#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

SMB relay attack | Breaking Cybersecurity News | The Hacker News

TeamViewer Flaw Could Let Hackers Steal System Password Remotely

TeamViewer Flaw Could Let Hackers Steal System Password Remotely

Aug 10, 2020
If you are using TeamViewer, then beware and make sure you're running the latest version of the popular remote desktop connection software for Windows. TeamViewer team recently released a new version of its software that includes a patch for a severe vulnerability ( CVE 2020-13699 ), which, if exploited, could let remote attackers steal your system password and eventually compromise it. What's more worrisome is that the attack can be executed almost automatically without requiring much interaction of the victims and just by convincing them to visit a malicious web page once. For those unaware, TeamViewer is a popular remote-support software that allows users to securely share their desktop or take full control of other's PC over the Internet from anywhere in the world. The remote access software is available for desktop and mobile operating systems, including Windows, macOS, Linux, Chrome OS, iOS, Android, Windows RT Windows Phone 8, and BlackBerry. Discovered b
New Zoom Hack Lets Hackers Compromise Windows and Its Login Password

New Zoom Hack Lets Hackers Compromise Windows and Its Login Password

Apr 02, 2020
Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic overnight made it one of the most favorite communication tool for millions of people around the globe. No doubt, Zoom is an efficient online video meeting solution that's helping people stay socially connected during these unprecedented times, but it's still not the best choice for everyone—especially those who really care about their privacy and security. According to cybersecurity expert @_g0dmode , the Zoom video conferencing software for Windows is vulnerable to a classic ' UNC path injection ' vulnerability that could allow remote attackers to steal victims' Windows login credentials and even execute arbitrary commands on their systems. Such attacks are possible because Zoom for Windows supports remote UNC paths that convert potentially insecure URIs into hyperlinks when received via chat messages to a recipient in a
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

Apr 15, 2024Secure Coding / Artificial Intelligence
Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a
Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password

Apr 12, 2018
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month —almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without requiring any additional user interaction. The vulnerability, discovered by Will Dormann of the CERT Coordination Center (CERT/CC), resides in the way Microsoft Outlook renders remotely-hosted OLE content when an RTF (Rich Text Format) email message is previewed and automatically initiates SMB connections. A remote attacker can exploit this vulnerability by sending an RTF email to a target victim, containing a remotely-hosted image file (OLE object), loading from the attacker-controlled SMB server. Since Microsoft Outlook a
cyber security

Today's Top 4 Identity Threat Exposures: Where To Find Them and How To Stop Them

websiteSilverfortIdentity Protection / Attack Surface
Explore the first ever threat report 100% focused on the prevalence of identity security gaps you may not be aware of.
Cybersecurity Resources