The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 1 min 29 sek zpět

Fortinet VPN with Default Settings Leave 200,000 Businesses Open to Hackers

25 Září, 2020 - 21:37
As the pandemic continues to accelerate the shift towards working from home, a slew of digital threats have capitalized on the health concern to exploit weaknesses in the remote work infrastructure and carry out malicious attacks. Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution—with default
Kategorie: Hacking & Security

FinSpy Spyware for Mac and Linux OS Targets Egyptian Organisations

25 Září, 2020 - 17:01
Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. Developed by a German company, FinSpy is extremely powerful spying software that is being sold as a legal law enforcement tool to governments around the world but has also
Kategorie: Hacking & Security

Microsoft Windows XP Source Code Reportedly Leaked Online

25 Září, 2020 - 16:37
Microsoft's long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it's for the very first
Kategorie: Hacking & Security

Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone

24 Září, 2020 - 12:22
Ever wonder how hackers can hack your smartphone remotely? In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. What's more worrisome is that the flaw not only lets attackers
Kategorie: Hacking & Security

Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability

23 Září, 2020 - 20:09
If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' (CVE-2020-1472) and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the
Kategorie: Hacking & Security

A New Hacking Group Hitting Russian Companies With Ransomware

23 Září, 2020 - 11:07
As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. The ransomware gang, codenamed "OldGremlin" and believed to be a Russian-speaking threat
Kategorie: Hacking & Security

Unsecured Microsoft Bing Server Exposed Users' Search Queries and Location

22 Září, 2020 - 15:18
A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The data leak, discovered by Ata Hakcil of WizCase on September 12, is a massive 6.5TB cache of log
Kategorie: Hacking & Security

British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies

22 Září, 2020 - 13:32
A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous international hacking group 'The Dark Overlord,' has been sentenced to five years in prison and
Kategorie: Hacking & Security

A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems

21 Září, 2020 - 12:34
German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf (UKD) caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The
Kategorie: Hacking & Security

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

21 Září, 2020 - 08:10
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target
Kategorie: Hacking & Security

A Bug Could Let Attackers Hijack Firefox for Android via Wi-Fi Network

19 Září, 2020 - 21:04
Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. ESET security researcher Lukas Stefanko yesterday tweeted an alert demonstrating the exploitation of a recently disclosed high-risk remote command execution vulnerability affecting the Firefox app for Android. Discovered
Kategorie: Hacking & Security

Researchers Uncover 6-Year Cyber Espionage Campaign Targeting Iranian Dissidents

19 Září, 2020 - 13:24
Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts — one for
Kategorie: Hacking & Security

Android 11 — 5 New Security and Privacy Features You Need to Know

18 Září, 2020 - 17:48
After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost always for the wrong reason, including Google's failure to prevent malicious apps from being
Kategorie: Hacking & Security

2 Hackers Charged for Defacing Sites after U.S. Airstrike Killed Iranian General

18 Září, 2020 - 10:48
The US Department of Justice (DoJ) on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. Behzad Mohammadzadeh (aka Mrb3hz4d), 19, and Marwan Abusrour (aka Mrwn007), 25, have been charged with conspiracy to commit intentional damage to a protected
Kategorie: Hacking & Security

Zenscrape: A Simple Web Scraping Solution for Penetration Testers

17 Září, 2020 - 16:14
Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It is a much faster and easier process of retrieving data without undergoing the time-consuming
Kategorie: Hacking & Security

U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers

17 Září, 2020 - 14:01
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin and Dmitrii Karasavidi—are accused of stealing $16.8 million worth of cryptocurrencies in a series of
Kategorie: Hacking & Security

FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List

17 Září, 2020 - 10:29
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just
Kategorie: Hacking & Security

New Raccoon Attack Could Let Attackers Break SSL/TLS Encryption

16 Září, 2020 - 11:45
A group of researchers has detailed a new timing vulnerability in Transport Layer Security (TLS) protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol (versions 1.2 and lower) to extract the shared secret key used
Kategorie: Hacking & Security

New Report Explains COVID-19's Impact on Cyber Security

16 Září, 2020 - 11:00
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible
Kategorie: Hacking & Security

Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web

15 Září, 2020 - 13:30
In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over 4,000 stolen credentials and other sensitive data exposed per cybersecurity company. Even the
Kategorie: Hacking & Security