Hacking
Hacking | News, how-tos, features, reviews, and videos
DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
The spear phishing group has revised its tactics and is employing more sophisticated techniques and tactics based on what appears to be extensive research into Facebook business and ads management accounts.
Know thy enemy: thinking like a hacker can boost cybersecurity strategy
Putting on a red hat and trying to understand the motivations, expectations, behaviors, and goals of bad actors can be a key part of a solid cybersecurity plan.
Iran’s nuclear energy agency confirms email server hacked
Iranian hacking group Black Reward has claimed responsibility for a breach at the email server of the country's Bushehr nuclear power plant, in support of nationwide protests over the death of a young woman in police custody.
Election security, misinformation threats loom large ahead of the US midterms
The FBI and CISA say election infrastructure is secure, but threat actors have other ways to undermine confidence in the US midterm elections.
![Security threat [illustration] > A hacker with black hat, mask, and crowbar breaks into a laptop.](https://images.idgesg.net/images/article/2021/06/hacker_hackingsecurity_threat_crime_criminal_with_black_hat_mask_and_crowbar_breaks_into_a_laptop_by_drdrawer_shutterstock_1364574311_royalty-free_digital-only_2400x1600-100890822-small.3x2.jpg?auto=webp&quality=85,70)
Most hackers need 5 hours or less to break into enterprise environments
A new survey of 300 ethical hackers provides insight into not only the most common means of initial access but how a complete end-to-end attack happens.
Social media's role in spreading U.S. election disinformation in the spotlight
Before Twitter's former CISO sounded the alarm bell, the U.S. government defined steps to counter misinformation and disinformation at the state, local and federal levels.
Russian DDoS attack on Lithuania was planned on Telegram, Flashpoint says
Russian cybercollective Killnet dropped evidence of possible collaboration with ransomware gang Conti in its hacking campaign against Lithuania on a Telegram channel, security company Flashpoint reports.
9 ways hackers will use machine learning to launch attacks
Machine learning algorithms will improve security solutions, helping human analysts triage threats and close vulnerabilities quicker. But they are also going to help threat actors launch bigger, more complex attacks.
![CSO: Have you met these hackers? [slide 11]](https://images.idgesg.net/images/article/2018/04/cso_ss_hacker_types_slide_11_innocent_man_angel_wings_halo_by_pixel2013_cc0_via_pixabay_binary_code_and_circuits_by_gettyimages_matejmo-100755738-small.3x2.jpg?auto=webp&quality=85,70){kind=tracking}
DOJ: Good faith security research won’t be charged under Computer Fraud and Abuse Act
The U.S. Department of Justice revises its policy regarding charging violations of the CFAA. Good faith security research will no longer be charged.
Karakurt data thieves linked to larger Conti hacking group
Data theft group has apparent ties to another, more prolific hacking crew, according to cybersecurity firm Tetra Defense.
Take LAPSUS$ teens seriously
After the Okta breach, LAPSUS$ is already back making trouble using low-tech techniques with a high rate of success.
![Digital bugs amid binary code. [security threats / malware / breach / hack / attack]](https://images.idgesg.net/images/article/2020/09/digital_bugs_amid_binary_code_security_threats_malware_breach_hack_attack_by_whatawin_gettyimages-1188254819_2400x1600-100858616-small.3x2.jpg?auto=webp&quality=85,70)
Zoom’s bug bounty ROI clear as program pays $1.8 million to fix over 400 bugs
The firm’s CISO reflects on bug bounty ROI and selling the concept to senior leadership.
What is a botnet? When infected devices attack
A botnet is a collection of internet-connected devices that an attacker has compromised to launch DDoS attacks, spread phishing spam, mine bitcoin, and more.
What is ethical hacking? Getting paid to break into computers
Learn the ethical hacking certifications, training, and experience you need to land a job testing an organization's defenses.
Man-in-the-middle (MitM) attack definition and examples
A man-in-the-middle (MitM) attack is a type of cyberattack in which communications between two parties is intercepted, often to steal login credentials or personal information, spy on victims, sabotage communications, or corrupt data....
![A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]](https://images.idgesg.net/images/article/2020/09/group_of_anonymous_hooded_figures_hackers_bad_actors_security_threats_by_leo_lintang_gettyimages-1135437442_2400x1600-100858240-small.3x2.jpg?auto=webp&quality=85,70)
Rash of hacktivism incidents accompany Russia’s invasion of Ukraine
Some in the cybersecurity community say actions on behalf of Ukraine help even the odds, while others warn that unauthorized hacking could interfere with government cyber operations.
FBI's warning about Iranian firm highlights common cyberattack tactics
One known tactic is conducting reconnaissance on potential targets, then working to identify entry points including vulnerable software or systems.
6 ways hackers hide their tracks
From trusted pentesting tools to LOLBINs, attackers abuse trusted platforms and protocols to evade security controls.