Search results for security | Breaking Cybersecurity News | The Hacker News

If you use Zoom to host your remote online meetings, you need to read this piece carefully. The massively popular video conferencing software has patched a security loophole that could have allowed anyone to remotely eavesdrop on unprotected active meetings, potentially exposing private audio, video, and documents shared throughout the session. Besides hosting password-protected virtual meetings and webinars, Zoom also allows users to set up a session for non-pre-registered participants who can join an active meeting by entering a unique Meeting ID, without requiring a password or going through the Waiting Rooms. Zoom generates this random meeting ID, comprised of 9, 10, and 11-digit numbers, for each meeting you schedule or create. If leaked beyond an individual or intended group of people, merely knowing Meeting IDs could allow unwelcome guests joining meetings or webinars. This could be bad news for anyone expecting their conversations to be private. To circumvent suc

Microsoft on Tuesday rolled out its scheduled  monthly security update  with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one is listed as Moderate in severity. Three of the vulnerabilities are publicly known, although, unlike  last month , none of them are under active exploitation at the time of release. The most critical of the flaws addressed is  CVE-2021-31166 , a wormable remote code execution vulnerability in the HTTP protocol stack. The issue, which could allow an unauthenticated attacker to send a specially crafted packet to a targeted server, is rated 9.8 out of a maximum of 10 on the CVSS scale. Another vulnerability of note is a remote code execution flaw in Hyper-V ( CVE-2021-28476 ), which also scores the highest severity among all flaws patched this month with a CVSS rating of 9.9. "This i

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Ransomware has been a thorn in the side of cybersecurity teams for years. With the move to remote and hybrid work, this insidious threat has become even more of a challenge for  organizations everywhere. 2021 was a case study in ransomware due to the wide variety of attacks, significant financial and economic impact, and diverse ways that organizations responded.  These attacks  should be seen as a lesson that can inform future security strategies to mitigate ransomware risk. As an organization continues to evolve, so should its security strategy. The Remote Environment Is Primed for Ransomware With organizations continuing to support remote and hybrid work, they no longer have the visibility and control they once had inside their perimeter. Attackers are  exploiting this weakness  and profiting. Here are three reasons they're able to do so: Visibility and control have changed.  Most organizations now have employees working from anywhere. These employees expect seamless access to

Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm Security holes in the computer systems of federal prisons in the United States can effectively allow hackers to trigger a jailbreak by remote control. The discovery of the Stuxnet worm has alerted governments around the world about the possibility of industrial control systems being targeted by hackers. A team of researchers with John Strauchs, Tiffany Rad and Teague Newman presented their findings at a recent security conference. They said the project wasn't really all that difficult -- it just took a little time, some equipment bought online and a basement workspace. The idea for the research came about from work that Strauchs had done previously. " I designed a maximum security prison security system. That is, I did the engineering quite a few years ago and literally on Christmas Eve, the warden of that prison after it was occupied, called me and told me all the doors had popped open, including

Security researchers revealed that series of " Watering Hole " has been conducted exploiting a IE8 zero-day vulnerability to target U.S. Government experts working on nuclear weapons research. The news is not surprising but it is very concerning, the principal targets of the attacks are various groups of research such as the components of U.S. Department of Labor and the U.S. Department of Energy, the news has been confirmed by principal security firms and by Microsoft corporate. The flaw has been used in a series of "watering hole" attacks, let's remind that "Watering Hole" is a technique of attack realized compromising legitimate websites using a " drive-by " exploit. The attackers restrict their audience to a individuals interested to specific content proposed by targeted website, in this way when the victim visits the page a backdoor Trojan is installed on his computer. The website compromised to exploit the IE8 zero-day is the Dep

Microsoft on Tuesday released security update (KB 4010250) to patch flaws in Adobe Flash Player for its customers using Internet Explorer on Windows 8.1 and later, as well as Edge for Windows 10, but two already disclosed flaws remain unpatched. Just last week, Microsoft announced that its February patches would be delayed until March due to a last minute issue, a move that led to Google publishing details of an unpatched Windows bug . However, the software giant emailed a handful of big business to alert them to the incoming patches on Monday, advising them to update their systems as soon as possible. The security patches are now available to all Windows customers over Windows Update, and " No other security updates are scheduled for release until the next scheduled monthly update release on March 14, 2017 ," Microsoft says. Bulletin MS17-005 for Adobe Flash Player addresses remote code execution (RCE) vulnerabilities for some currently supported Windows systems.

Today Vodafone Iceland was hacked by the Turkish group of hackers Maxn3y (@AgentCoOfficial) who in the past has stolen data from airports' systems, electronic giants and fast food company. The hackers announced via Twitter  that he has successfully compromised Vodafone Iceland server and defaced the official website ( Vodafone . is ), including various other sub-domains including the company mobile site. The hackers disclosed a compressed 61.7MB rar file which is locked with password TURKISH and that contains a collection of files including one titled users.sql that appears to contain the 77,000 user accounts.  The file includes user names, social security numbers, encrypted passwords as many other encrypted information. The portal CyberWarNews posted the list of files disclosed and provided information on their content. Following the complete list of files leaked: v2.sql Multimedia database, nothing critical, 400K of user tracking and logging with user agents, refers etc.

