668477776</id><published>2024-05-10T15:51:00.006+05:30</published><updated>2024-05-10T19:16:12.431+05:30</updated><title type='text'>Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials</title><summary type="html">
  14. Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users&#39; credentials from compromised devices.
  15. &quot;This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,&quot; the SonicWall Capture Labs threat research team&amp;nbsp;said&amp;nbsp;in a recent report.
  16. The </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/5737789241668477776'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/5737789241668477776'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/malicious-android-apps-pose-as-google.html' title='Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgu7hyphenhyphennU2IYjiz-ihf3HI2sV7T0y8bp02Lny2zKl22QLmn60deJC7JrSYqlkAEihse0cDSvFoTKVWehDNwJHrR4xoMZOMSFkDUTBuDWNqQ6tbDT5Z7hZ784vbqPeKYUv9W9NFIV32gq8n_72bAOq0NcSHKiEtrKHmePuoQcgVdyRddlABJ3R4Q0upkj8NZG/s260-e100/apps.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-8675729207079110080</id><published>2024-05-10T13:11:00.001+05:30</published><updated>2024-05-10T13:11:52.882+05:30</updated><title type='text'>Researchers Uncover &#39;LLMjacking&#39; Scheme Targeting Cloud-Hosted AI Models</title><summary type="html">
  17. Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services&amp;nbsp;with the goal of selling&amp;nbsp;access to other threat actors.
  18. The attack technique has been codenamed&amp;nbsp;LLMjacking&amp;nbsp;by the Sysdig Threat Research Team.
  19. &quot;Once initial access was obtained, they exfiltrated cloud credentials and gained </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/8675729207079110080'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/8675729207079110080'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/researchers-uncover-llmjacking-scheme.html' title='Researchers Uncover &#39;LLMjacking&#39; Scheme Targeting Cloud-Hosted AI Models'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8sh-XmpsFwYT_aLaIqq4Tzn_W8HiANHxel6Vyy2-hLUvNgqpex97k8qG7SE8xPouPjkPpF-RuctUUeURbv0wg8sR-RUBFStCYplZP56arpce9kZ0rg8rb_bMRMFGV3Q_u5h3PUxznvpjiCljMNt33Yk2IcleXBku1rS0K6saao9m6MTqHsFiMDmcvdkJ-/s260-e100/app.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-1274508574129041567</id><published>2024-05-09T23:25:00.003+05:30</published><updated>2024-05-09T23:25:17.924+05:30</updated><title type='text'>New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation</title><summary type="html">
  20. Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed&amp;nbsp;TunnelVision&amp;nbsp;that allows threat actors to snoop on victim&#39;s network traffic by just being on the same local network.
  21. The &quot;decloaking&quot;&amp;nbsp;method&amp;nbsp;has been assigned the CVE identifier&amp;nbsp;CVE-2024-3661&amp;nbsp;(CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/1274508574129041567'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/1274508574129041567'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/new-tunnelvision-attack-allows.html' title='New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQlsUsoiYy4aXpmIuXau1TgGOZCD90EijcsFIeenHhC3SbZx0oCAUNX5BXImJJt4h30CotZ6v2szc7nwoa7K1DksiIAUboLQbvpH_7gBFvurgPQd2ANs1v9JieyCVRolbQ3_smQa-p7gM2krtcbqLr0kfuCMhvxGNCjgBb5YqCnTMcCO-PDA_7R96f3VF2/s260-e100/vpn.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-750038594096618252</id><published>2024-05-09T20:50:00.005+05:30</published><updated>2024-05-10T15:25:14.318+05:30</updated><title type='text'>Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign</title><summary type="html">
  22. Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called&amp;nbsp;APT28.
  23. &quot;The campaign sent emails with content intended to arouse the recipient&#39;s interest and persuade him to click on the link,&quot; the computer emergency response team, CERT Polska,&amp;nbsp;said&amp;nbsp;in a Wednesday bulletin.
