Hackers Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency!

The Hacker News Daily Updates [Newsletter]( [cover]( [THN Webinar: Master the Six Phases of Incident Response]( React fast, respond smart: Master the six phases of Incident Response with Cynet's IR Leader! [Download Now]( Sponsored LATEST NEWS Mar 16, 2023 [Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme]( A coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began its operations in August 2017. "The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [What's Wrong with Manufacturing?]( In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also the most represented Industry in our CyberSOC dataset – contributing more Incidents than any ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Leave manual compliance and risk tasks in 2022. Automate it with Drata.]( Automate risk management, evidence collection, and control monitoring. Book a demo here. >> [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency]( Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild]( The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 (CVSS score: 8.6), which could be exploited by a threat actor to achieve arbitrary code execution. "Adobe ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [YoroTrooper Stealing Credentials and Information from Government and Energy Organizations]( A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials from multiple applications, browser histories and cookies, system information and screenshots," ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining]( Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023. "The novel Dero cryptojacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening on non-standard ports accessible from the internet," CrowdStrike said in a new report shared with ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [The Different Methods and Stages of Penetration Testing]( The stakes could not be higher for cyber defenders. With the vast amounts of sensitive information, intellectual property, and financial data at risk, the consequences of a data breach can be devastating. According to a report released by Ponemon institute, the cost of data breaches has reached an all-time high, averaging $4.35 million in 2022. Vulnerabilities in web applications are often ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter]( Don't Let Cybercriminals Sneak in Through the Identity Perimeter: Get Actionable Solutions! [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India