The Hacker News

Syndikovat obsah The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers
Aktualizace: 24 min 27 sek zpět

WhatsApp Sues Indian Government Over New Internet Regulations

31 Květen, 2021 - 05:42
WhatsApp on Wednesday fired a legal salvo against the Indian government to block new regulations that would require messaging apps to trace the "first originator" of messages shared on the platform, thus effectively breaking encryption protections. "Requiring messaging apps to 'trace' chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would
Kategorie: Hacking & Security

Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

31 Květen, 2021 - 05:41
Severe security flaws uncovered in popular Visual Studio Code extensions could enable attackers to compromise local machines as well as build and deployment systems through a developer's integrated development environment (IDE). The vulnerable extensions could be exploited to run arbitrary code on a developer's system remotely, in what could ultimately pave the way for supply chain attacks. Some
Kategorie: Hacking & Security

Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents

29 Květen, 2021 - 10:34
Cybersecurity researchers have disclosed two new attack techniques on certified PDF documents that could potentially enable an attacker to alter a document's visible content by displaying malicious content over the certified content without invalidating its signature. "The attack idea exploits the flexibility of PDF certification, which allows signing or adding annotations to certified documents
Kategorie: Hacking & Security

Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices

29 Květen, 2021 - 10:17
Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures (TTPs) adopted by Chinese threat actors who were recently found abusing Pulse Secure VPN devices to drop malicious web shells and exfiltrate sensitive information from enterprise networks. FireEye's Mandiant threat intelligence team, which is tracking the cyber espionage activity under two activity
Kategorie: Hacking & Security

Researchers Warn of Facefish Backdoor Spreading Linux Rootkits

29 Květen, 2021 - 10:17
Cybersecurity researchers have disclosed a new backdoor program capable of stealing user login credentials, device information and executing arbitrary commands on Linux systems. The malware dropper has been dubbed "Facefish" by Qihoo 360 NETLAB team owing its capabilities to deliver different rootkits at different times and the use of Blowfish cipher to encrypt communications to the
Kategorie: Hacking & Security

New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices

28 Květen, 2021 - 05:54
Adversaries could exploit newly discovered security weaknesses in Bluetooth Core and Mesh Profile Specifications to masquerade as legitimate devices and carry out man-in-the-middle (MitM) attacks. "Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during
Kategorie: Hacking & Security

Malvertising Campaign On Google Distributed Trojanized AnyDesk Installer

27 Květen, 2021 - 16:34
Cybersecurity researchers on Wednesday publicized the disruption of a "clever" malvertising network targeting AnyDesk that delivered a weaponized installer of the remote desktop software via rogue Google ads that appeared in the search engine results pages. The campaign, which is believed to have begun as early as April 21, 2021, involves a malicious file that masquerades as a setup executable
Kategorie: Hacking & Security