The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 22 min 52 sek zpět

A New Flaw In Zoom Could Have Let Fraudsters Mimic Organisations

1 min 47 sek zpět
In a report shared with The Hacker News, researchers at cybersecurity firm CheckPoint today disclosed details of a minor but easy-to-exploit flaw they reported in Zoom, the highly popular and widely used video conferencing software. The latest Zoom flaw could have allowed attackers mimic an organization, tricking its employees or business partners into revealing personal or other confidential
Kategorie: Hacking & Security

Why Can Application Security Be Considered A Enabler For Business?

1 hodina 52 min zpět
If you ask Alex, he won't admit being old-fashioned. He has been working in the IT industry for a while now and accepts that security is important for the business's health. But reluctant to take security as the business enabler. In today's environment, moving to digitization is a critical step required to drive innovation and business growth. When the application development takes the driver
Kategorie: Hacking & Security

New Android Malware Now Steals Passwords For Non-Banking Apps Too

2 hodiny 24 min zpět
Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps—in total 337 non-financial Android applications on it's target list. Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked
Kategorie: Hacking & Security

Several High-Profile Accounts Hacked in the Biggest Twitter Hack of All Time

6 hodin 23 min zpět
Social media platform Twitter, earlier today on Wednesday, was on fire after it suffered one of the biggest cyberattacks in its history. A number of high-profile Twitter accounts, including those of US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple, were breached simultaneously in what's a far-reaching hacking campaign carried out to promote a
Kategorie: Hacking & Security

Critical RCE Flaw Affects F5 BIG-IP Application Security Servers

15 Červenec, 2020 - 20:43
Cybersecurity researchers today issued a security advisory warning enterprises and governments across the globe to immediately patch a highly-critical remote code execution vulnerability affecting F5's BIG-IP networking devices running application security servers. The vulnerability, assigned CVE-2020-5902 and rated as critical with a CVSS score of 10 out of 10, could let remote attackers
Kategorie: Hacking & Security

CompTIA Certification Prep Courses – Get Lifetime Access @ 98% Discount

15 Červenec, 2020 - 15:44
In the world of professional IT, recruiters look for certificates as an important criterion for eligibility and assessing skills. Any IT professional with résumé that includes CompTIA certificates tends to rise up the pile. Of course, there are many different CompTIA exams you can choose from based on your interest and already chosen path. Our educational and industry partners have
Kategorie: Hacking & Security

4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide

15 Červenec, 2020 - 14:39
Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe. Collectively called the "Tetrade" by Kaspersky researchers, the malware families — comprising Guildma, Javali, Melcoz, and Grandoreiro — have evolved their capabilities to function as a backdoor and adopt
Kategorie: Hacking & Security

17-Year-Old Critical 'Wormable' RCE Vulnerability Impacts Windows DNS Servers

15 Červenec, 2020 - 10:02
Cybersecurity researchers today disclosed a new highly critical "wormable" vulnerability—carrying a severity score of 10 out of 10 on the CVSS scale—affecting Windows Server versions 2003 to 2019. The 17-year-old remote code execution flaw (CVE-2020-1350), dubbed 'SigRed' by Check Point, could allow an unauthenticated, remote attacker to gain domain administrator privileges over targeted
Kategorie: Hacking & Security

Adobe Issues July 2020 Critical Security Patches for Multiple Software

14 Červenec, 2020 - 16:45
Adobe today released software updates to patch a total of 13 new security vulnerabilities affecting 5 of its widely used applications. Out of these 13 vulnerabilities, four have been rated critical, and nine are important in severity. The affected products that received security patches today include: Adobe Creative Cloud Desktop Application Adobe Media Encoder Adobe Genuine Service Adobe
Kategorie: Hacking & Security

New Highly-Critical SAP Bug Could Let Attackers Take Over Corporate Servers

14 Červenec, 2020 - 09:17
SAP has patched a critical vulnerability impacting the LM Configuration Wizard component in NetWeaver Application Server (AS) Java platform, allowing an unauthenticated attacker to take control of SAP applications. The bug, dubbed RECON and tracked as CVE-2020-6287, is rated with a maximum CVSS score of 10 out of 10, potentially affecting over 40,000 SAP customers, according to cybersecurity
Kategorie: Hacking & Security

Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

11 Červenec, 2020 - 21:03
Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content, and even upload unauthorized videos. The Indian video sharing app, called Chingari, is available for Android and iOS
Kategorie: Hacking & Security

Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier

10 Červenec, 2020 - 17:51
A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older. To successfully exploit the zoom vulnerability, all an attacker needs to do is tricking a Zoom user into performing some typical action like opening a received document file. No security
Kategorie: Hacking & Security

Joker Malware Apps Once Again Bypass Google's Security to Spread via Play Store

9 Červenec, 2020 - 16:51
Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge. In a report published by Check Point research today, the malware — infamously called Joker (or Bread) — has found another trick to bypass Google's Play Store protections:
Kategorie: Hacking & Security

The Incident Response Challenge 2020 — Results and Solutions Announced

8 Červenec, 2020 - 11:18
In April 2020, Cynet launched the world's first Incident Response Challenge to test and reward the skills of Incident Response professionals. The Challenge consisted of 25 incidents, in increasing difficulty, all inspired by real-life scenarios that required participants to go beyond the textbook solution and think outside of the box. Over 2,500 IR professionals competed to be recognized as
Kategorie: Hacking & Security

Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products

8 Červenec, 2020 - 09:43
Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WAN Optimization edition (WANOP) networking products. Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against the
Kategorie: Hacking & Security

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

8 Červenec, 2020 - 09:01
A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions. According to a
Kategorie: Hacking & Security

Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service

7 Červenec, 2020 - 14:40
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with
Kategorie: Hacking & Security

Cato MDR: Managed Threat Detection and Response Made Easy

6 Červenec, 2020 - 16:41
Lately, we can't help noticing an endless cycle where the more enterprises invest in threat prevention; the more hackers adapt and continue to penetrate enterprises. To make things worse, detecting these penetrations still takes too long with an average dwell time that exceeds 100 (!) days. To keep the enterprise protected, IT needs to figure out a way to break this endless cycle without
Kategorie: Hacking & Security

Police Arrested Hundreds of Criminals After Hacking Into Encrypted Chat Network

3 Červenec, 2020 - 13:56
In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders. Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized
Kategorie: Hacking & Security

Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws

1 Červenec, 2020 - 14:25
Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions' users. To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly 'Patch Tuesday Updates' scheduled for 14th July. That's likely because both flaws reside in the Windows Codecs
Kategorie: Hacking & Security