The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 17 min 37 sek zpět

Flaw in LinkedIn AutoFill Plugin Lets Third-Party Sites Steal Your Data

4 hodiny 43 min zpět
Not just Facebook, a new vulnerability discovered in Linkedin's popular AutoFill functionality found leaking its users' sensitive information to third party websites without the user even knowing about it. LinkedIn provides an AutoFill plugin for a long time that other websites can use to let LinkedIn users quickly fill in profile data, including their full name, phone number, email address,
Kategorie: Hacking & Security

British Schoolboy Who Hacked CIA Director Gets 2-Year Prison Term

8 hodin 19 min zpět
The British teenager who managed to hack into the online accounts of several high-profile US government employees sentenced to two years in prison on Friday. Kane Gamble, now 18, hacked into email accounts of former CIA director John Brennan, former Director of National Intelligence James Clapper, former FBI Deputy Director Mark Giuliano, and other senior FBI officials—all from his parent's
Kategorie: Hacking & Security

Critical Unpatched RCE Flaw Disclosed in LG Network Storage Devices

20 Duben, 2018 - 14:22
If you have installed a network-attached storage device manufactured by LG Electronics, you should take it down immediately, read this article carefully and then take appropriate action to protect your sensitive data. A security researcher has revealed complete technical details of an unpatched critical remote command execution vulnerability in various LG NAS device models that could let
Kategorie: Hacking & Security

Over 20 Million Users Installed Malicious Ad Blockers From Chrome Store

20 Duben, 2018 - 04:48
If you have installed any of the below-mentioned Ad blocker extension in your Chrome browser, you could have been hacked. A security researcher has spotted five malicious ad blockers extension in the Google Chrome Store that had already been installed by at least 20 million users. Unfortunately, malicious browser extensions are nothing new. They often have access to everything you do online
Kategorie: Hacking & Security

9 Popular Training Courses to Learn Ethical Hacking Online

19 Duben, 2018 - 19:01
How to become a Professional Hacker? This is one of the most frequently asked queries we came across on a daily basis. Do you also want to learn real-world hacking techniques but don’t know where to start? This week's THN deal is for you. Today THN Deal Store has announced a new Super-Sized Ethical Hacking Bundle that let you get started your career in hacking and penetration testing
Kategorie: Hacking & Security

Facebook Plans to Build Its Own Chips For Hardware Devices

19 Duben, 2018 - 13:47
A new job opening post on Facebook suggests that the social network is forming a team to build its own hardware chips, joining other tech titans like Google, Apple, and Amazon in becoming more self-reliant. According to the post, Facebook is looking for an expert in ASIC and FPGA—two custom silicon designs to help it evaluate, develop and drive next-generation technologies within Facebook—
Kategorie: Hacking & Security

'iTunes Wi-Fi Sync' Feature Could Let Attackers Hijack Your iPhone, iPad Remotely

19 Duben, 2018 - 12:51
Be careful while plugging your iPhone into a friend's laptop for a quick charge or sharing selected files. Researchers at Symantec have issued a security warning for iPhone and iPad users about a new attack, which they named "TrustJacking," that could allow someone you trust to remotely take persistent control of, and extract data from your Apple device. Apple provides an iTunes Wi-Fi sync
Kategorie: Hacking & Security

Cybercriminals Hijack Router DNS to Distribute Android Banking Trojan

19 Duben, 2018 - 09:40
Security researchers have been warning about an ongoing malware campaign hijacking Internet routers to distribute Android banking malware that steals users' sensitive information, login credentials and the secret code for two-factor authentication. In order to trick victims into installing the Android malware, dubbed Roaming Mantis, hackers have been hijacking DNS settings on vulnerable and
Kategorie: Hacking & Security

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

19 Duben, 2018 - 09:24
It's time to update your Drupal websites, once again. For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft. Discovered by the Drupal security team, the open source content management framework is vulnerable to
Kategorie: Hacking & Security

Suspected 'Big Bitcoin Heist' Mastermind Fled to Sweden On Icelandic PM's Plane

18 Duben, 2018 - 16:03
Remember the "Big bitcoin heist" we reported last month when a group of thieves stole around 600 powerful bitcoin mining devices from Icelandic data centers? Icelandic Police had arrested 11 suspects as part of the investigation, one of which has escaped from prison and fled to Sweden on a passenger plane reportedly also carrying the Icelandic prime minister Katrin Jakobsdottir. Sindri Thor
Kategorie: Hacking & Security