  24. Clicking on the link </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/750038594096618252'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/750038594096618252'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/kremlin-backed-apt28-targets-polish.html' title='Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKaJfnAR5HtIZkrkiZDce4SNgIRTNBO1fYGif-AkvpQCCR-tFBjCuJEzl0ZntSFuIOqSOkNfxt5nddzAggYy2udFTPTl8g_eoAc1PRavjKXJ8rxnFNtW46LsMi8sFKRoIR5mtQZonRLTLVNMn9pWdAmz1Y_kJ6UAoQpqEUoFGSp3Q5waTY2JojNLtOlgjr/s260-e100/russian-hacker.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-3590994489501330091</id><published>2024-05-09T16:35:00.000+05:30</published><updated>2024-05-09T16:35:20.514+05:30</updated><title type='text'>New Guide: How to Scale Your vCISO Services Profitably</title><summary type="html">
  25. Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A&amp;nbsp;vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise.&amp;nbsp;This&amp;nbsp;is also an opportunity for MSPs and MSSPs to grow their business and bottom line.
  26. MSPs and MSSPs that expand their offerings and provide vCISO services </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3590994489501330091'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3590994489501330091'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/new-guide-how-to-scale-your-vciso.html' title='New Guide: How to Scale Your vCISO Services Profitably'/><author><name>The Hacker News</name><uri>http://www.blogger.com/profile/16801458706306167627</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjM1BLP41CBRl5iEZSK9mvuJoYFZVFZalw82yXj3w-5GSvvVu4AZd8eFwQKPE1-L2HrZMo7zGoxAw6XqWa_3UandW1xhaUkh14DIKqTWz1-rZMWx9BLgcs6LXDdLvaS5yONjZAzHvBU14YVUGGWM2TdwPEAaAVv02Cby7DbmJ0ykQ7B3LEm0bCrmuJ18CA/s260-e100/vciso.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-6937463472816151101</id><published>2024-05-09T16:34:00.004+05:30</published><updated>2024-05-09T16:34:41.935+05:30</updated><title type='text'>Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery</title><summary type="html">
  27. Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous&amp;nbsp;Mirai botnet.
  28. That&#39;s according to&amp;nbsp;findings&amp;nbsp;from Juniper Threat Labs, which said the vulnerabilities&amp;nbsp;CVE-2023-46805 and CVE-2024-21887&amp;nbsp;have been leveraged to deliver the botnet payload.
  29. While CVE-2023-46805 is an authentication bypass flaw, </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/6937463472816151101'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/6937463472816151101'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/mirai-botnet-exploits-ivanti-connect.html' title='Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuC0ui9EG4pPDPZvAfEntUJHehkrx0pkCo9KtjkzGzuk-qZLFMgEAegkw-wyjimRyrDCrLaAc52sd3LtHVaWeCkfpPAgTjLeSFRsyCnsYdR61C1dtkaydj6XmdSIAwrJupGHJheMs5NO3kg4vZdJTJdxERSgDqbXegmxqtE3v-NuqixyQxtQ9Ns5KCCHa6/s260-e100/botnet.jpg" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-7342623672449419446</id><published>2024-05-09T11:41:00.004+05:30</published><updated>2024-05-09T11:41:49.134+05:30</updated><title type='text'>Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover</title><summary type="html">
  30. Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence.
