[HackerNews] Russia bans VyprVPN, Opera VPN services for not complying with blacklist request

Russia’s telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. “In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN services VyprVPN and […]

Read More

[HackerNews] Google Releases New Framework to Prevent Software Supply Chain Attacks

As software supply chain attacks emerge as a point of concern in the wake of SolarWinds and Codecov security incidents, Google is proposing a solution to ensure the integrity of software packages and prevent unauthorized modifications.  Called “Supply chain Levels for Software Artifacts” (SLSA, and pronounced “salsa”), the end-to-end framework aims to secure the software development […]

Read More

[HackerNews] [eBook] 7 Signs You Might Need a New Detection and Response Tool

It’s natural to get complacent with the status quo when things seem to be working. The familiar is comfortable, and even if something better comes along, it brings with it many unknowns. In cybersecurity, this tendency is countered by the fast pace of innovation and how quickly technology becomes obsolete, often overnight. This combination usually […]

Read More

[HackerNews] Update‌ ‌Your Chrome Browser to Patch Yet Another 0-Day Exploit‌ed ‌in‌-the‌-Wild

Google has rolled out yet another update to Chrome browser for Windows, Mac, and Linux to fix four security vulnerabilities, including one zero-day flaw that’s being exploited in the wild. Tracked as CVE-2021-30554, the high severity flaw concerns a use after free vulnerability in WebGL (aka Web Graphics Library), a JavaScript API for rendering interactive 2D and 3D […]

Read More

[HackerNews] Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments

A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month. Sunnyvale-based enterprise security firm Proofpoint attributed the activity to a politically motivated threat […]

Read More

[HackerNews] A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran

Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan (RAT) capable of stealing sensitive information from targets’ devices since at least 2015. Russian cybersecurity firm Kaspersky, which pieced together the activity, attributed the campaign to an […]

Read More

[HackerNews] Strengthen Your Password Policy With GDPR Compliance

A solid password policy is the first line of defense for your corporate network. Protecting your systems from unauthorized users may sound easy on the surface, but it can actually be quite complicated. You have to balance password security with usability, while also following various regulatory requirements. Companies in the EU must have password policies […]

Read More

[HackerNews] Researchers Uncover ‘Process Ghosting’ — A New Malware Evasion Technique

Cybersecurity researchers have disclosed a new executable image tampering attack dubbed “Process Ghosting” that could be potentially abused by an attacker to circumvent protections and stealthily run malicious code on a Windows system. “With this technique, an attacker can write a piece of malware to disk in such a way that it’s difficult to scan […]

Read More

[HackerNews] Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks

Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019. As part of a joint operation between the National Police of Ukraine and authorities from the Republic of Korea and the U.S., six defendants have been accused of […]

Read More

[HackerNews] Malware Attack on South Korean Entities Was Work of Andariel Group

A malware campaign targeting South Korean entities that came to light earlier this year has been attributed to a North Korean nation-state hacking group called Andariel, once again indicating that Lazarus attackers are following the trends and their arsenal is in constant development. “The way Windows commands and their options were used in this campaign is almost identical to previous […]

Read More