Hack Reports - Latest Cybersecurity News, Trends & Updates

Sign in Subscribe

Geetansh

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

UEFI Secure Boot Vulnerability CVE-2024-7344: Detailed Analysis A recent discovery by ESET researchers has unveiled a significant vulnerability in UEFI-based systems, identified as CVE-2024-7344. This vulnerability allows attackers to bypass the UEFI Secure Boot mechanism, enabling the execution of untrusted code during system boot. Affected Systems and Software The vulnerability

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Latest News on NTLMv1 Vulnerability and Active Directory Misconfiguration NTLMv1 Vulnerability and Bypassing NTLMv1 Restrictions Recent research has highlighted a significant vulnerability related to NTLMv1 in Active Directory environments, which can be exploited despite Microsoft's efforts to block NTLMv1. Misconfigured On-Prem Applications Researchers have discovered that misconfigured on-premises

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

VIP Keylogger Malware Campaign Recent reports from HP Wolf Security highlight a sophisticated malware campaign involving the VIP Keylogger, a comprehensive keylogger and data stealer. Key Findings: * Delivery Method: The malware is delivered through phishing emails that masquerade as invoices and purchase orders. These emails contain malicious archive files (such

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

Latest News on Stolen Credentials Attacks and Cybersecurity Threats Stolen Credentials Attacks and Identity Theft In 2024 and heading into 2025, stolen credentials and identity theft continue to be significant cybersecurity concerns. Identity Theft and Misused Identities * The majority of cybersecurity challenges are attributed to stolen, misused, or fake identities.

6 Strategic Innovations Transforming the Fintech Industry

6 Strategic Innovations Transforming the Fintech Industry

Fintech Innovations in 2025 Technology Advancements and AI Integration In 2025, fintech is expected to see significant advancements driven by technological innovations, particularly in the areas of artificial intelligence (AI), machine learning, and blockchain. * AI and Machine Learning: AI is transforming various aspects of financial services, including customer experience, operational

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

RansomHub Ransomware Attacks: Latest Analysis and Insights Overview of RansomHub RansomHub has emerged as a significant player in the ransomware-as-a-service (RaaS) landscape, particularly after the disruption of other major ransomware groups like ALPHV/BlackCat and LockBit in late 2023 and early 2024, respectively4. Key Developments and Tactics Rapid Growth and

SAP fixes critical vulnerabilities in NetWeaver application servers

SAP fixes critical vulnerabilities in NetWeaver application servers

Here is the latest information on SAP NetWeaver vulnerabilities and security patches, particularly focusing on recent updates and critical vulnerabilities. January 2025 SAP Security Updates Critical Vulnerabilities In the January 2025 Security Patch Day, SAP addressed several critical vulnerabilities in its products: * CVE-2025-0070 (CVSS 9.9): This vulnerability involves improper