The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 2 min 42 sek zpět

CISSP Certification Course — Become An IT Security Professional

6 Září, 2018 - 15:08
If you dream of making it big in the IT security community, the CISSP certification is a necessary milestone. Certified Information Systems Security Professional (CISSP) is a globally recognised certification in the field of information security, which has become a gold standard of achievement that is acknowledged worldwide. CISSP certification deals with a range of information security
Kategorie: Hacking & Security

Cisco Issues Security Patch Updates for 32 Flaws in its Products

6 Září, 2018 - 10:53
Cisco today released thirty security patch advisory to address a total of 32 security vulnerabilities in its products, three of which are rated critical, including the recently disclosed Apache Struts remote code execution vulnerability that is being exploited in the wild. Out of the rest 29 vulnerabilities, fourteen are rated high and 15 medium in severity, addressing security flaws in Cisco
Kategorie: Hacking & Security

Someone Hijacked MEGA Chrome Extension to Steal Users' Passwords

5 Září, 2018 - 11:09
Warning! If you are using Chrome browser extension from the MEGA file storage service, uninstall it right now. The official Chrome extension for the cloud storage service had been compromised and replaced with a malicious version that can steal users' credentials for popular websites like Amazon, Microsoft, Github, and Google, as well as private keys for users' cryptocurrency wallets.
Kategorie: Hacking & Security

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic

4 Září, 2018 - 11:53
Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks. Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable Socks4 proxy
Kategorie: Hacking & Security

Google Secretly Tracks What You Buy Offline Using Mastercard Data

3 Září, 2018 - 19:06
Over a week after Google admitted the company tracks users' location even after they disable location history, it has now been revealed that the tech giant has signed a secret deal with Mastercard that allows it to track what users buy offline. Google has paid Mastercard millions of dollars in exchange to access this information. Neither Google nor Mastercard has publicly announced the
Kategorie: Hacking & Security

Hacker Who Leaked Celebrities' Naked Photos Gets 8 Months in Prison

31 Srpen, 2018 - 10:47
George Garofano (left) The fourth celebrity hacker—who was charged earlier this year with hacking into over 250 Apple iCloud accounts belonged to Jennifer Lawrence and other Hollywood celebrities—has been sentenced to eight months in prison. Earlier this year, George Garofano, 26, of North Branford, admitted to illegally obtaining credentials of his victims' iCloud accounts using a phishing
Kategorie: Hacking & Security

Google 'Titan Security Key' Is Now On Sale For $50

31 Srpen, 2018 - 09:11
Google just made its Titan Security Key available on its store for $50. First announced last month at Google Cloud Next '18 convention, Titan Security Key is a tiny USB device—similar to Yubico's YubiKey—that offers hardware-based two-factor authentication (2FA) for online accounts with the highest level of protection against phishing attacks. Google's Titan Security Key is now widely
Kategorie: Hacking & Security

Air Canada Suffers Data Breach — 20,000 Mobile App Users Affected

30 Srpen, 2018 - 09:32
Air Canada has confirmed a data breach that may have affected about 20,000 customers of its 1.7 million mobile app users. The company said it had "detected unusual log-in behavior" on its mobile app between August 22 and 24, during which the personal information for some of its customers "may potentially have been improperly accessed." <!-- linkads --> The exposed information contains basic
Kategorie: Hacking & Security

Instagram Adds 3 New Security Tools to Make its Platform More Secure

29 Srpen, 2018 - 10:43
Instagram is growing quickly—and with the second most popular social media network in the world (behind just Facebook), the photo-sharing network absolutely dominates when it comes to user interactions. And with great success comes great responsibility—responsibility to keep users' accounts safe, responsibility to fight fake accounts and news, and responsibility of being transparent. You
Kategorie: Hacking & Security

Hacker Discloses Unpatched Windows Zero-Day Vulnerability (With PoC)

28 Srpen, 2018 - 12:30
A security researcher has publicly disclosed the details of a previously unknown zero-day vulnerability in the Microsoft's Windows operating system that could help a local user or malicious program obtain system privileges on the targeted machine. And guess what? The zero-day flaw has been confirmed working on a "fully-patched 64-bit Windows 10 system." The vulnerability is a privilege
Kategorie: Hacking & Security

Critical Flaw in Fortnite Android App Lets Hackers Install Malware

27 Srpen, 2018 - 09:17
Security researchers from Google have publicly disclosed an extremely serious security flaw in the first Fortnite installer for Android that could allow other apps installed on the targeted devices to manipulate installation process and load malware, instead of the Fortnite APK. Earlier this month, Epic Games announced not to make its insanely popular game 'Fortnite for Android' available
Kategorie: Hacking & Security

T-Mobile Hacked — 2 Million Customers' Personal Data Stolen

24 Srpen, 2018 - 12:55
T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of "some" personal information of up to 2 million T-Mobile customers. The leaked information includes customers' name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid). However, the good news is that
Kategorie: Hacking & Security

NSA Leaker 'Reality Winner' Gets More Than 5 Years in Prison

24 Srpen, 2018 - 10:18
A former NSA contractor, who pleaded guilty to leaking a classified report on Russian hacking of the 2016 U.S. presidential election to an online news outlet last year, has been sentenced to five years and three months in prison. Reality Winner, a 26-year-old Georgia woman who held a top-secret security clearance and worked as a government contractor in Georgia with Pluribus International,
Kategorie: Hacking & Security

New Apache Struts RCE Flaw Lets Hackers Take Over Web Servers

23 Srpen, 2018 - 20:30
Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. Apache Struts is an open source framework for developing web applications in the Java programming language and is widely used by enterprises globally, including
Kategorie: Hacking & Security

Apple Forces Facebook VPN App Out of iOS Store for Stealing Users' Data

23 Srpen, 2018 - 14:33
Facebook yesterday removed its mobile VPN app called Onavo Protect from the iOS App Store after Apple declared the app violated the iPhone maker's App Store guidelines on data collection. For those who are unaware, Onavo Protect is a Facebook-owned Virtual Private Network (VPN) app that was primarily designed to help users keep tabs on their mobile data usage and acquired by Facebook from an
Kategorie: Hacking & Security

New Android Malware Framework Turns Apps Into Powerful Spyware

23 Srpen, 2018 - 11:43
Security researchers have uncovered a new, powerful Android malware framework that is being used by cybercriminals to turn legitimate apps into spyware with extensive surveillance capabilities—as part of what seems to be a targeted espionage campaign. Legitimate Android applications when bundled with the malware framework, dubbed Triout, gain capabilities to spy on infected devices by recording
Kategorie: Hacking & Security

New PHP Code Execution Attack Puts WordPress Sites at Risk

22 Srpen, 2018 - 18:51
Sam Thomas, a security researcher from Secarma, has discovered a new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered functions. The new technique leaves hundreds of thousands of web applications open to remote code execution attacks, including websites powered by
Kategorie: Hacking & Security