  31. The remotely exploitable flaws &quot;can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7342623672449419446'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7342623672449419446'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/critical-f5-central-manager.html' title='Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5s6eeVoQhFHOb9Vb_Vk3Rz9njcAmLGjrcKnDXKudv7jB3msdb7D7GCy-PZwg0I7yBZ-xfEjrmFtVxGiQH4wN33t7V5g6YbDs1s1oaPaArP2yRPtoRCAKThOWtdkaZv6iBzjNAxSOm8St97-q5-TNBv3Z5zv3ADd7G2kATs78RlqOGz3QNyJfb5bCXNsF2/s260-e100/f5.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-8039989533735147642</id><published>2024-05-08T19:48:00.000+05:30</published><updated>2024-05-08T19:48:57.809+05:30</updated><title type='text'>A SaaS Security Challenge: Getting Permissions All in One Place </title><summary type="html">
  32. Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are&amp;nbsp;remarkably precise. They spell out exactly which users have access to which data sets.&amp;nbsp;The terminology differs between apps, but each user’s base permission is determined by their role, while&amp;nbsp;additional permissions may be granted based on tasks or projects they are involved with.&amp;nbsp;Layered on top of </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/8039989533735147642'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/8039989533735147642'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/a-saas-security-challenge-getting.html' title='A SaaS Security Challenge: Getting Permissions All in One Place '/><author><name>The Hacker News</name><uri>http://www.blogger.com/profile/16801458706306167627</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjk9_-3ho9CnD6vcmj1tvvCvrvAdmKsFY-cbaja-5pRVV8_mArnYK3PxyRqgJ9nWCe9kovyGsFfO3BjgqUs8dmCsnFcYYxyCaeRSoVuS8kU648juKSN1toRwKGiUSbdvcFxO_AJkqalwScXF49DPxDqz23ZB4mLRQwVYZ7S_smVY-N924qApp-IpZGKvSE/s260-e100/as.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-32382166779930205</id><published>2024-05-08T19:47:00.003+05:30</published><updated>2024-05-08T19:47:56.324+05:30</updated><title type='text'>New Spectre-Style &#39;Pathfinder&#39; Attack Targets Intel CPU, Leak Encryption Keys and Data</title><summary type="html">
  33. Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that&amp;nbsp;could be exploited&amp;nbsp;to stage a&amp;nbsp;key&amp;nbsp;recovery attack against the Advanced Encryption Standard (AES) algorithm.
  34. The techniques have been collectively dubbed&amp;nbsp;Pathfinder&amp;nbsp;by&amp;nbsp;a group of&amp;nbsp;academics from the University of California San Diego, Purdue University, UNC Chapel</summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/32382166779930205'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/32382166779930205'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/new-spectre-style-pathfinder-attack.html' title='New Spectre-Style &#39;Pathfinder&#39; Attack Targets Intel CPU, Leak Encryption Keys and Data'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCsXxKSHjymsIMRDDrahsvY3mz_fB0fJj8ZZiVAsOCuyhG7SsO0WlvM_jMqvLhVvvEAsX0Pi2sbuDgu8ZMlNRaK_OkANH4GzvsL8K7TYEcyI-dvPzbHMC-H-1lYURtObXu8WLtF56ou9HUkmg_6mRikd1gp6KOXuDMgvV-LdLOogFHxVGWx2pOeVchbVx6/s260-e100/cpu.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-6915124010396603794</id><published>2024-05-08T16:28:00.006+05:30</published><updated>2024-05-10T18:01:36.007+05:30</updated><title type='text'>Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version</title><summary type="html">
  35. A newer version of a malware loader called&amp;nbsp;Hijack Loader&amp;nbsp;has&amp;nbsp;been observed&amp;nbsp;incorporating an updated set of anti-analysis techniques to fly under the radar.
  36. &quot;These enhancements aim to increase the malware&#39;s stealthiness, thereby remaining undetected for longer periods of time,&quot; Zscaler ThreatLabz researcher Muhammed Irfan V A&amp;nbsp;said&amp;nbsp;in a technical report.
  37. &quot;Hijack </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/6915124010396603794'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/6915124010396603794'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/hijack-loader-malware-employs-process.html' title='Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHPvhxGd_HGIF7-1OfNtRETRbpPNP33Y8GrqyC4vMegYiv65ZJxIPQYzHOLQPIf8VctiQ3SZ8FJYyPe4_ymMO3V6YclEEXI_IKFDh9IdPN3qDv7pmfFoiB_TNYple9aJlp_xxX2kj5vOulQ2WUFQ8eVz83fdF98SqYM9aK8H8gGec4MuQIjg86j1M74ahJ/s260-e100/data.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-3208661677059258387</id><published>2024-05-08T16:28:00.005+05:30</published><updated>2024-05-08T16:31:23.948+05:30</updated><title type='text'>The Fundamentals of Cloud Security Stress Testing</title><summary type="html">
  38. ״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them.
