The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 29 min 27 sek zpět

Police Arrested Hundreds of Criminals After Hacking Into Encrypted Chat Network

3 Červenec, 2020 - 13:56
In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders. Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized
Kategorie: Hacking & Security

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking

2 Červenec, 2020 - 15:31
A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions. According to a
Kategorie: Hacking & Security

Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws

1 Červenec, 2020 - 14:25
Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions' users. To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly 'Patch Tuesday Updates' scheduled for 14th July. That's likely because both flaws reside in the Windows Codecs
Kategorie: Hacking & Security

Use This Definitive RFP Template to Effectively Evaluate XDR solutions

1 Červenec, 2020 - 12:43
A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the evolution of Endpoint
Kategorie: Hacking & Security

A New Ransomware Targeting Apple macOS Users Through Pirated Apps

1 Červenec, 2020 - 11:08
Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest" — is packaged along with legitimate apps, which upon installation, disguises itself as Apple's
Kategorie: Hacking & Security

e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata

30 Červen, 2020 - 09:57
In what's one of the most innovative hacking campaigns, cybercrime gangs are now hiding malicious code implants in the metadata of image files to covertly steal payment card information entered by visitors on the hacked websites. "We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores," Malwarebytes
Kategorie: Hacking & Security

Advanced StrongPity Hackers Target Syria and Turkey with Retooled Spyware

30 Červen, 2020 - 09:45
Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes. The advanced persistent threat behind the operation, called StrongPity, has retooled with new tactics to control compromised machines, cybersecurity firm Bitdefender said in a report shared with The Hacker
Kategorie: Hacking & Security

Russian Hacker Gets 9-Year Jail for Running Online Shop of Stolen Credit Cards

29 Červen, 2020 - 13:21
A United States federal district court has finally sentenced a Russian hacker to nine years in federal prison after he pleaded guilty of running two illegal websites devoted to facilitating payment card fraud, computer hacking, and other crimes. Aleksei Yurievich Burkov, 30, pleaded guilty in January this year to two of the five charges against him for credit card fraud—one count of access
Kategorie: Hacking & Security

'Satori' IoT DDoS Botnet Operator Sentenced to 13 Months in Prison

26 Červen, 2020 - 16:05
The United States Department of Justice yesterday sentenced a 22-year-old Washington-based hacker to 13 months in federal prison for his role in creating botnet malware, infecting a large number of systems with it, and then abusing those systems to carry out large scale distributed denial-of-service (DDoS) attacks against various online service and targets. According to court documents,
Kategorie: Hacking & Security

WikiLeaks Founder Charged With Conspiring With LulzSec & Anonymous Hackers

25 Červen, 2020 - 14:11
The United States government has filed a superseding indictment against WikiLeaks founder Julian Assange accusing him of collaborating with computer hackers, including those affiliated with the infamous LulzSec and "Anonymous" hacking groups. The new superseding indictment does not contain any additional charges beyond the prior 18-count indictment filed against Assange in May 2019, but it
Kategorie: Hacking & Security

Docker Images Containing Cryptojacking Malware Distributed via Docker Hub

25 Červen, 2020 - 12:42
With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies. According to a report published by Palo Alto Networks' Unit 42 threat intelligence team, the
Kategorie: Hacking & Security

Critical Bugs and Backdoor Found in GeoVision's Fingerprint and Card Scanners

25 Červen, 2020 - 12:15
GeoVision, a Taiwanese manufacturer of video surveillance systems and IP cameras, recently patched three of the four critical flaws impacting its card and fingerprint scanners that could've potentially allowed attackers to intercept network traffic and stage man-in-the-middle attacks. In a report shared exclusively with The Hacker News, enterprise security firm Acronis said it discovered the
Kategorie: Hacking & Security

New Privacy Features Added to the Upcoming Apple iOS 14 and macOS Big Sur

23 Červen, 2020 - 17:29
Unprecedented times call for unprecedented measures. No, we're not talking about 'coronavirus,' the current global pandemic because of which Apple—for the very first time in history—organized its Worldwide Developer Conference (WWDC) virtually. Here we're talking about a world in which we are all connected and constantly sharing data, also known as the new oil, with something called "privacy"
Kategorie: Hacking & Security

VirusTotal Adds Cynet's Artificial Intelligence-Based Malware Detection

23 Červen, 2020 - 13:03
VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm. VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples,
Kategorie: Hacking & Security

Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

23 Červen, 2020 - 10:53
Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites. According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for
Kategorie: Hacking & Security

Hackers Leaked 269 GB of U.S. Police and Fusion Centers Data Online

22 Červen, 2020 - 16:08
A group of hacktivists and transparency advocates has published a massive 269 GB of data allegedly stolen from more than 200 police departments, fusion centers, and other law enforcement agencies across the United States. Dubbed BlueLeaks, the exposed data leaked by the DDoSecrets group contains hundreds of thousands of sensitive documents from the past ten years with official and personal
Kategorie: Hacking & Security

Over 100 New Chrome Browser Extensions Caught Spying On Users

22 Červen, 2020 - 12:10
Google recently removed 106 more extensions from its Chrome Web Store after they were found illegally collecting sensitive user data as part of a "massive global surveillance campaign" targeting oil and gas, finance, and healthcare sectors. Awake Security, which disclosed the findings late last week, said the malicious browser add-ons were tied back to a single internet domain registrar,
Kategorie: Hacking & Security

InvisiMole Hackers Target High-Profile Military and Diplomatic Entities

18 Červen, 2020 - 11:50
Cybersecurity researchers today uncovered the modus operandi of an elusive threat group that hacks into the high-profile military and diplomatic entities in Eastern Europe for espionage. The findings are part of a collaborative analysis by cybersecurity firm ESET and the impacted firms, resulting in an extensive look into InvisiMole's operations and the group's tactics, tools, and procedures
Kategorie: Hacking & Security

Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs

17 Červen, 2020 - 14:48
Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money. The campaign, dubbed "Operation In(ter)ception" because of a reference to "Inception" in the malware sample, took
Kategorie: Hacking & Security

New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking

17 Červen, 2020 - 14:37
The Department of Homeland Security and CISA ICS-CERT today issued a critical security advisory warning about over a dozen newly discovered vulnerabilities affecting billions of Internet-connected devices manufactured by many vendors across the globe. Dubbed "Ripple20," the set of 19 vulnerabilities resides in a low-level TCP/IP software library developed by Treck, which, if weaponized, could
Kategorie: Hacking & Security