The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 42 min 1 sek zpět

Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs

9 Duben, 2019 - 11:50
EXCLUSIVE — Beware, if you are using a Xiaomi's Mi or Redmi smartphone, you should immediately update its built-in MI browser or the Mint browser available on Google Play Store for non-Xiaomi Android devices. That's because both web browser apps created by Xiaomi are vulnerable to a critical vulnerability which has not yet been patched even after being privately reported to the company, a
Kategorie: Hacking & Security

'Exodus' Surveillance Malware Found Targeting Apple iOS Users

9 Duben, 2019 - 09:19
Cybersecurity researchers have discovered an iOS version of the powerful mobile phone surveillance app that was initially targeting Android devices through apps on the official Google Play Store. Dubbed Exodus, as the malware is called, the iOS version of the spyware was discovered by security researchers at LookOut during their analysis of its Android samples they had found last year.
Kategorie: Hacking & Security

Microsoft Releases First Preview Builds of Chromium-based Edge Browser

8 Duben, 2019 - 20:39
Microsoft today finally released the first new reborn version of its Edge browser that the company rebuilds from scratch using Chromium engine, the same open-source web rendering engine that powers Google's Chrome browser. However, the Chromium-based Edge browser builds haven't yet entered the stable or even the beta release; instead, Microsoft has released two testing-purpose preview builds
Kategorie: Hacking & Security

Hackers Could Turn Pre-Installed Antivirus App on Xiaomi Phones Into Malware

4 Duben, 2019 - 21:07
What could be worse than this, if the software that's meant to protect your devices leave backdoors open for hackers or turn into malware? Researchers today revealed that a security app that comes pre-installed on more than 150 million devices manufactured by Xiaomi, China's biggest and world's 4th largest smartphone company, was suffering from multiple issues that could have allowed remote
Kategorie: Hacking & Security

NSA Releases GHIDRA Source Code — Free Reverse Engineering Tool

4 Duben, 2019 - 15:27
Update (4/4/2019) — Great news. NSA today finally released the complete source code for GHIDRA version 9.0.2 which is now available on its Github repository. GHIDRA is agency's home-grown classified software reverse engineering tool that agency experts have been using internally for over a decade to hunt down security bugs in software and applications. GHIDRA is a Java-based reverse
Kategorie: Hacking & Security

540 Million Facebook User Records Found On Unprotected Amazon Servers

3 Duben, 2019 - 21:41
It's been a bad week for Facebook users. First, the social media company was caught asking some of its new users to share passwords for their registered email accounts and now… ...the bad week gets worse with a new privacy breach. More than half a billion records of millions of Facebook users have been found exposed on unprotected Amazon cloud servers. <!-- adsense --> The exposed datasets
Kategorie: Hacking & Security

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

3 Duben, 2019 - 16:54
If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites. WordPress has recently patched a severe vulnerability in its iOS application that apparently leaked secret authorization tokens for users whose blogs were using
Kategorie: Hacking & Security

Georgia Tech Data Breach Exposes 1.3 Million Users' Personal Data

3 Duben, 2019 - 14:22
The Georgia Institute of Technology, well known as Georgia Tech, has confirmed a data breach that has exposed personal information of 1.3 million current and former faculty members, students, staff and student applicants. In a brief note published Tuesday, Georgia Tech says an unknown outside entity gained "unauthorized access" to its web application and accessed the University’s central
Kategorie: Hacking & Security

Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations

3 Duben, 2019 - 12:51
Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering based on more than 72 hours of data collection and enabling organizations to benchmark
Kategorie: Hacking & Security

In-Depth Analysis of JS Sniffers Uncovers New Families of Credit Card-Skimming Code

3 Duben, 2019 - 12:18
In a world that's growing increasingly digital, Magecart attacks have emerged as a key cybersecurity threat to e-commerce sites. Magecart, which is in the news a lot lately, is an umbrella term given to 12 different cyber criminal groups that are specialized in secretly implanting a special piece of code on compromised e-commerce sites with an intent to steal payment card details of their
Kategorie: Hacking & Security