  39. The traditional approach for defenders is to list security gaps directly related to their assets in the network and eliminate as many as possible, starting with the most critical. </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3208661677059258387'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/3208661677059258387'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/the-fundamentals-of-cloud-security.html' title='The Fundamentals of Cloud Security Stress Testing'/><author><name>The Hacker News</name><uri>http://www.blogger.com/profile/16801458706306167627</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9g0_5hh9yyfiqTDAJeGldQ363-xqM83qZitESxMRryqG8TxZrN0XEBeKwwJvWIzoV_MgNFQSFwlYIw6D-9kvBsLkEQ4x-jwm0W1f2mBfmESM1hyMmnQ1s9rQFzu_5aSyLIrguF0hROMma0LFvJuIr3zsyNyuzWLcR88ebXEzdLdbGffcUxTPy4-Ltzi4/s260-e100/pen.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-4011205123090642848</id><published>2024-05-08T12:33:00.002+05:30</published><updated>2024-05-08T19:35:50.849+05:30</updated><title type='text'>Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites</title><summary type="html">
  40. A high-severity flaw impacting&amp;nbsp;the LiteSpeed Cache plugin for WordPress&amp;nbsp;is being actively exploited by threat actors&amp;nbsp;to create rogue admin accounts on susceptible websites.
  41. The&amp;nbsp;findings&amp;nbsp;come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3)&amp;nbsp;has&amp;nbsp;been leveraged&amp;nbsp;to set up bogus admin users with the names&amp;nbsp;wpsupp‑user&amp;nbsp;</summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4011205123090642848'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4011205123090642848'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/hackers-exploiting-litespeed-cache-bug.html' title='Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwWxqiKarD6EDbef2U4m3_BOnbMMSi3QcX7IRua5mjCkdTXC6Y0w6ZBkv8braHsd8pXPyEt65hxXN_Dlto4UCHiOis3OGtJkxNjG1o4sKiRKwXzumV-4XZ5dEccd109nFBUmPc_kR7FeVWaM1Lg8oT5jq7mEt4-rKc_97tWahO_Pn1u20qHspppHZtw1aQ/s260-e100/wordpress.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-2821324562133471419</id><published>2024-05-07T21:19:00.006+05:30</published><updated>2024-05-10T09:04:07.305+05:30</updated><title type='text'>Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator</title><summary type="html">
  42. The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named&amp;nbsp;Dmitry Yuryevich Khoroshev.
  43. In addition, Khoroshev has&amp;nbsp;been sanctioned&amp;nbsp;by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s Office of Foreign Assets Control (</summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/2821324562133471419'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/2821324562133471419'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/russian-hacker-dmitry-khoroshev.html' title='Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE-wdluAnaCMhtDZVypdjKCoD-my751uVGh6sFsjmHbzXyWAfsaR6FZVvKW7Kyxpj0ZNkxIJDmYTVKGGvUc3QeYs3DTTWIhYy6ARW5qxlWsXmszoFbqlMVfiFOuyEflW-yWGGBI3nhk34XBQ4cWyyMC0hZRypO7CiRKczdzgAHVRLl4RBvZTm6u58Tk7tS/s260-e100/lockbit.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-4064651082396373289</id><published>2024-05-07T18:55:00.003+05:30</published><updated>2024-05-08T09:37:01.676+05:30</updated><title type='text'>APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data</title><summary type="html">
  44. The Iranian state-backed hacking outfit&amp;nbsp;called&amp;nbsp;APT42&amp;nbsp;is making use of&amp;nbsp;enhanced social engineering schemes to infiltrate target networks and cloud environments.
  45. Targets of the attack include&amp;nbsp;Western and Middle Eastern NGOs, media organizations, academia, legal services&amp;nbsp;and activists, Google Cloud subsidiary Mandiant said in a report published last week.
  46. &quot;APT42 was </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4064651082396373289'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4064651082396373289'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/apt42-hackers-pose-as-journalists-to.html' title='APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6qvLqxsO9yW4bS9JTOZpkEiLqsqurdjy9gvYvvXCoZ07cOgMKi2AlfAGNvfZPiSQNhsTqK9xIBf6N4BDbfhYfbkpmRSF0-j1I5v0_15CWU1iwpfFliLkmdwHt6j8CrcgGKvt9hkPSzUCQaXz7mz6gx-6e1Ii3qYOxoGQgkv-JWpQdfVa8vIbKrNRrL1dv/s260-e100/ad.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-2969169201738492366</id><published>2024-05-07T18:25:00.000+05:30</published><updated>2024-05-07T18:25:13.633+05:30</updated><title type='text'>China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion</title><summary type="html">
