The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 24 min 7 sek zpět

Google Blocks Chrome Extension Installations From 3rd-Party Sites

12 Červen, 2018 - 21:40
You probably have come across many websites that let you install browser extensions without ever going to the official Chrome web store. It's a great way for users to install an extension, but now Google has decided to remove the ability for websites to offer "inline installation" of Chrome extensions on all platforms. <!-- adsense --> Google announced today in its Chromium blog that by the
Kategorie: Hacking & Security

Signature Validation Bug Let Malware Bypass Several Mac Security Products

12 Červen, 2018 - 17:04
A years-old vulnerability has been discovered in the way several security products for Mac implement Apple's code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers. Josh Pitts, a researcher from security firm Okta, discovered that several third-party security products for Mac—including
Kategorie: Hacking & Security

Thousands of Android Devices Running Insecure Remote ADB Service

12 Červen, 2018 - 13:30
Despite warnings about the threat of leaving insecure remote services enabled on Android devices, manufacturers continue to ship devices with open ADB debug port setups that leave Android-based devices exposed to hackers. Android Debug Bridge (ADB) is a command-line feature that generally uses for diagnostic and debugging purposes by helping app developers communicate with Android devices
Kategorie: Hacking & Security

Apple Bans Cryptocurrency Mining Apps From Its App Stores

12 Červen, 2018 - 11:59
Due to the surge in cryptocurrency prices, not only hackers but also legitimate websites and mobile apps are increasingly using cryptocurrency miners to monetize by levying the CPU power of your PC and phones to mine cryptocurrencies. However, Apple wants to protect your Mac and iPhone battery from shady cryptocurrency mining apps, and therefore, the company has put restrictions on such apps
Kategorie: Hacking & Security

Feds Arrest 74 Email Fraudsters Involved in Nigerian BEC Scams

12 Červen, 2018 - 09:45
The United States Department of Justice announced Monday the arrest of 74 email fraudsters across three continents in a global crackdown on a large-scale business email compromise (BEC) scheme. The arrest was the result of a six-month-long operation dubbed "Operation Wire Wire" that involved the US Department of Justice, the US Department of Homeland Security, the US Treasury, and the US Postal
Kategorie: Hacking & Security

A New Paradigm For Cyber Threat Hunting

11 Červen, 2018 - 16:42
It’s no secret that expecting security controls to block every infection vector is unrealistic. For most organizations, the chances are very high that threats have already penetrated their defenses and are lurking in their network. Pinpointing such threats quickly is essential, but traditional approaches to finding these needles in the haystack often fall short. Now there is a unique
Kategorie: Hacking & Security

U.S. Builds World's Fastest Supercomputer – Summit

11 Červen, 2018 - 16:09
China no longer owns the fastest supercomputer in the world; It is the United States now. Though China still has more supercomputers on the Top 500 list, the USA takes the crown of "world's fastest supercomputer" from China after IBM and the U.S. Department of Energy's Oak Ridge National Laboratory (ORNL) unveiled "Summit." Summit is claimed to be more than twice as powerful as the current
Kategorie: Hacking & Security

Hackers Stole Over $20 Million in Ethereum from Insecurely Configured Clients

11 Červen, 2018 - 12:15
Security researchers have been warning about cybercriminals who have made over 20 million dollars in just past few months by hijacking insecurely configured Ethereum nodes exposed on the Internet. Qihoo 360 Netlab in March tweeted about a group of cybercriminals who were scanning the Internet for port 8545 to find insecure geth clients running Ethereum nodes and, at that time, stole 3.96234
Kategorie: Hacking & Security

Russia to Fine Search Engines for Linking to Banned VPN services

9 Červen, 2018 - 20:54
In its years-long efforts to censor the Internet by blocking access to a large number of websites in the country, Russia has now approved a new bill introducing fines for search engines that provide links to banned sites, VPN services, and anonymization tools. VPNs, or Virtual Private Networks, are third-party services that help users access block banned websites by encrypting users' Internet
Kategorie: Hacking & Security

Facebook bug changed 14 million users’ default privacy settings to public

8 Červen, 2018 - 09:56
Facebook admits as many as 14 millions of its users who thought they're sharing content privately with only friends may have inadvertently shared their posts with everyone because of a software bug. Facebook said in front of Congress in March over the Cambridge Analytica scandal that "every piece of content that you share on Facebook you own, you have complete control over who sees it and how
Kategorie: Hacking & Security

Adobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit

7 Červen, 2018 - 18:53
If you have already uninstalled Flash player, well done! But if you haven't, here's another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attacks against Windows users. <!-- adsense --> Independently discovered last week by several security
Kategorie: Hacking & Security

Marcus Hutchins, WannaCry-killer, hit with four new charges by the FBI

7 Červen, 2018 - 14:38
Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information. Hutchins, the 24-year-old better known as MalwareTech, was arrested by the FBI last year as he was headed home to England from the DefCon conference in Las Vegas for his alleged role
Kategorie: Hacking & Security

Prowli Malware Targeting Servers, Routers, and IoT Devices

7 Červen, 2018 - 11:42
After the discovery of massive VPNFilter malware botnet, security researchers have now uncovered another giant botnet that has already compromised more than 40,000 servers, modems and internet-connected devices belonging to a wide number of organizations across the world. Dubbed Operation Prowli, the campaign has been spreading malware and injecting malicious code to take over servers and
Kategorie: Hacking & Security

Update Google Chrome Immediately to Patch a High Severity Vulnerability

6 Červen, 2018 - 21:27
You must update your Google Chrome now. Security researcher Michał Bentkowski discovered and reported a high severity vulnerability in Google Chrome in late May, affecting the web browsing software for all major operating systems including Windows, Mac, and Linux. Without revealing any technical detail about the vulnerability, the Chrome security team described the issue as incorrect
Kategorie: Hacking & Security

Destructive and MiTM Capabilities of VPNFilter Malware Revealed

6 Červen, 2018 - 16:47
It turns out that the threat of the massive VPNFilter botnet malware that was discovered late last month is beyond what we initially thought. Security researchers from Cisco's Talos cyber intelligence have today uncovered more details about VPNFilter malware, an advanced piece of IoT botnet malware that infected more than 500,000 routers in at least 54 countries, allowing attackers to spy on
Kategorie: Hacking & Security

Apple will let users run iOS apps on macOS

6 Červen, 2018 - 11:44
Apple is making it easier for mobile developers to port their iOS apps to the next-generation macOS Mojave desktop platform—a major step in bringing the two platforms closer together. However, at the same time, the company straightforward denied the idea of merging the iPhone and Mac operating systems into one platform, which was being speculated for years. So, Apple made it clear that iOS
Kategorie: Hacking & Security

MyHeritage Says Over 92 Million User Accounts Have Been Compromised

5 Červen, 2018 - 20:10
MyHeritage, the Israel-based DNA testing service designed to investigate family history, has disclosed that the company website was breached last year by unknown attackers, who stole login credentials of its more than 92 million customers. The company learned about the breach on June 4, 2018, after an unnamed security researcher discovered a database file named "myheritage" on a private
Kategorie: Hacking & Security

'Zip Slip' Vulnerability Affects Thousands of Projects Across Many Ecosystems

5 Červen, 2018 - 18:11
Security researchers at British software firm Snyk have revealed details of a critical vulnerability that affects thousands of projects across many ecosystems and can be exploited by attackers to achieve code execution on the target systems. Dubbed "Zip Slip," the issue is an arbitrary file overwrite vulnerability that triggers from a directory traversal attack while extracting files from an
Kategorie: Hacking & Security

All New Privacy and Security Features Coming in macOS 10.14 Mojave

5 Červen, 2018 - 16:10
At Worldwide Developer Conference 2018 on Monday, Apple announced the next version of its macOS operating system, and it's called Mojave. Besides introducing new features and improvements of macOS 10.14 Mojave—like Dark Mode, Group FaceTime, Dynamic Desktop, and Finder—at WWDC, Apple also revealed a bunch of new security and privacy features coming with the next major macOS update. Apple CEO
Kategorie: Hacking & Security

IoT Botnets Found Using Default Credentials for C&C Server Databases

5 Červen, 2018 - 11:47
Not following cybersecurity best practices could not only cost online users but also cost cybercriminals. Yes, sometimes hackers don't take best security measures to keep their infrastructure safe. A variant of IoT botnet, called Owari, that relies on default or weak credentials to hack insecure IoT devices was found itself using default credentials in its MySQL server integrated with command
Kategorie: Hacking & Security