The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 13 min 1 sek zpět

Unpatched Zoom App Bug Lets Hackers Steal Your Windows Password

1 hodina 7 min zpět
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic made it overnight a favorite tool for millions of people. Though Zoom is an efficient online video meeting solution, it's still not the best choice in terms of privacy and security. According to the latest finding by cybersecurity expert @_g0dmode, which
Kategorie: Hacking & Security

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

3 hodiny 40 min zpět
Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at Guardicore
Kategorie: Hacking & Security

Webinar — Autonomous Breach Protection: The New Security Paradigm Shift

4 hodiny 45 min zpět
Organizations today struggle with multi-product security stacks, that are expensive to purchase and maintain and also require a highly skilled security team to manually integrate and operate. The current Coronavirus crisis that has imposed a strict quarantine on organizations and security teams highlights the inherent weakness in relying on manual operation. This gives rise to a new security
Kategorie: Hacking & Security

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

31 Březen, 2020 - 17:52
International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. "At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," Marriott said in a
Kategorie: Hacking & Security

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

30 Březen, 2020 - 16:17
As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices. According to a report published by Check
Kategorie: Hacking & Security

AppTrana Offers Protection to Online Businesses During Coronavirus Outbreak

30 Březen, 2020 - 14:22
These are unprecedented times, and everyone is going through a testing period, with more than 3 billion people locked down all over the world. Businesses are scrambling to stay afloat and are forced to move digital in a very short span of time without much preparation. As these businesses move digital, cyber threats are more real than ever. Every day we are hearing news about hackers taking
Kategorie: Hacking & Security

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

29 Březen, 2020 - 20:22
Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploited two critical remote command injection vulnerabilities (CVE-2020-8515) affecting DrayTek Vigor
Kategorie: Hacking & Security

Hackers Used Local News Sites to Install Spyware On iPhones

27 Březen, 2020 - 13:32
A newly discovered watering-hole campaign is targeting Apple iPhone users in Hong Kong by using malicious website links as a lure to install spyware on the devices. According to research published by Trend Micro and Kaspersky, the "Operation Poisoned News" attack leverages a remote iOS exploit chain to deploy a feature-rich implant called 'LightSpy' through links to local news websites, which
Kategorie: Hacking & Security

Watch Out: Android Apps in Google Play Store Capitalizing on Coronavirus Outbreak

27 Březen, 2020 - 12:42
Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps. Now in a fresh twist, third-party Android app developers too have begun to take advantage of the situation to use coronavirus-related keywords in their app names,
Kategorie: Hacking & Security

TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services

25 Březen, 2020 - 17:53
The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transactions. The Android app, called "TrickMo" by IBM X-Force researchers, is under active development and has exclusively targeted German users
Kategorie: Hacking & Security

Dozens of Android Apps for Kids on Google Play Store Caught in Ad Fraud Scheme

25 Březen, 2020 - 13:19
More than 50 Android apps on the Google Play Store—most of which were designed for kids and had racked up almost 1 million downloads between them—have been caught using a new trick to secretly click on ads without the knowledge of smartphone users. Dubbed "Tekya," the malware in the apps imitated users' actions to click ads from advertising networks such as Google's AdMob, AppLovin',
Kategorie: Hacking & Security

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

24 Březen, 2020 - 22:06
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the
Kategorie: Hacking & Security

How to Provide Remote Incident Response During the Coronavirus Times

24 Březen, 2020 - 15:12
While the Coronavirus pandemic continues to strike chaos across the global economies, threat actors keep on launching cyberattacks on organizations from all sizes and verticals. IR providers face a unique challenge when approached by these organizations since, due to the Coronavirus mass quarantine, conducting incident response engagements by arriving physically to the customers' offices is
Kategorie: Hacking & Security

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions

23 Březen, 2020 - 21:18
Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers. According to Microsoft, both unpatched flaws are being used in limited, targeted attacks and impact all supported versions of the Windows operating system—including Windows 10, 8.1
Kategorie: Hacking & Security

User Survey 2020 Report Shows Rapid Growth In Apache Pulsar Adoption

23 Březen, 2020 - 11:10
For the first time ever, the Apache Pulsar PMC team is publishing a user survey report. The 2020 Apache Pulsar User Survey Report reveals Pulsar's accelerating rate of global adoption, details how organizations are leveraging Pulsar to build real-time streaming applications, and highlights key features on Pulsar's product roadmap. Apache Pulsar is a cloud-native, distributed open source
Kategorie: Hacking & Security

Android Cookie-Stealing Malware Found Hijacking Facebook Accounts

21 Březen, 2020 - 20:43
A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices. Dubbed "Cookiethief" by Kaspersky researchers, the Trojan works by acquiring superuser root rights on the target device, and subsequently, transfer stolen cookies to
Kategorie: Hacking & Security

Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices

21 Březen, 2020 - 10:45
A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines. Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall
Kategorie: Hacking & Security

Multiple DDoS Botnets Exploited 0-Day Flaws in LILIN DVR Surveillance Systems

21 Březen, 2020 - 10:39
Multiple zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-day
Kategorie: Hacking & Security

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

19 Březen, 2020 - 15:01
As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns. Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own
Kategorie: Hacking & Security

How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats

18 Březen, 2020 - 19:04
The Coronavirus is hitting hard on the world's economy, creating a high volume of uncertainty within organizations. Cybersecurity firm Cynet today revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors. In light of these insights, Cynet has also shared a few ways to best prepare for the
Kategorie: Hacking & Security