  47. The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion&amp;nbsp;now&amp;nbsp;dates back to December 31, 2023.
  48. The attack, which&amp;nbsp;came to light last month, singled out MITRE&#39;s Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/2969169201738492366'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/2969169201738492366'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/china-linked-hackers-used-rootrot.html' title='China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQCqny-7V74hcHMCQEb6Y5GH-20vL1Yf6vXr8AAcEPKxNs2Nor81d5b2W8li3bilH2155zUVFb9dLWwGvi0loxzwJUmDn81Y59iFyx6lP5gfdrbmV4F46BcA5UBuZVVcVMIedGFpAqPw1aCUxcwS5rmMaHxP6PJv8sJEJjVKNMsBjPdhzazE2anizXUPKD/s260-e100/map.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-7253358704883058245</id><published>2024-05-07T16:12:00.000+05:30</published><updated>2024-05-07T16:12:33.969+05:30</updated><title type='text'>New Case Study: The Malicious Comment</title><summary type="html">
  49. How safe is your comments section? Discover how a seemingly innocent &#39;thank you&#39; comment on a product page concealed a malicious vulnerability, underscoring the necessity of robust security measures. Read the&amp;nbsp;full&amp;nbsp;real-life case study&amp;nbsp;here.&amp;nbsp;
  50. When is a ‘Thank you’ not a ‘Thank you’? When it’s a sneaky bit of code&amp;nbsp;that’s&amp;nbsp;been&amp;nbsp;hidden&amp;nbsp;inside a ‘Thank You’ </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7253358704883058245'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7253358704883058245'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/new-case-study-malicious-comment.html' title='New Case Study: The Malicious Comment'/><author><name>The Hacker News</name><uri>http://www.blogger.com/profile/16801458706306167627</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUS3LJkQuicN43D5NrxSf0xflKdo3GHVEdy089NmTUSypwNI70imjfQuBMzwrzNuBwmSdVJ9j-ARjsK2_kBTLRVilr8qOn7__e0I_38Wr6SR1yFGG16q-bOrtZy6HD6VOy2NkScWhynEiftat7H7gIhHRLr4jMiW2dD1wAP8L8FcTcCy9s6mb4QlJM958/s260-e100/case.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-4568993841562501096</id><published>2024-05-07T15:32:00.004+05:30</published><updated>2024-05-07T21:10:05.782+05:30</updated><title type='text'>Google Simplifies 2-Factor Authentication Setup (It&#39;s More Important Than Ever)</title><summary type="html">
  51. Google on Monday announced that it&#39;s simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts.
  52. Also&amp;nbsp;called 2-Step Verification (2SV), it aims to add an extra layer of security to users&#39; accounts to prevent takeover attacks in case the passwords&amp;nbsp;are stolen.
  53. The new change entails adding a second step method, such as an </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4568993841562501096'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4568993841562501096'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/google-simplifies-2-factor.html' title='Google Simplifies 2-Factor Authentication Setup (It&#39;s More Important Than Ever)'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhts8IRNt2lxOZ9dY9XPz7jMaACPUzRvigd7tqCinb8wiH2wSR3E4FZsKfkjtwLLp1cXJJWmnA3GekpLpUXNu5aCTz89_QtbKtYuE96g9_-KBO8FRVkE-KTSqIhiLI7jhUUhc0t8T9iX_Xf5FskuLpgpljGnDU-9NLfNsmMTtiNzkTQuMP7H2ETPUpYbINx/s260-e100/google.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-1221243247546435632</id><published>2024-05-07T15:02:00.001+05:30</published><updated>2024-05-07T15:02:30.054+05:30</updated><title type='text'>Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering</title><summary type="html">
  54. A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has&amp;nbsp;pleaded guilty&amp;nbsp;to money laundering charges from 2011 to 2017.
