The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 24 min 36 sek zpět

Mozilla Launches 'Firefox Private Network' VPN Service as a Browser Extension

11 Září, 2019 - 09:48
Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to desktop users in the United States as part of Mozilla's recently expunged "Firefox Test Pilot"
Kategorie: Hacking & Security

Hundreds of BEC Scammers Arrested in Nigeria and U.S. — $3.7 Million Recovered

11 Září, 2019 - 08:32
Breaking News — The Nigerian prince and his allies who might have also asked you over an email for your assistance to help save "the first African astronaut lost in space" have finally been arrested by the FBI. Don't take it too seriously, as there's no Nigerian prince or an astronaut seeking your help. Instead, it was an infamous 'Nigerian 419' scam email template where fraudsters try to
Kategorie: Hacking & Security

Latest Microsoft Updates Patch 4 Critical Flaws In Windows RDP Client

10 Září, 2019 - 20:36
Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an
Kategorie: Hacking & Security

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext

10 Září, 2019 - 18:42
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecure storage of credentials, potentially affecting every user and system on that network. Researcher
Kategorie: Hacking & Security

Adobe Releases Security Patches For Critical Flash Player Vulnerabilities

10 Září, 2019 - 17:31
It's Patch Tuesday again—the day of the month when both Adobe and Microsoft release security patches for vulnerabilities in their software. Adobe has just released its monthly security updates to address a total of 3 security vulnerabilities in only two of its products this time—Adobe Flash Player and Adobe Application Manager (AAM). None of the security vulnerabilities patched this month in
Kategorie: Hacking & Security

New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

9 Září, 2019 - 15:18
Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012, Stealth Falcon is a sophisticated hacking group known for targeting journalists, activists, and
Kategorie: Hacking & Security

Facebook Patches "Memory Disclosure Using JPEG Images" Flaws in HHVM Servers

9 Září, 2019 - 10:12
Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for
Kategorie: Hacking & Security

Google Uncovers How Just Visiting Some Sites Were Secretly Hacking iPhones For Years

7 Září, 2019 - 09:40
Beware Apple users! Your iPhone can be hacked just by visiting an innocent-looking website, confirms a terrifying report Google researchers released earlier today. The story goes back to a widespread iPhone hacking campaign that cybersecurity researchers from Google's Project Zero discovered earlier this year in the wild, involving at least five unique iPhone exploit chains capable of
Kategorie: Hacking & Security

Exim TLS Flaw Opens Email Servers to Remote 'Root' Code Execution Attacks

6 Září, 2019 - 14:48
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers. Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that affect all
Kategorie: Hacking & Security

Flaws in Over Half a Million GPS Trackers Expose Children Location Data

6 Září, 2019 - 11:01
What if the tech intended to ensure that your kids, senior citizens, and pets are safe even when they're out of sight inadvertently expose them to stalkers? An estimated 600,000 GPS tracking devices for sale on Amazon and other large online merchants for $25–$50 have been found vulnerable to a handful of dangerous vulnerabilities that may have exposed user's real-time locations, security
Kategorie: Hacking & Security

Google Fined $170 Million For Violating Kids' Privacy On YouTube

6 Září, 2019 - 08:52
Google has finally agreed to pay $170 million fine to settle allegations by the Federal Trade Commission and the New York attorney general that its YouTube service earned millions by illegally harvesting personal information from children without their parents' consent. The settlement requires Google to pay $136 million to the FTC and an additional $34 million fine to New York state for
Kategorie: Hacking & Security

New Free Offering Enables Any MSP and Security Integrator to Add Incident Response to their Services Portfolio

5 Září, 2019 - 18:47
The Incident Response (IR) services market is in accelerated growth due to the rise in cyberattacks that result in breaches. More and more organizations, across all sizes and verticals, choose to outsource IR to 3rd party service providers over handling security incidents in-house. Cynet is now launching a first-of-its-kind offering, enabling any Managed Security Provider (MSP) or Security
Kategorie: Hacking & Security

Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked

5 Září, 2019 - 11:15
Twitter today finally decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey last week and sent a series of racist and offensive tweets to Dorsey's followers. Dorsey's Twitter account was compromised last week when a hacker group calling itself "Chuckling Squad" replicated a mobile phone number
Kategorie: Hacking & Security

Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

4 Září, 2019 - 17:44
Beware! Billion of Android users can easily be tricked into changing their devices' critical network settings with just an SMS-based phishing attack. Whenever you insert a new SIM in your phone and connects to your cellular network for the very first time, your carrier service automatically configures or sends you a message containing network-specific settings required to connect to data
Kategorie: Hacking & Security

Firefox 69 Now Blocks 3rd-Party Tracking Cookies and Cryptominers By Default

4 Září, 2019 - 11:21
Mozilla has finally enabled the "Enhanced Tracking Protection" feature for all of its web browser users worldwide by default with the official launch of Firefox 69 for Windows, Mac, Linux, and Android. The company enabled the "Enhanced Tracking Protection" setting by default for its browser in June this year, but only for new users who downloaded and installed a fresh copy of Firefox.
Kategorie: Hacking & Security

Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days

4 Září, 2019 - 10:37
Well, there's some good news for hackers and vulnerability hunters, though terrible news for Google, Android device manufacturers, and their billions of users worldwide. The zero-day buying and selling industry has recently taken a shift towards Android operating system, offering up to $2.5 million payouts to anyone who sells 'full chain, zero-click, with persistence' Android zero-days. <!--
Kategorie: Hacking & Security

XKCD Forum Hacked – Over 562,000 Users’ Account Details Leaked

3 Září, 2019 - 17:31
XKCD—one of the most popular webcomic platforms known for its geeky tech humor and other science-laden comic strips on romance, sarcasm, math, and language—has suffered a data breach exposing data of its forum users. The security breach occurred two months ago, according to security researcher Troy Hunt who alerted the company of the incident, with unknown hackers stealing around 562,000
Kategorie: Hacking & Security

Learn Ethical Hacking Online – A to Z Training Bundle 2019

3 Září, 2019 - 13:34
Good news for you is that this week's THN Deals brings Ethical Hacking A to Z Bundle that let you get started regardless of your experience level. The Ethical Hacking A to Z Bundle will walk you through the very basic skills you need to start your journey towards becoming a professional ethical hacker. The 45 hours of course that includes total 384 in-depth lectures, usually cost $1,273, but
Kategorie: Hacking & Security

BMC Vulnerabilities Expose Supermicro Servers to Remote USB-Attacks

3 Září, 2019 - 12:05
Enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in malicious USB devices, cybersecurity researchers at firmware security company Eclypsium told The Hacker News. Yes, that's correct. You can launch all types of USB attacks against vulnerable Supermicro servers without actually physically accessing them or waiting for your victim to pick
Kategorie: Hacking & Security

Chinese Face-Swapping App ZAO Sparks Privacy Concerns After Going Crazily Viral

3 Září, 2019 - 10:22
What could be more exciting than seeing yourself starring alongside your favorite actor in a movie, music video, or TV program? Yes, that's possible—well, kind of, by using a new AI-based deepfake app that has gone viral in China over this weekend, climbing to the top of the free apps list in the Chinese iOS App Store in just three days. Dubbed ZAO, the app is yet another deepfake app for
Kategorie: Hacking & Security