The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 44 min 24 sek zpět

WhatsApp Flaw Could Allow 'Potential Attackers' to Spy On Encrypted Group Chats

10 Leden, 2018 - 20:46
A more dramatic revelation of 2018—an outsider can secretly eavesdrop on your private end-to-end encrypted group chats on WhatsApp and Signal messaging apps. Considering protection against three types of attackers—malicious user, network attacker, and malicious server—an end-to-end encryption protocol plays a vital role in securing instant messaging services. The primary purpose of having
Kategorie: Hacking & Security

Wi-Fi Alliance launches WPA3 protocol with new security features

9 Leden, 2018 - 19:17
The Wi-Fi Alliance has finally announced the long-awaited next generation of the wireless security protocol—Wi-Fi Protected Access (WPA3). WPA3 will replace the existing WPA2—the network security protocol that has been around for at least 15 years and widely used by billions of wireless devices every day, including smartphones, laptops and Internet of things. However, WPA2 has long been
Kategorie: Hacking & Security

Critical Unpatched Flaws Disclosed In Western Digital 'My Cloud' Storage Devices

5 Leden, 2018 - 13:24
Security researchers have discovered several severe vulnerabilities and a secret hard-coded backdoor in Western Digital's My Cloud NAS devices that could allow remote attackers to gain unrestricted root access to the device. Western Digital's My Cloud (WDMyCloud) is one of the most popular network-attached storage devices which is being used by individuals and businesses to host their files,
Kategorie: Hacking & Security

[Guide] How to Protect Your Devices Against Meltdown and Spectre Attacks

5 Leden, 2018 - 09:27
Recently uncovered two huge processor vulnerabilities called Meltdown and Spectre have taken the whole world by storm, while vendors are rushing out to patch the vulnerabilities in its products. The issues apply to all modern processors and affect nearly all operating systems (Windows, Linux, Android, iOS, macOS, FreeBSD, and more), smartphones and other computing devices made in the past 20
Kategorie: Hacking & Security

Hundreds of GPS Location Tracking Services Leaving User Data Open to Hackers

4 Leden, 2018 - 12:40
Security researchers have unearthed multiple vulnerabilities in hundreds of GPS services that could enable attackers to expose a whole host of sensitive data on millions of online location tracking devices managed by vulnerable GPS services. The series of vulnerabilities discovered by two security researchers, Vangelis Stykas and Michael Gruhn, who dubbed the bugs as 'Trackmageddon' in a
Kategorie: Hacking & Security

Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

4 Leden, 2018 - 08:13
Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulnerable to the issues. Disclosed today by Google Project Zero, the vulnerabilities potentially impact all major CPUs, including those from AMD,
Kategorie: Hacking & Security

Huge Flaws Affect Nearly Every Modern Device; Patch Could Hit CPU Performance

4 Leden, 2018 - 08:01
UPDATE: Researchers have finally disclosed complete technical details of two kernel side-channel attacks, Meltdown and Spectre—which affect not only Intel but also systems and devices running AMD, ARM processors—allowing attackers to steal sensitive data from the system memory. ____________ The first week of the new year has not yet been completed, and very soon a massive vulnerability is
Kategorie: Hacking & Security

Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases

2 Leden, 2018 - 19:35
A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link. Discovered by an Indian security researcher, Ashutosh Barot, the vulnerability is a cross-site request forgery (CSRF) attack and
Kategorie: Hacking & Security

Flaw In Major Browsers Allows 3rd-Party Scripts to Steal Your Saved Passwords

2 Leden, 2018 - 11:53
Security researchers have uncovered how marketing companies have started exploiting an 11-year-old bug in browsers' built-in password managers, which allow them to secretly steal your email address for targeted advertising across different browsers and devices. The major concern is that the same loophole could allow malicious actors to steal your saved usernames and passwords from browsers
Kategorie: Hacking & Security

15-Year-Old Apple macOS 0-Day Kernel Flaw Disclosed, Allows Root Access

2 Leden, 2018 - 09:18
A security researcher on New Year's eve made public the details of an unpatched security vulnerability in Apple's macOS operating system that can be exploited to take complete control of a system. On the first day of 2018, a researcher using the online moniker Siguza released the details of the unpatched zero-day macOS vulnerability, which he suggests is at least 15 years old, and
Kategorie: Hacking & Security

Forever 21 Confirms Security Breach Exposed Customer Credit Card Details

1 Leden, 2018 - 13:13
First notified in November of a data breach incident, popular clothing retailer Forever 21 has now confirmed that hackers stole credit card information from its stores throughout the country for several months during 2017. Although the company did not yet specify the total number of its customers affected by the breach, it did confirm that malware was installed on some point of sale (POS)
Kategorie: Hacking & Security

Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser

29 Prosinec, 2017 - 13:26
A critical vulnerability has been discovered in the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could allow an attacker to steal data from browser tabs if the user visits an attacker-controlled site. Identified as CVE-2017-17692, the vulnerability is Same Origin Policy (SOP) bypass issue that resides in the popular Samsung Internet Browser version
Kategorie: Hacking & Security

Two Romanians Charged With Hacking Police CCTV Cameras Before Trump Inauguration

29 Prosinec, 2017 - 09:38
Remember how some cybercriminals shut down most of Washington D.C. police's security cameras for four days ahead of President Donald Trump's inauguration earlier this year? Just a few days after the incident, British authorities arrested two people in the United Kingdom, identified as a British man and a Swedish woman, both 50-year-old, on request of U.S. officials. But now US federal court
Kategorie: Hacking & Security

CEO of Major UK-Based Cryptocurrency Exchange Kidnapped in Ukraine

28 Prosinec, 2017 - 11:49
Pavel Lerner, a prominent Russian blockchain expert and known managing director of one of the major crypto-exchanges EXMO, has allegedly been kidnapped by "unknown" criminals in the Ukranian capital of Kiev. According to Ukraine-based web publication Strana, Lerner, 40-year-old citizen of Russia, was kidnapped on December 26 when he was leaving his office in the center of town (located on the
Kategorie: Hacking & Security

Kernel Exploit for Sony PS4 Firmware 4.05 Released, Jailbreak Coming Soon

27 Prosinec, 2017 - 18:20
Wishing you all a very 'belated' Merry Christmas. This holiday season Santa has a very special gift for all PlayStation gamers. Developer SpecterDev finally released a fully-functional much-awaited kernel exploit for PlayStation 4 (firmware 4.05) today—almost two months after Team Fail0verflow revealed the technical details of it. <!-- adsense --> Now available on Github, dubbed "namedobj,"
Kategorie: Hacking & Security