The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 4 min 44 sek zpět

7 Ways Hackers and Scammers Are Exploiting Coronavirus Panic

2 hodiny 48 min zpět
In our previous stories, you might have already read about various campaigns warning how threat actors are capitalizing on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money. Unfortunately, to some extent, it's working, and that's because the attack surface is changing and expanding rapidly as many
Kategorie: Hacking & Security

Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild

8 Duben, 2020 - 12:55
Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as
Kategorie: Hacking & Security

Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset

7 Duben, 2020 - 15:48
Remember xHelper? A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices—making it nearly impossible to remove. xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected so many
Kategorie: Hacking & Security

Secure Remote Working During COVID-19 — Checklist for CISOs

7 Duben, 2020 - 10:49
Coronavirus crisis introduces a heavy burden on the CISOs with the collective impact of a mass transition to working remotely coupled with a surge of cyberattacks that strive to monetize the general chaos. Security vendors, unintendedly, contribute to this burden by a relentless generation of noise in the form of attack reports, best practices, tips, and threat landscape analysis. Here we
Kategorie: Hacking & Security

New Zoom Hack Lets Hackers Compromise Windows and Its Login Password

7 Duben, 2020 - 09:09
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic overnight made it one of the most favorite communication tool for millions of people around the globe. No doubt, Zoom is an efficient online video meeting solution that's helping people stay socially connected during these unprecedented times, but it's
Kategorie: Hacking & Security

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

7 Duben, 2020 - 09:08
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase
Kategorie: Hacking & Security

Magecart Hackers Inject iFrame Skimmers in 19 Sites to Steal Payment Data

3 Duben, 2020 - 12:52
Cybersecurity researchers today uncovered an ongoing new Magecart skimmer campaign that so far has successfully compromised at least 19 different e-commerce websites to steal payment card details of their customers. According to a report published today and shared with The Hacker News, RiskIQ researchers spotted a new digital skimmer, dubbed "MakeFrame," that injects HTML iframes into
Kategorie: Hacking & Security

How Just Visiting A Site Could Have Hacked Your iPhone or MacBook Camera

3 Duben, 2020 - 12:20
If you use Apple iPhone or MacBook, here we have a piece of alarming news for you. Turns out merely visiting a website — not just malicious but also legitimate sites unknowingly loading malicious ads as well — using Safari browser could have let remote attackers secretly access your device's camera, microphone, or location, and in some cases, saved passwords as well. Apple recently paid a $
Kategorie: Hacking & Security

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

1 Duben, 2020 - 15:02
Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at Guardicore
Kategorie: Hacking & Security

Webinar — Autonomous Breach Protection: The New Security Paradigm Shift

1 Duben, 2020 - 13:57
Organizations today struggle with multi-product security stacks, that are expensive to purchase and maintain and also require a highly skilled security team to manually integrate and operate. The current Coronavirus crisis that has imposed a strict quarantine on organizations and security teams highlights the inherent weakness in relying on manual operation. This gives rise to a new security
Kategorie: Hacking & Security

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

31 Březen, 2020 - 17:52
International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. "At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," Marriott said in a
Kategorie: Hacking & Security

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

30 Březen, 2020 - 16:17
As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices. According to a report published by Check
Kategorie: Hacking & Security

AppTrana Offers Protection to Online Businesses During Coronavirus Outbreak

30 Březen, 2020 - 14:22
These are unprecedented times, and everyone is going through a testing period, with more than 3 billion people locked down all over the world. Businesses are scrambling to stay afloat and are forced to move digital in a very short span of time without much preparation. As these businesses move digital, cyber threats are more real than ever. Every day we are hearing news about hackers taking
Kategorie: Hacking & Security

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

29 Březen, 2020 - 20:22
Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploited two critical remote command injection vulnerabilities (CVE-2020-8515) affecting DrayTek Vigor
Kategorie: Hacking & Security

Hackers Used Local News Sites to Install Spyware On iPhones

27 Březen, 2020 - 13:32
A newly discovered watering-hole campaign is targeting Apple iPhone users in Hong Kong by using malicious website links as a lure to install spyware on the devices. According to research published by Trend Micro and Kaspersky, the "Operation Poisoned News" attack leverages a remote iOS exploit chain to deploy a feature-rich implant called 'LightSpy' through links to local news websites, which
Kategorie: Hacking & Security

Watch Out: Android Apps in Google Play Store Capitalizing on Coronavirus Outbreak

27 Březen, 2020 - 12:42
Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps. Now in a fresh twist, third-party Android app developers too have begun to take advantage of the situation to use coronavirus-related keywords in their app names,
Kategorie: Hacking & Security

TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services

25 Březen, 2020 - 17:53
The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transactions. The Android app, called "TrickMo" by IBM X-Force researchers, is under active development and has exclusively targeted German users
Kategorie: Hacking & Security

Dozens of Android Apps for Kids on Google Play Store Caught in Ad Fraud Scheme

25 Březen, 2020 - 13:19
More than 50 Android apps on the Google Play Store—most of which were designed for kids and had racked up almost 1 million downloads between them—have been caught using a new trick to secretly click on ads without the knowledge of smartphone users. Dubbed "Tekya," the malware in the apps imitated users' actions to click ads from advertising networks such as Google's AdMob, AppLovin',
Kategorie: Hacking & Security

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

24 Březen, 2020 - 22:06
A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as CVE-2020-7982, the vulnerability resides in the OPKG package manager of OpenWrt that exists in the
Kategorie: Hacking & Security

How to Provide Remote Incident Response During the Coronavirus Times

24 Březen, 2020 - 15:12
While the Coronavirus pandemic continues to strike chaos across the global economies, threat actors keep on launching cyberattacks on organizations from all sizes and verticals. IR providers face a unique challenge when approached by these organizations since, due to the Coronavirus mass quarantine, conducting incident response engagements by arriving physically to the customers' offices is
Kategorie: Hacking & Security