Search results for security | Breaking Cybersecurity News | The Hacker News

Reality Based Cyber Crime Novella Explores Aftermath of Stuxnet Attack On Iran GRAND RAPIDS – Cyber Styletto is a new novella by a journalist, a writer, and a security expert who have pooled their talents to create an enthralling good read that is future forward and predictive. The facts are based on real vulnerabilities in the way the Internet is constructed. Recent cyber security attacks using sophisticated malware (think Stuxnet) and social engineering techniques have raised the bar for defenders. Cyber Styletto pivots off these cyber events to educate and entertain. It is written as fact-based fiction. The story comes from the minds of Gian DeTorre and Mike Brennan. DeTorre is the pen name of an award winning fiction writer and literary critic whose stories and reviews have been published worldwide. " Cyber Styletto is a new genre in literature, bringing the modern, secretive world of cyber espionage together with a good, old-fashioned thriller ," DeTorre said. I hope our a

It seems like the new American President's Twitter account could easily be hacked due to security blunders he made with the most powerful Twitter account in the world, experts warned. Days after we got to know that the newly inaugurated President Donald Trump was still using his old, insecure Android smartphone, it has now been revealed that the official @POTUS Twitter account was linked to a private Gmail account. Since we are already aware of the potential scandal with government officials using outside email systems following the hack of private e-mail servers of Hillary Clinton and George W. Bush , the choice of using private, non-government email address by Trump has raised serious concerns about the security of the White House's closely watched account. To gain control of the official @POTUS Twitter account, which may or may not is secured with some form of two-factor authentication , all an attacker needs to do is hack the email address associated with the acc

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

We have a lot of information on Stuxnet virus, a powerful malware that for the first time has shown to governments the capabilities and efficiency of a cyber weapon. Eugene Kaspersky, CEO of Kasperky security firm revealed that Stuxnet had badly infected the internal network of a Russian nuclear plant, according to the information he obtained from an unnamed staffer at the Nuclear Plant. " So unfortunately these people who were responsible for offensive technologies, they recognize cyber weapons as an opportunity ." Kaspersky said. During a presentation given at the Canberra Press Club, Kaspersky provided an excellent overview on the security of cyberspace, in particular highlighting the effect of the activities of state-sponsored espionage and cyber crime. " All the data is stolen, " Kaspersky said. " At least twice ." The malware Stuxnet is widely considered to have been developed by the US Government in a joint work with Israel c

$30 Child Toy is enough to hack FBI Radios The portable radios used by many federal law enforcement agents have major security flaws that allowed researchers to intercept hundreds of hours of sensitive traffic sent without encryption over the past two years, according to a new study being released today. A new report on the findings has been released by team leader and computer science professor Matt Blaze from the University of Pennsylvania. That details how a child's toy, the $30 IM Me can be used to jam radios used by the FBI and Homeland Security. " We monitored sensitive transmissions about operations by agents in every Federal law enforcement agency in the Department of Justice and the Department of Homeland Security, " wrote the researchers, who were led by computer science professor Matt Blaze and plan to reveal their findings Wednesday in a paper at the Usenix Security Symposium in San Francisco. Members of the research group say they have contacted the Department of Ju

As many as 23 new high severity security vulnerabilities have been disclosed in different implementations of Unified Extensible Firmware Interface ( UEFI ) firmware used by numerous vendors, including Bull Atos, Fujitsu, HP, Juniper Networks, Lenovo, among others. The vulnerabilities reside in Insyde Software's InsydeH2O UEFI firmware, according to enterprise firmware security company  Binarly , with a majority of the anomalies diagnosed in the System Management Mode ( SMM ). UEFI is a software specification that provides a standard programming interface connecting a computer's firmware to its operating system during the booting process. In x86 systems, the UEFI firmware is usually stored in the flash memory chip of the motherboard. "By exploiting these vulnerabilities, attackers can successfully install malware that survives operating system re-installations and allows the bypass of endpoint security solutions (EDR/AV),  Secure Boot , and Virtualization-Based Securit

In an effort to secure users' data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can't read it. Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it when required, instead of re-configuring all the apps after formatting or switching to a new phone. However, until now your backup data was not encrypted and visible to Google, and now the company is going to change its storage procedure. Starting with Android Pie, Google is going to encrypt your Android device backup data in the following way: Step 1: Your Android device will generate a random secret key (not known to Google), Step 2: The secret key will then get encrypted using your lockscreen PIN/pattern/passcode (not known to Google), Step 3: This passcode-protected

