The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis

Critical Wormable Security Flaw Found in Several HP Printer Models

Critical Wormable Security Flaw Found in Several HP Printer Models

November 30, 2021Ravie Lakshmanan
Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks. The two weaknesses — collectively called  Printing Shellz  — were discovered and reported to HP by F-Secure Labs researchers Timo Hirvonen and Alexander Bolshev on April 29, 2021, prompting the PC maker to  issue   patches  earlier this month — CVE-2021-39237  (CVSS score: 7.1) - An information disclosure vulnerability impacting certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers. CVE-2021-39238  (CVSS score: 9.3) - A buffer overflow vulnerability impacting certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, and HP PageWide Managed products. "The flaws are in the unit's communications board and font p
Panasonic Suffers Data Breach After Hackers Hack Into Its Network

Panasonic Suffers Data Breach After Hackers Hack Into Its Network

November 30, 2021Ravie Lakshmanan
Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company  said  in a short statement published on November 26. Panasonic didn't reveal the exact nature of the data that was accessed, but TechCrunch  reported  that the breach began on June 22 and ended on November 3. The Osaka-based company said that immediately upon discovering the intrusion on November 11, it took steps to report the incident to the relevant authorities and that it implemented security countermeasures, including preventing external access to the network. Panasonic also noted it's currently working with an independent "specialist" organization to probe the extent of the leak and determine if the access
Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS

November 30, 2021Ravie Lakshmanan
Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as  CVE-2021-24084  (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain unauthorized file system access and read arbitrary files. Security researcher Abdelhamid Naceri was credited with discovering and reporting the bug in October 2020, prompting Microsoft to address the issue as part of its February 2021 Patch Tuesday updates. But as  observed  by Naceri in June 2021, not only could the patch be bypassed to achieve the same objective, the researcher this month found that the incompletely patched vulnerability could also be  exploited  to gain administrator privileges and run malicious code on Windows 10 machines running the  latest security updates . "Name
WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East

WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East

November 30, 2021Ravie Lakshmanan
Government, diplomatic entities, military organizations, law firms, and financial institutions primarily located in the Middle East have been targeted as part of a stealthy malware campaign as early as 2019 by making use of malicious Microsoft Excel and Word documents. Russian cybersecurity company Kaspersky attributed the attacks with high confidence to a threat actor named WIRTE, adding the intrusions involved "MS Excel droppers that use hidden spreadsheets and VBA macros to drop their first stage implant," which is a Visual Basic Script (VBS) with functionality to amass system information and execute arbitrary code sent by the attackers on the infected machine. An analysis of the campaign as well as the toolset and methods employed by the adversary has also led the researchers to conclude with low confidence that the  WIRTE group  has connections to another politically motivated collective called the  Gaza Cybergang . The affected entities are spread across Armenia, Cyp
4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021

4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021

November 29, 2021Ravie Lakshmanan
Four different Android banking trojans were spread via the official Google Play Store between August and November 2021, resulting in more than 300,000 infections through various dropper apps that posed as seemingly harmless utility apps to take full control of the infected devices. Designed to deliver Anatsa (aka TeaBot), Alien, ERMAC, and Hydra, cybersecurity firm ThreatFabric  said  the malware campaigns are not only more refined, but also engineered to have a small malicious footprint, effectively ensuring that the payloads are installed only on smartphones devices from specific regions and preventing the malware from being downloaded during the publishing process . Once installed, these banking trojans can surreptitiously siphon user passwords and SMS-based two-factor authentication codes, keystrokes, screenshots, and even deplete users' bank accounts without their knowledge by using a tool called Automatic Transfer System ( ATSs ). The apps have since been removed from the
New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists

New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists

November 29, 2021Ravie Lakshmanan
North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat (APT) as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the infiltrations to a North Korean hacker group tracked as  ScarCruft , also known as  APT37 , Reaper Group, InkySquid, and Ricochet Chollima. "The actor utilized three types of malware with similar functionalities: versions implemented in PowerShell, Windows executables and Android applications," the company's Global Research and Analysis Team (GReAT)  said  in a new report published today. "Although intended for different platforms, they share a similar command and control scheme based on HTTP communication. Therefore, the malware operators can control the whole malware family through one set of command and control scripts." Likely active since at least 2012, ScarC
Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

November 29, 2021Ravie Lakshmanan
Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation. "While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation," Google's Cybersecurity Action Team (CAT)  outlined  as part of its recent Threat Horizons report published last week. Of the 50 recently compromised GCP instances, 86% of them were used to conduct cryptocurrency mining, in some cases within 22 seconds of successful breach, while 10% of the instances were exploited to perform scans of other publicly accessible hosts on the Internet to identify vulnerable systems, and 8% of the instances were used to strike other entiti
CleanMyMac X: Performance and Security Software for Macbook

CleanMyMac X: Performance and Security Software for Macbook

November 29, 2021The Hacker News
We use Internet-enabled devices in every aspect of our lives today—to find information, shop, bank, do homework, play games, and keep in touch with friends and family. As a result, our devices contain much personal information about us. Also, any great device will get a little clunky and slow over time and the Mac is no exception, and the whole "Macs don't get viruses" claim is a myth. Malware for Macs has increased over the years, and today's Macs are being plagued by adware, scareware, and other potentially unwanted programs as well. If you are worried about your Macbook's performance and security, including unwanted software, ransomware,  CleanMyMac X software has you covered. CleanMyMac is all-in-all software to optimize your Mac's performance and security. It clears out clutter and removes megatons of junk so your computer can run faster, just like it did on day one. The tool is designed to replace several optimization apps for Mac and can be anythi
Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million

Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million

November 28, 2021Ravie Lakshmanan
A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds. Codenamed " HAECHI-II ," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank accounts linked to the fraudulent illicit funds amassed from a range of online financial crimes, such as romance scams, investment fraud, and money laundering associated with illegal online gambling. "The results of Operation HAECHI-II show that the surge in online financial crime generated by the COVID-19 pandemic shows no signs of waning,"  said  Interpol Secretary General Jürgen Stock in a press statement issued on November 26. The coordinated law enforcement probe took place over a period of four months, starting from June 2021 until September 2021, with ten new criminal
Italy's Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practices

Italy's Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practices

November 26, 2021Ravie Lakshmanan
Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza e del Mercato (AGCM)  said  "Google and Apple did not provide clear and immediate information on the acquisition and use of user data for commercial purposes," adding the tech companies chose to emphasize the data collection as only necessary to improve their own services and personalize user experience without offering any indication that the data could be transferred and used for other reasons. The concerns have to do with how the companies omit relevant information when creating an account and using their services, details which the authority said are critical to making an informed decision as to whether or not to give permission for utilizing their data for comme
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.