The Hacker News

Syndikovat obsah
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackersUnknownnoreply@blogger.comBlogger10716125
Aktualizace: 42 min 8 sek zpět

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability

3 Prosinec, 2022 - 05:41
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022. Type confusion Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comThreat Detection / Zero Day37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Hackers Sign Android Malware Apps with Compromised Platform Certificates

2 Prosinec, 2022 - 14:56
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first discovered and reported by Google reverse engineer Łukasz Siewierski on Thursday. "A platform certificate is the application signing certificate used to sign the 'android' application on the system image," a report filed through the Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comMobile Security / Attack Vector37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs

2 Prosinec, 2022 - 14:32
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems (ICS) advisory warning of multiple vulnerabilities in Mitsubishi Electric GX Works3 engineering software. "Successful exploitation of these vulnerabilities could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA serverRavie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comICS Security / Encryption37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

The Value of Old Systems

2 Prosinec, 2022 - 14:00
Old technology solutions – every organization has a few of them tucked away somewhere.  It could be an old and unsupported storage system or a tape library holding the still-functional backups from over 10 years ago.  This is a common scenario with software too. For example, consider an accounting software suite that was extremely expensive when it was purchased. If the vendor eventually went The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comPatch Management / Endpoint Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQL

2 Prosinec, 2022 - 12:29
IBM has fixed a high-severity security vulnerability affecting its Cloud Databases (ICD) for PostgreSQL product that could be potentially exploited to tamper with internal repositories and run unauthorized code. The privilege escalation flaw (CVSS score: 8.8), dubbed "Hell's Keychain" by cloud security firm Wiz, has been described as a "first-of-its-kind supply-chain attack vector impacting a Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comKubernetes / Cloud Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers

2 Prosinec, 2022 - 12:09
A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of the infected systems and likely building a botnet network. The attacks involve taking advantage of a critical security vulnerability in the open source, in-memory, key-value store that was disclosed earlier this year to deploy Redigo, according to cloud security firm Aqua. Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comDatabase Security / Cyber Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

What the CISA Reporting Rule Means for Your IT Security Protocol

2 Prosinec, 2022 - 11:35
The new Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) requires CISA to create rules regarding cyber incident reporting by critical infrastructure organizations. The RFI and hearings precede a Notice of Proposed Rulemaking (NPRM) that CISA must publish sooner than 24 months from the enactment of CIRCIA, which the President signed into law in March. The sessions and The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comIncident Reporting / Password Policy37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely

2 Prosinec, 2022 - 08:48
Multiple unpatched vulnerabilities have been discovered in three Android apps that allow a smartphone to be used as a remote keyboard and mouse. The apps in question are Lazy Mouse, PC Keyboard, and Telepad, which have been cumulatively downloaded over two million times from the Google Play Store. Telepad is no longer available through the app marketplace but can be downloaded from its website. Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comMobile Security / Vulnerability37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities

2 Prosinec, 2022 - 07:04
The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the agencies highlighted a "sharp increase in both the number of compromised Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comData Security / Incident Response37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days

1 Prosinec, 2022 - 15:32
A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. "Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary to Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comThreat Detection / Zero Day37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Hackers Leak Another Set of Medibank Customer Data on the Dark Web

1 Prosinec, 2022 - 14:17
Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said. "While our investigation continues thereRavie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comData Security / Security Breach37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

1 Prosinec, 2022 - 12:44
A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. Tracked as CVE-2022-4116 (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges. "The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comKubernetes / Vulnerability Management37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

What Developers Need to Fight the Battle Against Common Vulnerabilities

1 Prosinec, 2022 - 12:13
Today's threat landscape is constantly evolving, and now more than ever, organizations and businesses in every sector have a critical need to consistently produce and maintain secure software. While some verticals - like the finance industry, for example - have been subject to regulatory and compliance requirements for some time, we are seeing a steady increase in attention on cybersecurity bestThe Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comDevSecOps / Secure Coding37.09024 -95.71289130.307409552903941 -104.5019535 43.873070447096062 -86.9238285
Kategorie: Hacking & Security

Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android Users

1 Prosinec, 2022 - 11:07
More than 300,000 users across 71 countries have been victimized by a new Android threat campaign called the Schoolyard Bully Trojan. Mainly designed to steal Facebook credentials, the malware is camouflaged as legitimate education-themed applications to lure unsuspecting users into downloading them. The apps, which were available for download from the official Google Play Store, have now been Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comMobile Threat Advisory37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network

1 Prosinec, 2022 - 10:48
An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. KmsdBot, as christened by the Akamai Security Intelligence Response Team (SIRT), came to light mid-November 2022 for its ability to brute-force systems with weak SSH credentials. The botnet strikes both Windows and Linux devices spanning a wide range of Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comThreat Intelligence / Botnet37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

LastPass Suffers Another Security Breach; Exposed Some Customers Information

1 Prosinec, 2022 - 10:35
Popular password management service LastPass said it's investigating a second security incident that involved attackers accessing some of its customer information. "We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo," LastPass CEO Karim Toubba said. GoTo, formerly called LogMeIn, acquired LastPass Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.comPassword Management37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

North Korea Hackers Using New "Dolphin" Backdoor to Spy on South Korean Targets

30 Listopad, 2022 - 19:30
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor [...] has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection

30 Listopad, 2022 - 14:44
New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an "unexpected behavior" in the npm command line interface (CLI) tool. npm CLI's install and audit commands have built-in capabilities to check a package and all of its dependencies for known vulnerabilities, effectively acting as a warning mechanism for Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms

30 Listopad, 2022 - 13:15
A malicious Android SMS application discovered on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide range of platforms like Facebook, Google, and WhatsApp. The app, named Symoo (com.vanjan.sms), had over 100,000 downloads and functioned as a relay for transmitting messages to a server, which advertises an account creation Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

French Electricity Provider Fined for Storing Users’ Passwords with Weak MD5 Algorithm

30 Listopad, 2022 - 12:57
The French data protection watchdog on Tuesday fined electricity provider Électricité de France (EDF) €600,000 for violating the European Union General Data Protection Regulation (GDPR) requirements. The Commission nationale de l'informatique et des libertés (CNIL) said the electric utility breached European regulation by storing the passwords for over 25,800 accounts by hashing them using the Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security