The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 35 sek zpět

PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online

16 min 50 sek zpět
An anonymous hacker with an online alias "SandboxEscaper" today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system—that's his/her 5th publicly disclosed Windows zero-day exploit [1, 2, 3] in less than a year. Published on GitHub, the new Windows 10 zero-day vulnerability is a privilege escalation issue that could allow a local
Kategorie: Hacking & Security

Core Elastic Stack Security Features Now Available For Free Users As Well

21 Květen, 2019 - 16:03
Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users. ELK Stack or Elastic Stack is a collection of three powerful open source projects—Elasticsearch, Logstash, and Kibana—that many large and small companies are
Kategorie: Hacking & Security

WEBINAR: How to Get Enterprise Cyber Security for your Mid-Sized Organization

21 Květen, 2019 - 15:46
High-quality cybersecurity posture is typically regarded as the exclusive domain of the large and heavy resourced enterprises – those who can afford a multi-product security stack and a skilled security team to operate it. This implies a grave risk to all organizations who are not part of this group, since the modern threat landscape applies to all, regardless of size and vertical. What is
Kategorie: Hacking & Security

US Tech Giants Google, Intel, Qualcomm, Broadcom Break Up With Huawei

21 Květen, 2019 - 09:40
Google has reportedly suspended all businesses with the world's second-biggest smartphone maker, Huawei, and revoked its Android license effective immediately—a move that will have a drastic impact on Huawei devices across the globe. Revoking Android license means Huawei future smartphones will no longer have access to Android updates and apps like Gmail or the Play Store, as well as Google
Kategorie: Hacking & Security

Hackers Breach Stack Overflow Q&A Site, Some Users' Data Exposed

17 Květen, 2019 - 22:44
Note: We have updated this story to reflect new information after Stack Overflow changed its original announcement and shared more details on the security incident. Stack Overflow, one of the largest question and answer site for programmers, revealed today that unknown hackers managed to exploit a bug in its development tier and then almost a week after they gained unauthorized access to its
Kategorie: Hacking & Security

Report Reveals TeamViewer Was Breached By Chinese Hackers In 2016

17 Květen, 2019 - 20:06
The German software company behind TeamViewer, one of the most popular software in the world that allows users to access and share their desktops remotely, was reportedly compromised in 2016, the German newspaper Der Spiegel revealed today. TeamViewer is popular remote-support software that allows you to securely share your desktop or take full control of other's PC over the Internet from
Kategorie: Hacking & Security

'GozNym' Banking Malware Gang Dismantled by International Law Enforcement

16 Květen, 2019 - 16:08
In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe, primarily in the United States and Europe, for years. <!-- adsense --> GozNym was created by
Kategorie: Hacking & Security

Bluetooth Flaw Found in Google Titan Security Keys; Get Free Replacement

16 Květen, 2019 - 12:55
A team of security researchers at Microsoft discovered a potentially serious vulnerability in the Bluetooth-supported version of Google's Titan Security Keys that could not be patched with a software update. However, users do not need to worry as Google has announced to offer a free replacement for the affected Titan Security Key dongles. In a security advisory published Wednesday, Google
Kategorie: Hacking & Security

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

14 Květen, 2019 - 22:20
Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices. After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and
Kategorie: Hacking & Security

Microsoft Releases Patches For A Critical 'Wormable Flaw' and 78 Other Issues

14 Květen, 2019 - 20:31
It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users' interaction. Out of 79 vulnerabilities, 18 issues
Kategorie: Hacking & Security

Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder

14 Květen, 2019 - 17:44
Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse. None of the flaws patched this month in Adobe products has been found exploited in the wild. Out of 87 total flaws, a whopping number of vulnerabilities (i.e.,
Kategorie: Hacking & Security

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

14 Květen, 2019 - 10:54
Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed Thrangrycat or ????????????, the vulnerability, discovered by researchers from the security firm Red Balloon and identified as CVE-2019-1649, affects
Kategorie: Hacking & Security

Cryptocurrency Hacks Still Growing — What Does That Mean for the Industry?

14 Květen, 2019 - 10:46
Though once synonymous with underground networks and black hat hackers, bitcoin and other cryptocurrencies have gone mainstream over the past two years. In 2017, we saw the skyrocket of bitcoin to an all-time high of close to $20,000 followed by a significant decline the following year. But beyond the ups and downs in the market for the world's largest cryptocurrency is a much more sinister
Kategorie: Hacking & Security

Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones

14 Květen, 2019 - 08:10
Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call. Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp exploit installs
Kategorie: Hacking & Security

U.S. Charges 9 'SIM Swapping' Attackers For Stealing $2.5 Million

10 Květen, 2019 - 21:35
The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called "The Community" and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly $2.5 million worth of the cryptocurrency using a method known as "SIM Swapping." According to the 15-count indictment unsealed today, five Americans
Kategorie: Hacking & Security

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data

10 Květen, 2019 - 12:04
The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government and known to launch cyber attacks against media
Kategorie: Hacking & Security

U.S. Charges Chinese Hacker For 2015 Anthem Data Breach

9 Květen, 2019 - 23:46
The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies. Fujie Wang (王 福 杰) and another hacker named John Doe with three different aliases—Deniel Jack, Kim Young, and Zhou Zhihong—are charged with four
Kategorie: Hacking & Security

Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites

8 Květen, 2019 - 18:55
Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain, www.magento-analytics[.]com, for over last seven months, researchers found that the attackers have been injecting
Kategorie: Hacking & Security

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

8 Květen, 2019 - 15:41
A bug hunter has discovered and publicly disclosed details of an unpatched browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically in China and India, with a massive user base of more than half a billion users worldwide.
Kategorie: Hacking & Security

Google Chrome to Introduce Improved Cookie Controls Against Online Tracking

8 Květen, 2019 - 11:49
At the company's I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google has announced two new features—Improved SameSite Cookies and Fingerprinting Protection—that will be previewed by Google in the Chrome web
Kategorie: Hacking & Security