Hackers Exploiting Drupal Vulnerability to Inject Cryptocurrency Miners

18 Duben, 2018 - 11:50
The Drupal vulnerability (CVE-2018-7600), dubbed Drupalgeddon2 that could allow attackers to completely take over vulnerable websites has now been exploited in the wild to deliver malware backdoors and cryptocurrency miners. Drupalgeddon2, a highly critical remote code execution vulnerability discovered two weeks ago in Drupal content management system software, was recently patched by the
Kategorie: Hacking & Security

CCleaner Attack Timeline—Here's How Hackers Infected 2.3 Million PCs

18 Duben, 2018 - 10:44
Last year, the popular system cleanup software CCleaner suffered a massive supply-chain malware attack of all times, wherein hackers compromised the company's servers for more than a month and replaced the original version of the software with the malicious one. The malware attack infected over 2.3 million users who downloaded or updated their CCleaner app between August and September last
Kategorie: Hacking & Security

Intel Processors Now Allows Antivirus to Use Built-in GPUs for Malware Scanning

17 Duben, 2018 - 18:11
Global chip-maker Intel on Tuesday announced two new technologies—Threat Detection Technology (TDT) and Security Essentials—that not only offer hardware-based built-in security features across Intel processors but also improve threat detection without compromising system performance. Intel's Threat Detection Technology (TDT) offers a new set of features that leverage hardware-level telemetry
Kategorie: Hacking & Security

Microsoft built its own custom Linux OS to secure IoT devices

17 Duben, 2018 - 13:08
Finally, it's happening. Microsoft has built its own custom Linux kernel to power "Azure Sphere," a newly launched technology that aims to better secure billions of "Internet of things" devices by combining the custom Linux kernel with new chip design, and its cloud security service. Project Azure Sphere focuses on protecting microcontroller-based IoT devices, including smart appliances,
Kategorie: Hacking & Security

Casino Gets Hacked Through Its Internet-Connected Fish Tank Thermometer

16 Duben, 2018 - 12:14
Internet-connected technology, also known as the Internet of Things (IoT), is now part of daily life, with smart assistants like Siri and Alexa to cars, watches, toasters, fridges, thermostats, lights, and the list goes on and on. But of much greater concern, enterprises are unable to secure each and every device on their network, giving cybercriminals hold on their network hostage with just
Kategorie: Hacking & Security

Hackers Have Started Exploiting Drupal RCE Exploit Released Yesterday

14 Duben, 2018 - 10:37
Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code. Two weeks ago, Drupal security team discovered a highly critical remote code execution vulnerability, dubbed Drupalgeddon2, in its content management system software that could allow attackers to completely take over vulnerable websites. <!-- adsense
Kategorie: Hacking & Security

Hackers Found Using A New Code Injection Technique to Evade Detection

13 Duben, 2018 - 19:03
While performing in-depth analysis of various malware samples, security researchers at Cyberbit found a new code injection technique, dubbed Early Bird, being used by at least three different sophisticated malware that helped attackers evade detection. As its name suggests, Early Bird is a "simple yet powerful" technique that allows attackers to inject malicious code into a legitimate process
Kategorie: Hacking & Security

Popular Android Phone Manufacturers Caught Lying About Security Updates

13 Duben, 2018 - 14:20
Android ecosystem is highly broken when it comes to security, and device manufacturers (better known as OEMs) make it even worse by not providing critical patches in time. According to a new study, most Android vendors have been lying to users about security updates and telling customers that their smartphones are running the latest updates. In other words, most smartphone manufacturers
Kategorie: Hacking & Security

Hacker Can Steal Data from Air-Gapped Computers through Power Lines

12 Duben, 2018 - 17:36
Do you think it is possible to extract data from a computer using its power cables? If no, then you should definitely read about this technique. Researchers from Israel's Ben Gurion University of the Negev—who majorly focus on finding clever ways to exfiltrate data from an isolated or air-gapped computer—have now shown how fluctuations in the current flow "propagated through the power lines"
Kategorie: Hacking & Security

Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

12 Duben, 2018 - 09:29
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month—almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing
Kategorie: Hacking & Security