Unknown hackers have broken into the security networks of Lockheed Martin Corp and several other U.S. military contractors, a source with direct knowledge of the attacks told Reuters. They breached security systems designed to keep out intruders by creating duplicates to "SecurID" electronic keys from EMC Corp's RSA security division, said the person who was not authorized to publicly discuss the matter. It was not immediately clear what kind of data, if any, was stolen by the hackers. But the networks of Lockheed and other military contractors contain sensitive data on future weapons systems as well as military technology currently used in battles in Iraq and Afghanistan. Weapons makers are the latest companies to be breached through sophisticated attacks that have pierced the defenses of huge corporations including Sony, Google Inc and EMC Corp. Security experts say that it is virtually impossible for any company or government agency to build a security network th

McAfee is making security predictions for 2011. The firm outlines its top threats for next year in the 2011 Threat Predictions report -- and Android, iPhone, Foursquare, Google TV, and Mac OS X are listed as major cybercrime targets. Politically motivated attacks are also expected to increase, a la WikiLeaks. "We've seen significant advancements in device and social-network adoption, placing a bullseye on the platforms and services users are embracing the most," said Vincent Weafer, senior vice president of McAfee Labs. "These platforms and services have become very popular in a short amount of time, and we're already seeing a significant increase in vulnerabilities, attacks and data loss." Social-Media Threats Social-media threats are nothing new, but expect to see more of them next year. McAfee Labs expects social-media services that use URL shortening will be under attack because its easier for cybercriminals to mask the full URL and direct users to m

Super Cryptography : The Next Generation Encryption The next generation of encryption technologies meets this need by using Elliptic Curve Cryptography (ECC) to replace RSA and DH, and using Galois/Counter Mode (GCM) of the Advanced Encryption Standard (AES) block cipher for high-speed authenticated encryption. Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz and Victor S. Miller in 1985. According to Cisco ," New algorithms for encryption, authentication, digital signatures, and key exchange are needed to meet escalating security and performance requirements ". A 244-bit ECC key has the equivalent strength of a 2048-bit RSA key for security; a 384-bit ECC key matches a 7680-bit RSA key. Greater strength for any given key length enables the use of shorter keys, resulting in significantly l

A Palestinian Web Developer and Hacker, ' Khalil Shreateh ' found an interesting  vulnerability in Facebook, that allows hacker to bypass the Privacy settings to make a post on anyone's Timeline / Wall. He was forced to post vulnerability details on Mark Zuckerberg (Facebook Founder) Timeline to prove his point, after the Facebook Security Team failed to recognize his critical vulnerability three times. The flaw even working for those victims, who is not included in the attacker friend list.  According to Facebook's Bug Bounty program, a researcher has to submit the flaw details via email to Facebook Security Team without disclosing the details in Public. In order to get the minimum reward of US$500, the flaw should be valid. The reported vulnerability is in " composer.php " file on Facebook mechanism. First Khalil made a post on the timeline of a girl, " Sarah Gooden " who studied at the same college as Facebook CEO Mark Zuckerbe

In any organization, there are certain accounts that are designated as being privileged. These privileged accounts differ from standard user accounts in that they have permission to perform actions that go beyond what standard users can do. The actions vary based on the nature of the account but can include anything from setting up new user accounts to shutting down mission-critical systems. Privileged accounts are essential tools. Without these accounts, the IT staff would be unable to do its job. At the same time, privileged accounts can pose a serious threat to an organization's security. Added risk of a privileged account  Imagine for a moment that a hacker manages to steal a standard user's password and is able to log in as that user. Even though the hacker would have access to certain resources at that point, they would be constrained by the user's privileges (or lack thereof). In other words, the hacker would be able to browse the Internet, open some applications, and access

Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software—making March 2020 edition the biggest ever Patch Tuesday in the company's history. Of the 115 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, Exchange Server, Office, Azure, Windows Defender, and Visual Studio — that received new patches, 26 have been rated as critical, 88 received a severity of important, and one is moderate in severity. However, unlike last month , none of the vulnerabilities the tech giant patched this month are listed as being publicly known or under active attack at the time of release. It's worth highlighting that the patch addresses critical flaws that could be potentially exploited by bad actors to execute malicious code by specially crafted LNK files and word documents. Titled "LNK Remote Code Execution Vulnerability" ( CVE-2020

Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak flaw affecting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips. This particular vulnerability was exploited in a previous attack that enabled spyware infiltration on Samsung devices in December 2022. This vulnerability was regarded as serious enough to prompt the Cybersecurity and Infrastructure Security Agency (CISA) to issue a patching order for federal agencies in April 2023. Another significant vulnerability, identified as CVE-2021-29256, is a high-severity issue that affects specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers. This flaw permits an unprivileged user to gain unauthorized access to sensitive data and escalate privileges to the root lev

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, including Meltdown and Spectre , TLBleed , and Foreshadow . Discovered by a team of security researchers from the Tampere University of Technology in Finland and Technical University of Havana, Cuba, the new side-channel vulnerability resides in Intel's Hyper-Threading technology, the company's implementation of Simultaneous MultiThreading (SMT). Simultaneous MultiThreading is a performance feature that works by splitting up each physical core of a processor into virtual cores, known as threads, allowing each core to

Security researchers have discovered a nasty security vulnerability that is said to affect almost every version of Windows and Samba and will be patched on April 12, 2016, the Samba development team announced Tuesday. So, Save the Date if you are a Windows or Samba file server administrator. Samba is a free, open source implementation of the SMB/CIFS network file sharing protocol that runs on the majority of operating systems available today, including Windows, UNIX, Linux, IBM System 390, and OpenVMS. Samba allows non-Windows operating systems, like GNU/Linux or Mac OS X, to communicate with the same networking protocol as the Windows products, thus enabling users to access network shared folders and files from Windows OS. Dubbed Badlock , the vulnerability has been discovered by Stefan Metzmacher, a developer of Samba Core Team. Details about the Badlock vulnerability will be disclosed on April 12, when the developers of Microsoft and Samba release security p

Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take control of the affected web servers. The phpMyAdmin project last Sunday gave an early heads-up about the latest security update through its blog, probably the first time, as an experiment to find if pre-announcements can help website admins, hosting providers and package managers better prepare for the security release. "We are inspired by the workflow of other projects (such as Mediawiki and others) which often announce any security release in advance to allow package maintainers and hosting providers to prepare. We are experimenting to see if such a workflow is suitable for our project," phpMyAdmin release manager Isaac Bennetch told The Hacker News. phpMyAdmin is a free, open-source administration tool for managing

Microsoft has released fixes to address  63 security bugs  in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release. The updates are in addition to  more than 35 security shortcomings  addressed in its Chromium-based Edge browser since the release of Patch Tuesday updates for October 2023. The five zero-days that are of note are as follows - CVE-2023-36025  (CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability CVE-2023-36033  (CVSS score: 7.8) - Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36036  (CVSS score: 7.8) - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability CVE-2023-36038  (CVSS score: 8.2) - ASP.NET Core Denial of Service Vulnerability CV

After exposing private tweets , plaintext passwords , and personal information for hundreds of thousands of its users, here is a new security blunder social networking company Twitter admitted today. Twitter announced that the phone numbers and email addresses of some users provided for two-factor authentication (2FA) protection had been used for targeted advertising purposes—though the company said it was 'unintentional.' In a blog post, the company said an 'error' in its 'Tailored Audiences and Partner Audiences advertising system' inadvertently used the information provided by users for security reasons to run targeted ads based on the advertisers' own marketing lists. "When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize," Twitter said in a blog po

Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem assets. While there has been a bit of a backswing against the pricing and lock-in presented when using cloud infrastructure, cloud is still the preferred provider for the majority of SMBs. As a result, external attack surfaces are increasingly complex and distributed and, therefore, harder to monitor and secure. This expanded attack surface gives hackers plenty of blind spots and gaps to exploit. Security teams are on the back, reacting, often too slowly, to changes in their own attack surface as engineering teams continuously spin up and expose new systems, services, and data to the internet. This is compounded by the fact that the threat landscape is always changing. Thousands of new vulne

In a US SEC (Securities and Exchange Commission)  8-K filing , Omnicell, the healthcare technology provider, revealed that some of its products, services, and internal systems were affected by ransomware.  Upon detecting the incident, the medication management systems provider took immediate action to contain the attack and ensure continued operation. In its  10-Q form  filing, Omnicell disclosed that cyber-attacks or data breaches disrupted its business.  Will you be the next victim? If you overlook the importance of data protection, attackers can get you in no time.  Explore the  impact of the data breach  on the healthcare sector and what preventive measures can be taken against such attacks. Omnicell Announced Data Breach  Founded in 1992, Omnicell is a leading provider of medication management solutions for hospitals, long-term care facilities, and retail pharmacies.  On May 4, 2022 , Omnicell's IT systems and third-party cloud services were affected by ransomware attac