The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis

New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps

New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps

May 26, 2020Mohit Kumar
Remember Strandhogg? A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. Late last year, at the time of its public disclosure, researchers also confirmed that some attackers were already exploiting the flaw in the wild to steal users' banking and other login credentials, as well as to spy on their activities. The same team of Norwegian cybersecurity researchers today unveiled details of a new critical vulnerability (CVE-2020-0096) affecting the Android operating system that could allow attackers to carry out a much more sophisticated version of Strandhogg attack. Dubbed ' Strandhogg 2.0 ,' the new vulnerability affects all Android devices, except those running the latest version, Android Q / 10, of the mobile operating system—which, unfortunately, is running on only 15-20% of the total
New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data

New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data

May 26, 2020Ravie Lakshmanan
Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data. "ComRAT v4 was first seen in 2017 and known still to be in use as recently as January 2020," cybersecurity firm ESET said in a report shared with The Hacker News. "We identified at least three targets: two Ministries of Foreign Affairs in Eastern Europe and a national parliament in the Caucasus region." Turla , also known as Snake, has been active for over a decade with a long history of the watering hole and spear-phishing campaigns against embassies and military organizations at least since 2004. The group's espionage platform started off as Agent.BTZ , in 2007, before it evolved to ComRAT , in addition to gaining additional capabilities to achieve persistence and to steal data from a local network. It
New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug

New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug

May 25, 2020Ravie Lakshmanan
The hacking team behind the "unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version. Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver's lead developer Pwn20wnd said "every other jailbreak released since iOS 9 used 1day exploits that were either patched in the next beta version or the hardware." The group did not specify which vulnerability in iOS was exploited to develop the latest version. The unc0ver website also highlighted the extensive testing that went behind the scenes to ensure compatibility across a broad range of devices, from iPhone 6S to the new iPhone 11 Pro Max models, spanning versions iOS 11.0 through iOS 13.5, but excluding versions 12.3 to 12.3.2 and 12.4.2 to 12.4.5. "Utilizing native system sandbox exceptions, security remains intact while enabling access to jailbreak files," according to un
How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19

May 21, 2020The Hacker News
The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible cybersecurity. Tools for Collaboration There has been a massive spike in the adoption of Tools for Collaboration as a consequence of COVID-19. Concerns about the coronavirus have caused an enormous increase in remote working, with many organizations requiring or at least encouraging their workers to stay at home—especially when cities, states, and even some entire nations are ultimately into lock down in a bid to spread the stem of the disease. Meanwhile, with millions working from home for many weeks now, there has been a spike in the video conferencing and online collaboration software, many of which are fortunately entirely free, allowing orga
Iranian APT Group Targets Governments in Kuwait and Saudi Arabia

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia

May 21, 2020Ravie Lakshmanan
Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. Bitdefender said the intelligence-gathering operations were conducted by Chafer APT (also known as APT39 or Remix Kitten), a threat actor known for its attacks on telecommunication and travel industries in the Middle East to collect personal information that serves the country's geopolitical interests. "Victims of the analyzed campaigns fit into the pattern preferred by this actor, such as air transport and government sectors in the Middle East," the researchers said in a report (PDF) shared with The Hacker News, adding at least one of the attacks went undiscovered for more than a year and a half since 2018. "The campaigns were based on several tools, including 'living off the land' tools, which makes attribution difficult, as well as different hacking tools and a custom-built backdoor." Kn
[Guide] Finding Best Security Outsourcing Alternative for Your Organization

[Guide] Finding Best Security Outsourcing Alternative for Your Organization

May 20, 2020The Hacker News
As cyberattacks continue to proliferate in volume and increase in sophistication, many organizations acknowledge that some part of their breach protection must be outsourced, introducing a million-dollar question of what type of service to choose form. Today, Cynet releases the Security Outsourcing Guide ( download here ), providing IT Security executives with clear and actionable guidance on the pros and cons of each outsourcing alternative. The reason for security outsourcing increasing momentum is that unlike traditional IT, cyber threats evolve at a much faster pace. While relatively not long ago, AV and firewall covered most of the standard organization's cybersecurity needs, today no security posture can be considered complete without a certain level of incident response capabilities, alert prioritization, root cause analysis and forensic investigation – and security professional that are sufficiently qualified in this domain both are hard to find as well as costly t
New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks

New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks

May 20, 2020Ravie Lakshmanan
Israeli cybersecurity researchers have disclosed details about a new flaw impacting DNS protocol that can be exploited to launch amplified, large-scale distributed denial-of-service (DDoS) attacks to takedown targeted websites. Called NXNSAttack , the flaw hinges on the DNS delegation mechanism to force DNS resolvers to generate more DNS queries to authoritative servers of attacker's choice, potentially causing a botnet-scale disruption to online services. "We show that the number of DNS messages exchanged in a typical resolution process might be much higher in practice than what is expected in theory, mainly due to a proactive resolution of name-servers' IP addresses," the researchers said in the paper. "We show how this inefficiency becomes a bottleneck and might be used to mount a devastating attack against either or both, recursive resolvers and authoritative servers." Following responsible disclosure of NXNSAttack, several of the companies i
Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

May 20, 2020Swati Khandelwal
The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified the hacker behind the pseudonym "Sanix," who is a resident of the Ivano-Frankivsk region of Ukraine, but it did not reveal his actual identity to the media. In January last year, the hacker tried to sell the massive 87-gigabyte database labeled as "the largest array of stolen data in history," which, according to security experts, was just a fraction of the stolen data Sanix collected. According to the authorities, Sanix had at least 6 more similar databases of stolen and broken passwords, totaling in terabytes in size, which also included billions of phone numbers, payment card details, and Social Secu
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.