#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Certificate Pinning | Breaking Cybersecurity News | The Hacker News

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

Apr 15, 2024 Spyware / Mobile Security
Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called  LightSpy . "The latest iteration of LightSpy, dubbed 'F_Warehouse,' boasts a modular framework with extensive spying features," the BlackBerry Threat Research and Intelligence Team  said  in a report published last week. There is evidence to suggest that the campaign may have targeted India based on  VirusTotal   submissions  from within its borders. First documented in 2020 by Trend Micro and Kaspersky,  LightSpy  refers to an advanced iOS backdoor that's distributed via watering hole attacks through compromised news sites. A subsequent analysis from ThreatFabric in October 2023  uncovered  infrastructure and functionality overlaps between the malware and DragonEgg, a fully-featured Android spyware attributed to the Chinese nation-state group APT41 (aka Winnti). The initial in
New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

Mar 26, 2019
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate Pinning to ensure integrity and confidentiality of the traffic, it makes it harder for white hat hackers and security researchers to intercept and analyze network traffic to find server-side security vulnerabilities. For those unaware, Certificate Pinning is a security mechanism designed to prevent users of an application from being a victim of network-based attacks by automatically rejecting the whole connection from sites that offer bogus SSL certificates. Dubbed " Whitehat Settings ," the new option now lets researchers easily bypass Certificate Pinning on the Facebook-owned mobile apps by: Disabling Facebook's TLS 1.3 support Enabling proxy for Platform API requests
Hacker finds flaws that could let anyone steal $25 Billion from a Bank

Hacker finds flaws that could let anyone steal $25 Billion from a Bank

May 17, 2016
A security researcher could have stolen as much as $25 Billion from one of the India's biggest banks ‒ Thanks to the bank's vulnerable mobile application. Late last year, security researcher Sathya Prakash discovered a number of critical vulnerabilities in the mobile banking application of an undisclosed bank that allowed him to steal money from any or all bank customers with the help of just a few lines of code. Being a white hat hacker, Prakash immediately reached out to the bank and alerted it about the critical issues in its mobile app and helped the bank fix them, instead of taking advantage of the security holes to steal money from the bank that has about 25 Billion USD in Deposits. While analyzing the mobile banking app, Prakash discovered that the app lacks Certificate Pinning , allowing any man-in-the-middle attacker to downgrade SSL connection and capture requests in plain text using fraudulently issued certificates. Also Read:  Best Password Manager — For
cyber security

Protecting Your Organization From Insider Threats - All You Need to Know

websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.
What's the Right EDR for You?

What's the Right EDR for You?

May 10, 2024Endpoint Security / Threat Detection
A guide to finding the right endpoint detection and response (EDR) solution for your business' unique needs. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint detection and response (EDR) solutions now serve as critical weapons in the fight, empowering you and your organization to detect known and unknown threats, respond to them quickly, and extend the cybersecurity fight across all phases of an attack.  With the growing need to defend your devices from today's cyber threats, however, choosing the right EDR solution can be a daunting task. There are so many options and features to choose from, and not all EDR solutions are made with everyday businesses and IT teams in mind. So how do you pick the best solution for your needs? Why EDR Is a Must Because of
New Firefox 32 Adds Protection Against MiTM Attack and Rogue Certificates

New Firefox 32 Adds Protection Against MiTM Attack and Rogue Certificates

Sep 04, 2014
Good news for Firefox lovers! The Mozilla Foundation has introduced a bunch of new features in Firefox to improve browser security with the launch of Firefox 32, now available for Windows, Mac, Linux, and Android platforms. The new version of Firefox makes the browser even more competitive among others. Firefox version 32 has some notable security improvements, including a new HTTP cache for improved performance, public key pinning - a defense that would help protect its users from man-in-the-middle and other attacks, and easy language switching on Android. PUBLIC KEY PINNING ENABLED BY-DEFAULT In the latest Firefox version 32, Mozilla has enabled Public Key Pinning support by default that will protect its users from man-in-the-middle-attacks and rogue certificate authorities. Public key pinning is a security measure that ensures people that they are connecting to the websites they intend to. Pinning allows users to keep track of certificates in order to specify wh
Gmail App for iOS leaves Users vulnerable to Man-in-the-Middle Attacks

Gmail App for iOS leaves Users vulnerable to Man-in-the-Middle Attacks

Jul 12, 2014
Google has failed to provide a very important security measure in its Gmail application for iOS that left millions of its Apple device users to Man-in-the-Middle (MitM) attacks capable of monitoring encrypted email communications. Researcher at mobile security firm Lacoon has discovered that Google's Gmail iOS application, run on Macintosh mobile devices, does not perform what's known as "certificate pinning" when establishing a trusted connection between the mobile applications and back-end web services, which means an attacker can view plaintext emails and steal credentials in MitM attack. WHAT IS CERTIFICATE PINNING Certificate Pinning is a process designed to prevent user of the application from being a victim of an attack made by spoofing the SSL certificate . Certificate pinning automatically rejects the whole connection from sites that offer bogus SSL certificates and allow only SSL connections to hosts signed with certificates stored inside the application, whic
Why You need to Stop using WhatsApp?

Why You need to Stop using WhatsApp?

Feb 24, 2014
If you haven't heard by now, Facebook just made its biggest move ever, buying the messaging service WhatsApp in a deal worth some $19 billion. That's 19 times what Facebook paid for Instagram two years ago. The WhatsApp Service run by the team of just 32 engineers, handles more than 50 Billion messages daily, and approx 385 million active users. WhatsApp acquisition has also brought out fresh criticism over security for the billions of messages delivered on the platform. Security Researcher at Praetorian Labs identified several SSL-related security issues in WhatsApp application using Project Neptune , a mobile application security testing platform. " WhatsApp communication between your phone and our server is fully encrypted. We do not store your chat history on our servers. Once delivered successfully to your phone, chat messages are removed from our system ." Company said in a blog post . But researchers found that WhatsApp is vulnerable to Man-in-theMiddl
Hackers targeting non-browser applications with Fake SSL Certificates

Hackers targeting non-browser applications with Fake SSL Certificates

Feb 13, 2014
Having SSL Certification doesn't mean that the website you are visiting is not a bogus website. SSL certificates protect web users in two ways, it encrypts sensitive information such as usernames, passwords, or credit card numbers and also verify the identity of websites. But today hackers and cyber criminals are using every tantrum to steal your credentials by injecting fake SSL certificates to the bogus websites impersonating Social media, e-commerce, and even bank website. Netcraft Security Researchers have discovered dozens of fake SSL Certificates being used to enact financial institutions, e-commerce site vendors, Internet Service Providers and social networking sites, which allegedly allows an attacker to carry out man-in-the-middle attacks. When you will visit a bogus website from any popular web browser; having self signed fake SSL Certificate, you will see a foreboding warning in the web browser, but the traffic originates from apps and other non-browser software fail
Cybersecurity
Expert Insights
Cybersecurity Resources