The Hacker News

SEPTEMBER 27, 2024

Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” techniques is especially alarming.

Penetration Testing 86

Penetration Testing Technology Ransomware Malware 86

Penetration Testing

FEBRUARY 28, 2024

Enter GULoader, a malware favored by cybercriminals for its stealth, adaptability, and ability to... The post SVG Attacks: How GULoader Malware Sneaks into Your Network appeared first on Penetration Testing.

Penetration Testing 134

Penetration Testing Malware Cybersecurity 134

Penetration Testing

MARCH 28, 2024

Security researchers at Kaspersky Labs have uncovered a dangerous new variant of the DinodasRAT malware that targets Linux operating systems.

Penetration Testing 143

Penetration Testing Malware 143

Penetration Testing

APRIL 22, 2024

Security researchers from G DATA have analyzed “Sharp Stealer,” a malware family that steals login credentials,... The post Sharp Stealer: New Malware Targets Gamers’ Accounts and Online Identities appeared first on Penetration Testing.

Accountability 126

Accountability Penetration Testing Malware Cybercrime 126

Penetration Testing

MAY 1, 2024

Security researchers at Lumen Technologies’ Black Lotus Labs have uncovered a sophisticated new malware campaign targeting enterprise-grade small office/home office (SOHO) routers.

Malware 111

Malware Penetration Testing Technology 111

Penetration Testing

APRIL 25, 2024

SonicWall Capture Labs threat research team has recently uncovered sophisticated.NET managed code injection methods employed by the notorious AgentTesla malware, marking a significant advancement in malware delivery tactics.

Malware 109

Malware Penetration Testing Spyware 109

Penetration Testing

APRIL 4, 2024

Researchers at FortiGuard Labs have uncovered the inner workings of Byakugan, a versatile malware strain employing a mix of legitimate and malicious components to steal sensitive user data while flying under the radar.

Penetration Testing 118

Penetration Testing Malware 118

Penetration Testing

APRIL 18, 2024

Kaspersky Labs researchers have revealed a new, targeted malware campaign dubbed “DuneQuixote” with a focus on government entities within the Middle East.

Malware 109

Malware Penetration Testing Government 109

Penetration Testing

MARCH 11, 2024

A dangerous new malware named Planet Stealer is making its rounds in the cybercriminal underworld, and security experts warn that your passwords, cryptocurrency wallets, and other sensitive information could be in its sights.

Passwords 127

Passwords Penetration Testing Malware Risk 127

Penetration Testing

APRIL 18, 2024

A detailed analysis by Sucuri, a leading website security firm, has uncovered a sophisticated malware campaign that has shifted strategies to become more elusive and harder to detect.

Malware 105

Malware Penetration Testing 105

Penetration Testing

APRIL 9, 2024

The attackers used a malware strain... The post LazyStealer Malware Targets Governments with Simple But Effective Strategy appeared first on Penetration Testing.

Government 112

Government Penetration Testing Malware Technology 112

Penetration Testing

APRIL 25, 2024

ThreatFabric has unveiled a sophisticated new Android malware strain named “Brokewell.” The... The post Alert: “Brokewell” Malware – New Threat Targets Bank Users with Remote Device Takeover appeared first on Penetration Testing.

Banking 120

Banking Penetration Testing Malware 120

Penetration Testing

APRIL 26, 2024

Researchers at Huntress have revealed a critical development in the LightSpy malware threat landscape. This calls... The post LightSpy Malware Strikes macOS: Your Mac Could be the Target appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Malware 111

Penetration Testing

MARCH 24, 2024

In a striking revelation, the cybersecurity world has been alerted to a novel and sophisticated cyber espionage campaign orchestrated by APT29, a notorious threat group believed to be operating under the auspices of Russia’s... The post APT29 Strikes German Politics with WINELOADER Malware Assault appeared first on Penetration Testing. (..)

Penetration Testing 118

Penetration Testing Malware Cybersecurity 118

Penetration Testing

MAY 9, 2024

FIN7’s campaign targets users with malicious websites disguised as... The post FIN7 Hackers Using Signed Malware and Fake Google Ads to Evade Defenses appeared first on Penetration Testing.

Penetration Testing 126

Penetration Testing Malware Cybercrime 126

Penetration Testing

APRIL 14, 2024

A sophisticated malware campaign targeting the widely-used Notepad++ text editor has been uncovered by security researchers at AhnLab Security Emergency Response Center (ASEC).

Malware 111

Malware Penetration Testing 111

Penetration Testing

APRIL 16, 2024

According to a detailed report by Recorded Future’s Insikt Group, the cybersecurity landscape faces a formidable threat in the form of “Mobile NotPetya,” a potential zero-click, wormable mobile malware that could spread autonomously and... The post Unstoppable Malware?

Mobile 109

Mobile Malware Penetration Testing Risk 109

Hacker's King

SEPTEMBER 2, 2024

Whether you are conducting a black-box penetration test or assessing your organization's security posture, SpiderFoot offers a comprehensive solution for both offensive and defensive operations. You may read more about : Guide to Android Penetration Testing for Beginners 4.

Penetration Testing 52

Penetration Testing DNS Phishing Engineering 52

Penetration Testing

MARCH 24, 2024

Cybersecurity experts at SentinelLabs have discovered a dangerous new version of the infamous “AcidRain” malware. This type of malware, known as a wiper, is designed to destroy data and cripple systems.

