The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 47 min 6 sek zpět

Interpol Arrests 3 Indonesian Credit Card Hackers for Magecart Attacks

25 Leden, 2020 - 20:00
The Indonesian National Police in a joint press conference with Interpol earlier today announced the arrest of three Magecart-style Indonesian hackers who had compromised hundreds of international e-commerce websites and stolen payment card details of their online shoppers. Dubbed 'Operation Night Fury,' the investigation was led by Interpol's ASEAN Cyber Capability Desk, a joint initiative by
Kategorie: Hacking & Security

Russian Pleads Guilty to Running 'CardPlanet' to Sell Stolen Credit Cards

24 Leden, 2020 - 10:51
Image credit: Times of Israel. Aleksei Burkov, a 29-year-old Russian hacker, on Thursday pleaded guilty to multiple criminal charges for running two illegal websites that helped cyber criminals commit more than $20 million in credit card fraud. The first website Burkov operated was an online marketplace for buying and selling stolen credit card and debit card numbers—called Cardplanet—which
Kategorie: Hacking & Security

Citrix Releases Patches for Critical ADC Vulnerability Under Active Attack

24 Leden, 2020 - 08:05
Citrix has finally started rolling out security patches for a critical vulnerability in ADC and Gateway software that attackers started exploiting in the wild earlier this month after the company announced the existence of the issue without releasing any permanent fix. I wish I could say, "better late than never," but since hackers don't waste time or miss any opportunity to exploit
Kategorie: Hacking & Security

250 Million Microsoft Customer Support Records Exposed Online

23 Leden, 2020 - 09:36
If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million "Customer Service and Support" (CSS) records on the Internet due to a misconfigured server containing logs of conversations between its support
Kategorie: Hacking & Security

Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp

22 Leden, 2020 - 21:39
The iPhone of Amazon founder Jeff Bezos, the world's richest man, was reportedly hacked in May 2018 after receiving a WhatsApp message from the personal account of Saudi crown prince Mohammed bin Salman, the Guardian newspaper revealed today. Citing unnamed sources familiar with digital forensic analysis of the breach, the newspaper claimed that a massive amount of data was exfiltrated from
Kategorie: Hacking & Security

Download: The State of Security Breach Protection 2020 Survey Results

22 Leden, 2020 - 13:36
What are the key considerations security decision-makers should take into account when designing their 2020 breach protection? To answer this, we polled 1,536 cybersecurity professionals in The State of Breach Protection 2020 survey (Download the full survey here) to understand the common practices, prioritization, and preferences of the organization today in protecting themselves from
Kategorie: Hacking & Security

BitDam Study Exposes High Miss Rates of Leading Email Security Systems

21 Leden, 2020 - 13:08
Imagine receiving an email from US VP Mike Pence's official email account asking for help because he has been stranded in the Philippines. Actually, you don't have to. This actually happened. Pence's email was hacked when he was still the governor of Indiana, and his account was used to attempt to defraud several people. How did this happen? Is it similar to how the DNC server was hacked?
Kategorie: Hacking & Security

Evaluating Your Security Controls? Be Sure to Ask the Right Questions

20 Leden, 2020 - 13:22
Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face at this moment? "Decide what you want to know and then choose the best tool for the job."
Kategorie: Hacking & Security

Microsoft Warns of Unpatched IE Browser Zero-Day That's Under Active Attacks

18 Leden, 2020 - 16:56
Internet Explorer is dead, but not the mess it left behind. Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it. The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote
Kategorie: Hacking & Security

Use iPhone as Physical Security Key to Protect Your Google Accounts

16 Leden, 2020 - 20:23
Great news for iOS users! You can now use your iPhone or iPad, running iOS 10 or later, as a physical security key for securely logging into your Google account as part of the Advanced Protection Program for two-factor authentication. Android users have had this feature on their smartphones since last year, but now Apple product owners can also use this advanced, phishing-resistant form of
Kategorie: Hacking & Security

Broadening the Scope: A Comprehensive View of Pen Testing

16 Leden, 2020 - 19:07
Penetration tests have long been known as a critical security tool that exposes security weaknesses through simulated attacks on an organization's IT environments. These test results can help prioritize weaknesses, providing a road-map towards remediation. However, the results are also capable of doing even more. They identify and quantify security risk, and can be used as a keystone in
Kategorie: Hacking & Security

Download Ultimate 'Security for Management' Presentation Template

15 Leden, 2020 - 10:20
There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we'll refer to this individual as the CISO. This person is the
Kategorie: Hacking & Security

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

14 Leden, 2020 - 20:51
After Adobe today releases its first Patch Tuesday updates for 2020, Microsoft has now also published its January security advisories warning billions of users of 49 new vulnerabilities in its various products. What's so special about the latest Patch Tuesday is that one of the updates fixes a serious flaw in the core cryptographic component of widely used Windows 10, Server 2016 and 2019
Kategorie: Hacking & Security

Adobe Releases First 2020 Patch Tuesday Software Updates

14 Leden, 2020 - 15:52
Adobe today released software updates to patch a total of 9 new security vulnerabilities in two of its widely used applications, Adobe Experience Manager and Adobe Illustrator. It's the first Patch Tuesday for the year 2020 and one of the lightest patch releases in a long time for Adobe users. Moreover, none of the security vulnerabilities patched this month were either publicly disclosed or
Kategorie: Hacking & Security

PoC Exploits Released for Citrix ADC and Gateway RCE Vulnerability

11 Leden, 2020 - 11:22
It's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix's NetScaler ADC
Kategorie: Hacking & Security

Researchers Demonstrate How to Hack Any TikTok Account by Sending SMS

9 Leden, 2020 - 19:14
TikTok, the 3rd most downloaded app in 2019, is under intense scrutiny over users' privacy, censoring politically controversial content and on national-security grounds—but it's not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral video-sharing app contained potentially dangerous vulnerabilities that could have allowed remote attackers
Kategorie: Hacking & Security

Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!

9 Leden, 2020 - 11:34
Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website. Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing
Kategorie: Hacking & Security

3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group

7 Leden, 2020 - 17:41
Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store⁠—you have been hacked and being tracked. These newly detected malicious Android apps are Camero, FileCrypt, and callCam that are believed to be linked to Sidewinder APT, a sophisticated hacking group specialized in cyber
Kategorie: Hacking & Security

Are You Ready for Microsoft Windows 7 End of Support on 14th January 2020?

7 Leden, 2020 - 16:02
January 14, 2020, is a day cybersecurity stakeholders should pay attention to, as it marks the end of Microsoft support in Windows 7. From a security perspective, both the routine monthly security patches as well as hotfixes for attacks in the wild will not be available, effectively making any newly discovered vulnerability a Windows 7 zero-day. Cynet 360 autonomous breach protection is a
Kategorie: Hacking & Security

Xiaomi Cameras Connected to Google Nest Expose Video Feeds From Others

3 Leden, 2020 - 11:58
Internet-connected devices have been one of the most remarkable developments that have happened to humankind in the last decade. Although this development is a good thing, it also stipulates a high security and privacy risk to personal information. In one such recent privacy mishap, smart IP cameras manufactured by Chinese smartphone maker Xiaomi found mistakenly sharing surveillance footage
Kategorie: Hacking & Security