  55. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He&amp;nbsp;was subsequently&amp;nbsp;extradited&amp;nbsp;to the U.S. in August 2022. Vinnik and his co-conspirators have&amp;nbsp;been accused&amp;nbsp;of owning and managing </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/1221243247546435632'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/1221243247546435632'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/russian-operator-of-btc-e-crypto.html' title='Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIlSmhoWO8r-KCBWDkiN4qRvrNv1eZtIxSFdEoB00SYs9Cp4AbFI9_B1xH5qZkTCIqxCt3hi0Yf-btBi7DJNNVEUdvEOrpzdmYMsbWxpEU-U01DcjS7luA_k12jlZudZbUPkZVPm8nAzUVNgcoKUuL_xVO9Mv4B_DrON01jr9qx_r0UXN4jbe_nnu1N6cs/s260-e100/btc.png" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-7711377082436985507</id><published>2024-05-06T19:30:00.006+05:30</published><updated>2024-05-11T18:03:35.387+05:30</updated><title type='text'>Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution</title><summary type="html">
  56. More than 50% of the 90,310 hosts have been found exposing a&amp;nbsp;Tinyproxy service&amp;nbsp;on the internet that&#39;s vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool.
  57. The issue, tracked as&amp;nbsp;CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free bug impacting versions 1.10.0 and 1.11.1, the latter of </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7711377082436985507'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/7711377082436985507'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/critical-tinyproxy-flaw-opens-over.html' title='Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYwSjTl9gBIYg034Yyyb7jcL7o-V8gRw0CUg64_aYZMRSO-WjStmTCGk-5eQ_LATE7HAsaINjkNaLOzhh_die20Sl95IAqCYwOlUfoLgH44rdEou6dlfCZRsm0U_y6N5CJpOVIkF0jdRzlEA2fLepjrZAPnktNEqkT3hbJl3lxo-zDcgtWV9j46F9lKDF_/s260-e100/hack.jpg" height="72" width="72"/></entry><entry><id>tag:blogger.com,1999:blog-4802841478634147276.post-4365440342124483989</id><published>2024-05-06T19:17:00.001+05:30</published><updated>2024-05-08T15:29:56.817+05:30</updated><title type='text'>China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices</title><summary type="html">
  58. The&amp;nbsp;recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to&amp;nbsp;new findings&amp;nbsp;from attack surface management firm Censys.
  59.  
  60. Dubbed&amp;nbsp;ArcaneDoor, the activity is said to have commenced around July 2023, with the first confirmed attack against an unnamed victim </summary><link rel='edit' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4365440342124483989'/><link rel='self' type='application/atom+xml' href='http://www.blogger.com/feeds/4802841478634147276/posts/default/4365440342124483989'/><link rel='alternate' type='text/html' href='https://thehackernews.com/2024/05/china-linked-hackers-suspected-in.html' title='China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices'/><author><name>Newsroom</name><uri>http://www.blogger.com/profile/09767675513435997467</uri><email>noreply@blogger.com</email><gd:image rel='http://schemas.google.com/g/2005#thumbnail' width='16' height='16' src='https://img1.blogblog.com/img/b16-rounded.gif'/></author><media:thumbnail xmlns:media="http://search.yahoo.com/mrss/" url="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggY88ZniZn8np0C1A7hbQ0uyCFhBWfiAYxjxtGfo0UI8kM2tPvE7Sd5apIWlxJgixBKwB4wqWaqtcVCFEX_MLMST-kZoLk7NYAcanq-YBpJXiwWDfVb_SWYksNnak0WeJrQGSE6b5dL-KAP4DaNQP6OzUCERJ9N2vA5KUXY_PPu5H5nviQOsqF3PlmDN-s/s260-e100/chinese.jpg" height="72" width="72"/></entry></feed>

If you would like to create a banner that links to this page (i.e. this validation result), do the following:

  1. Download the "valid Atom 1.0" banner.

  2. Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)

  3. Add this HTML to your page (change the image src attribute if necessary):

If you would like to create a text link instead, here is the URL you can use:

http://www.feedvalidator.org/check.cgi?url=http%3A//www.thehackernews.com/feeds/posts/default

Home · About · News · Docs · Terms

 
Copyright © 2002-9 Sam Ruby, Mark Pilgrim, Joseph Walton, and Phil Ringnalda