Malware 101

Malware Penetration Testing Cybersecurity 101

Penetration Testing

MARCH 24, 2024

Researchers at Unit 42 have uncovered a major new attack campaign deploying an updated version of the StrelaStealer malware.

Penetration Testing 136

Penetration Testing Malware 136

Penetration Testing

APRIL 30, 2024

Security researchers at Zscaler have uncovered a new anti-analysis feature in recent iterations of the Zloader malware (versions 2.4.1.0

Malware 106

Malware Penetration Testing 106

Penetration Testing

MARCH 6, 2024

Cado Security Labs’ recent discovery exposed a complex malware campaign zeroing in on Linux servers misconfigured with popular cloud services.

Malware 112

Malware Penetration Testing 112

Penetration Testing

MARCH 1, 2024

A recent investigation by McAfee Labs has shed light on a significant surge in malware distribution through one of the most ubiquitous document formats: the PDF. This surge marks a concerning shift in cybercriminal... The post Malware Hiding in PDFs: What You Need to Know appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Malware 111

Penetration Testing

MARCH 18, 2024

Security researchers at Netskope Threat Labs have exposed a sophisticated malware campaign that leverages the trustworthiness of Google Sites to deliver a potent new version of the Azorult infostealer.

Penetration Testing 106

Penetration Testing Malware 106

Penetration Testing

FEBRUARY 25, 2024

This technique, despite its age, continues to offer a stealthy passage for threat actors to deploy malware, underscoring... The post Warning: DLL Hijacking in Modern Malware Campaigns appeared first on Penetration Testing.

Malware 110

Malware Penetration Testing Cybersecurity Ransomware 110

Penetration Testing

APRIL 11, 2024

Cybercriminals, demonstrating both ingenuity and malice, have initiated a campaign that manipulates GitHub’s search functionality to distribute... The post GitHub Search Sabotaged: Malware Hidden in Popular Repositories appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Malware Cybersecurity 111

Penetration Testing

MAY 14, 2024

Microsoft has urgently addressed a critical zero-day vulnerability, known as CVE-2024-30051, that was actively exploited by attackers to deliver the notorious QakBot malware and other malicious payloads.

Penetration Testing 98

Penetration Testing Malware 98

Penetration Testing

FEBRUARY 29, 2024

The world of Pay-Per-Install (PPI) malware rarely stands still, and PrivateLoader, a notorious player in this arena, has pulled a new set of tricks out of its sleeve.

Malware 102

Malware Penetration Testing 102

Penetration Testing

JANUARY 24, 2024

Arctic Wolf Labs has recently shed light on a sophisticated Go-based malware downloader, dubbed “CherryLoader,” which uses the legitimate CherryTree note-taking application to trick the victims.

Penetration Testing 111

Penetration Testing Malware 111

Penetration Testing

APRIL 8, 2024

According to a comprehensive report by Palo Alto Networks, the cybersecurity realm is witnessing a significant uptick in malware-initiated scanning attacks.

Penetration Testing 101

Penetration Testing Malware Cybersecurity 101

Penetration Testing

APRIL 10, 2024

Security researchers at Cisco Talos have uncovered a sophisticated new malware campaign orchestrated by a threat actor they’ve named “Starry Addax.”

Penetration Testing 105

Penetration Testing Malware 105

Penetration Testing

JANUARY 28, 2024

Malware researcher Dominik Breitenbacher from ESET revealed HiddenFace, a highly sophisticated backdoor malware developed by the MirrorFace APT group.

Malware 108

Malware Penetration Testing 108

Penetration Testing

JANUARY 24, 2024

In the shadowy corners of the digital world, where the battle between cybersecurity defenders and attackers unfolds with relentless intensity, a new adversary has emerged, wielding the sophisticated tool of deception and evasion: LODEINFO... The post APT10’s Latest Weapon: Unveiling the LODEINFO Malware Menace appeared first on Penetration (..)

Penetration Testing 113

Penetration Testing Malware Cybersecurity 113

SecureWorld News

JUNE 28, 2020

With many organizations now planning their annual penetration tests ("pentest" for short), a change is needed in order to accommodate remote workers. It also begs what are you allowed to test versus what is now considered taboo considering end-users may be operating with their own personal equipment?

Penetration Testing 95

Penetration Testing Social Engineering VPN Phishing 95

Penetration Testing

MARCH 31, 2024

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using to spread malware: they’re leveraging Google Ads tracking features to redirect unsuspecting users to malicious websites.

Penetration Testing 106

Penetration Testing Software Malware Security Intelligence 106

Penetration Testing

DECEMBER 11, 2023

In the shadowy world of cyber threats, PlugX stands out as a sophisticated and insidious malware, leaving a digital trail of espionage and evasion. Recently, the Splunk Threat Research Team (STRT) unraveled the mystery... The post PlugX malware: The Enigma of Cyber Espionage Unveiled appeared first on Penetration Testing.

Malware 109

Malware Penetration Testing Cyber threats 109

SecureList

FEBRUARY 10, 2023

Penetration testing is something that many (of those who know what a pentest is) see as a search for weak spots and well-known vulnerabilities in clients’ infrastructure, and a bunch of copied-and-pasted recommendations on how to deal with the security holes thus discovered.

Penetration Testing 109

Penetration Testing Cybersecurity Banking Social Engineering 109