The use of AI in cybersecurity is growing rapidly and is having a significant impact on threat detection, incident response, fraud detection, and vulnerability management. According to a report by Juniper Research, the use of AI for fraud detection and prevention is expected to save businesses $11 billion annually by 2023. But how to integrate AI into business cybersecurity infrastructure without being exposed to hackers? In terms of detecting and responding to security threats in a more efficient and effective manner, AI has been helping businesses in lots of ways.  Firstly, it can analyze large amounts of data and identify patterns or anomalies much faster and with greater accuracy than humans. AI detects and responds to security threats in real-time, reducing the time it takes to identify and remediate security incidents. The algorithms can learn from past incidents and adapt to new threats as they emerge. With it, cybersecurity systems can become smarter and more effective ove

The U.S. Department of Homeland Security (DHS) has today issued an "emergency directive" to all federal agencies ordering IT staff to audit DNS records for their respective website domains, or other agency-managed domains, within next 10 business days. The emergency security alert came in the wake of a series of recent incidents involving DNS hijacking , which security researchers with "moderate confidence" believe originated from Iran. Domain Name System (DNS) is a key function of the Internet that works as an Internet's directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com). What is DNS Hijacking Attack? DNS hijacking involves changing DNS settings of a domain, redirecting victims to an entirely different attacker-controlled server with a fake version of the websites they are trying to visit, often with an objective to steal users' data. "The attacker alter

For years, the Capture the Flag platform has been a common and very popular part of the hacker convention scene. Teams come from all over the world to show their skill and technique in various competitions. The CTF365 team took that interest, passion and excitement and went to a new level in their platform. That original capture the flag environment is now available to anyone from the safety and comfort of their own home. Not only is the original and fun capture the flag platform available, but the CTF365 team is bringing in red verses blue competitions, as well as an entire exploitable virtual world! While still in alpha, the development team is working tirelessly to bring a brand new approach to an original favorite to the hacker and information security community. What is CTF365? CTF365 is a revolution in the world of capture the flag, simulated attacks and Information security as a whole. Capture the flag is always a fan favorite at hacker conventions, online and

9 Top Patch Management Practices for Businesses Security I've spent most of the past decade in information security, with a pretty big focus on incident response. It never ceases to amaze me how many security incidents (pronounced hacks) customers suffer as a result of unpatched systems. Patch management is not an art form; it's an underappreciated and often ignored part of what should be daily care and feeding of your infrastructure. Here are the nine best patch management practices I've learned over the years: 1. Automate your patching If your patch management strategy depends upon manual effort, you're doing it wrong. Only the smallest businesses can handle patching by hand. You need a system that can deploy patches to all your systems; workstations and servers. 2. In-depth reporting Automating doesn't mean ignoring. You should be able to see the state of your patch management at any point in time and know exactly which systems are in need of attention. 3. Tes

In its 2011 IT security predictions, Panda Security is predicting that a further rising tide of malware, along with an online cyberwar plus cyberprotests, will be the order of the day as the year progresses. According to Luis Corrons, Panda's technical director, during 2010 we have seen a significant growth in the amount of malware, a constant theme over the last few years. "This year, more than 20 million new strains have been created, more than in 2009. At present, Panda's collective intelligence database stores a total of over 60 million classified threats. The actual rate of growth year-on-year however, appears to have peaked: some years ago it was over 100%. In 2010 it was 50%. We will have to wait and see what happens in 2011", he said in a security blog. Corrons added that, also during 2010, with Stuxnet and the WikiLeaks cables suggesting the involvement of the Chinese government in the cyberattacks on Google and other targets, a turning point in the hist

With just about everything delivered from the cloud these days, employees can now collaborate and access what they need from anywhere and on any device. While this newfound flexibility has changed the way we think about productivity, it has also created new cybersecurity challenges for organizations. Historically, enterprise data was stored inside data centers and guarded by perimeter-based security tools. But with users using endpoints and networks your IT teams don't manage, this approach has become antiquated. To combat this new reality, organizations have turned to tactics such as relying on device management and antivirus software, as well as single sign-on and multi-factor authentication. Some vendors have even begun to claim these measures as a form of  Zero Trust , a popular idea where organizations should not trust any entity and provide access to its applications and data until its risk levels are verified. In this blog, I will break down what is and what isn't Zero Trust

A new widespread ransomware worm, known as " Bad Rabbit ," that hit over 200 major organisations, primarily in Russia and Ukraine this week leverages a stolen NSA exploit released by the Shadow Brokers this April to spread across victims' networks. Earlier it was reported that this week's crypto-ransomware outbreak did not use any National Security Agency-developed exploits, neither EternalRomance nor EternalBlue , but a recent report from Cisco's Talos Security Intelligence revealed that the Bad Rabbit ransomware did use EternalRomance exploit. NotPetya ransomware (also known as ExPetr and Nyetya) that infected tens of thousands of systems back in June also leveraged the EternalRomance exploit , along with another NSA's leaked Windows hacking exploit EternalBlue, which was used in the WannaCry ransomware outbreak. Bad Rabbit Uses EternalRomance SMB RCE Exploit Bad Rabbit does not use EternalBlue but does leverage EternalRomance RCE exploit to spread

Exclusive Report : Is Department of Defense (DoD), Pentagon, NASA, NSA is Secure ? Over the past couple of weeks there has been a series of discussions around why the U.S defense and Intelligence agencies are moving so quickly to adopt cloud computing. Are there any Security Holes in their Security ? Or has someone already hacked them and their documents ?. In the last week we have noticed lots of hackers activity. If you have missed something then have a look to  Super Saturday : The Hacker News Featured Articles  ! Below you are going to read about Security Holes in the U.S defense and Intelligence agencies! A Hacker named " sl1nk " claims that he has: SSH access to a Network of 140 machine's layer 1 to 3 in the Pentagon Access to  APACS (automated personel air clearance system)  Thousand's of documents ranging from seizure of a vehicle up to private encryption key request forms. Database of all usernames/passwords of Webmail of Nasa. Access to ASSIST