New Apache Web Server Bug Threatens Security of Shared Web Hosts

3 Duben, 2019 - 11:07
Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in the world that powers almost 40 percent of the whole Internet. The vulnerability, identified as
Kategorie: Hacking & Security

Facebook Caught Asking Some Users Passwords for Their Email Accounts

3 Duben, 2019 - 09:08
Facebook has been caught practicing the worst ever user-verification mechanism that could put the security of its users at risk. Generally, social media or any other online service asks users to confirm a secret code or a unique URL sent to the email address they provided for the account registration. However, Facebook has been found asking some newly-registered users to provide the social
Kategorie: Hacking & Security

Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly

2 Duben, 2019 - 14:45
Exclusive — A security researcher today publicly disclosed details and proof-of-concept exploits for two 'unpatched' zero-day vulnerabilities in Microsoft's web browsers after the company allegedly failed to respond to his responsible private disclosure. Both unpatched vulnerabilities—one of which affects the latest version of Microsoft Internet Explorer and another affects the latest Edge
Kategorie: Hacking & Security

Thousands of Unprotected Kibana Instances Exposing Elasticsearch Databases

1 Duben, 2019 - 17:22
In today’s world, data plays a crucial role in the success of any organization, but if left unprotected, it could be a cybercriminal’s dream come true. Poorly protected MongoDB, CouchDB, and Elasticsearch databases recently got a lot more attention from cybersecurity firms and media lately. More than half of the known cases of massive data breaches over the past year originated from unsecured
Kategorie: Hacking & Security

How Endpoint Management Can Keep Workplace IT Secure

1 Duben, 2019 - 17:07
Workplaces have become highly connected. Even a small business could have dozens of devices in the form of desktops, mobile devices, routers, and even smart appliances as part of its IT infrastructure. Unfortunately, each of these endpoints can now be a weak link that hackers could exploit. Hackers constantly probe networks for vulnerable endpoints to breach. For example, systems and
Kategorie: Hacking & Security

Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange

30 Březen, 2019 - 12:09
Hackers yesterday stole nearly $19 million worth of cryptocurrency from Bithumb, the South Korea-based popular cryptocurrency exchange admitted today. According to Primitive Ventures' Dovey Wan, who first broke the information on social media, hackers managed to compromise a number of Bithumb's hot EOS and XRP wallets and transferred around 3 million EOS (~ $13 million) and 20 million XRP (~
Kategorie: Hacking & Security

Commando VM — Turn Your Windows Computer Into A Hacking Machine

29 Březen, 2019 - 18:16
FireEye today released Commando VM, which according to the company, is a "first of its kind Windows-based security distribution for penetration testing and red teaming." When it comes to the best-operating systems for hackers, Kali Linux is always the first choice for penetration testers and ethical hackers. However, Kali is a Linux-based distribution, and using Linux without learning some
Kategorie: Hacking & Security

Learn Ethical Hacking with 180 Hours of Training — 2019 Course Bundle

29 Březen, 2019 - 16:09
The world of cybersecurity is fast-paced and ever-changing. New attacks are unleashed every day, and companies around the world lose millions of dollars as a result. The only thing standing in the way of cybercrime is a small army of ethical hackers. These cybersecurity experts are employed to find weaknesses before they can be exploited. It’s a lucrative career, and anyone can find work
Kategorie: Hacking & Security

Here's the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

29 Březen, 2019 - 14:39
EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search
Kategorie: Hacking & Security

Critical Magento SQL Injection Vulnerability Discovered – Patch Your Sites

29 Březen, 2019 - 10:48
If your online e-commerce business is running over the Magento platform, you must pay attention to this information. Magento yesterday released new versions of its content management software to address a total of 37 newly-discovered security vulnerabilities. Owned by Adobe since mid-2018, Magento is one of the most popular content management system (CMS) platform that powers 28% of
Kategorie: Hacking & Security