Vulnerability | Breaking Cybersecurity News | The Hacker News

It's been over a week since Wikileaks promised to hand over more information on hacking tools and tactics of the Central Intelligence Agency (CIA) to the affected tech companies, following a leak of a roughly 8,761 documents that Wikileaks claimed belonged to CIA hacking units. "We have decided to work with them, to give them some exclusive access to some of the technical details we have, so that fixes can be pushed out," WikiLeaks' founder Julian Assange said during a Facebook Live press conference last week. However, it looks like the things aren't that easier for tech companies as they look. After days of waiting, Assange made its first contact with Apple, Microsoft, and Google this week and finally made his intentions clear – no sharing of bugs and vulnerabilities the CIA is or was allegedly taking advantage of until certain demands are met. Multiple anonymous sources familiar with the matter told Motherboard that Assange sent an email to Apple,

Another dangerous vulnerability has been discovered in Linux kernel that dates back to 2009 and affects a large number of Linux distros, including Red Hat, Debian, Fedora, OpenSUSE, and Ubuntu. The latest Linux kernel flaw ( CVE-2017-2636 ), which existed in the Linux kernel for the past seven years, allows a local unprivileged user to gain root privileges on affected systems or cause a denial of service (system crash). Positive Technologies researcher Alexander Popov discovered a race condition issue in the N_HLDC Linux kernel driver – which is responsible for dealing with High-Level Data Link Control (HDLC) data – that leads to double-free vulnerability. " Double Free " is one of the most common memory corruption bug that occurs when the application releases same memory location twice by calling the free() function on the same allocated memory. An unauthenticated attacker may leverage this vulnerability to inject and execute arbitrary code in the security context of curren

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Next time when someone sends you a photo of a cute cat or a hot chick on WhatsApp or Telegram then be careful before you click on the image to view — it might hack your account within seconds. A new security vulnerability has recently been patched by two popular end-to-end encrypted messaging services — WhatsApp and Telegram — that could have allowed hackers to completely take over user account just by having a user simply click on a picture. The hack only affected the browser-based versions of WhatsApp and Telegram, so users relying on the mobile apps are not vulnerable to the attack. According to Checkpoint security researchers, the vulnerability resided in the way both messaging services process images and multimedia files without verifying that they might have hidden malicious code inside. For exploiting the flaw, all an attacker needed to do was sending the malicious code hidden within an innocent-looking image. Once the victim clicked on the picture, the attacker coul

In a large-scale Twitter hack, thousands of Twitter accounts from media outlets to celebrities, including the European Parliament, Forbes, BlockChain, Amnesty International, UNICEF, Nike Spain and numerous other individuals and organizations, were compromised early Wednesday. The compromised Twitter accounts is pushing a disturbing spam message written in Turkish comparing the Dutch to the Nazis, with Swastikas and a " #NaziHollanda " or " #Nazialmanya " (Nazi Germany) hashtag, and changed some of the victims' profile pictures to an image of the Turkish flag and Ottoman Empire coat of arms. In addition to the message, the hackers are also posting a link to a YouTube video and the Twitter account Sebo . According to the latest reports, this weird Twitter activity on numerous high-profile accounts is the result of a vulnerability in the third-party app called Twitter Counter. Twitter Counter is a social media analytics service that helps Twitter users to

After last month's postponement, Microsoft's Patch Tuesday is back with a massive release of fixes that includes patches for security vulnerabilities in Windows and associated software disclosed and exploited since January's patch release. Meanwhile, Adobe has also pushed out security updates for its products, releasing patches for at least seven security vulnerabilities in its Flash Player software. Microsoft patched a total of 140 separate security vulnerabilities across 18 security bulletins, nine of them critical as they allow remote code execution on the affected computer. Microsoft Finally Patches Publicly Disclosed Windows Flaws Among the "critical" security updates include a flaw in the SMB (server message block) network file sharing protocol, which had publicly disclosed exploit code since last month. The original patch released last year for this flaw was incomplete. The flaw is a memory corruption issue that could allow remote code execu

Security researchers have discovered a Zero-Day vulnerability in the popular Apache Struts web application framework, which is being actively exploited in the wild. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for creating elegant, modern Java web applications, which supports REST, AJAX, and JSON. In a blog post published Monday, Cisco's Threat intelligence firm Talos announced the team observed a number of active attacks against the zero-day vulnerability (CVE-2017-5638) in Apache Struts. According to the researchers, the issue is a remote code execution vulnerability in the Jakarta Multipart parser of Apache Struts that could allow an attacker to execute malicious commands on the server when uploading files based on the parser. "It is possible to perform an RCE attack with a malicious Content-Type value," warned Apache. "If the Content-Type value isn't valid an exception is thrown which is then used to display an erro

The secure messaging app used by staffers in the White House and on Capitol Hill is not as secure as the company claims. Confide, the secure messaging app reportedly employed by President Donald Trump's aides to speak to each other in secret, promises "military-grade end-to-end encryption" to its users and claims that nobody can intercept and read chats that disappear after they are read. However, two separate research have raised a red flag about the claims made by the company. Security researchers at Seattle-based IOActive discovered multiple critical vulnerabilities in Confide after a recent audit of the version 1.4.2 of the app for Windows, Mac OS X, and Android. Confide Flaws Allow Altering of Secret Messages The critical flaws allowed attackers to: Impersonate friendly contacts by hijacking an account session or guessing a password, as the app failed to prevent brute-force attacks on account passwords. Spy on contact details of Confide users, incl

Well, there's some good news for hackers and bug bounty hunters! Both tech giants Google and Microsoft have raised the value of the payouts they offer security researchers, white hat hackers and bug hunters who find high severity flaws in their products. While Microsoft has just doubled its top reward from $15,000 to $30,000, Google has raised its high reward from $20,000 to $31,337, which is a 50 percent rise plus a bonus $1,337 or 'leet' award. In past few years, every major company, from Apple to P*rnHub and Netgear , had started Bug Bounty Programs to encourage hackers and security researchers to find and responsibly report bugs in their services and get rewarded. But since more and more bug hunters participating in bug bounty programs at every big tech company, common and easy-to-spot bugs are hardly left now, and if any, they hardly make any severe impact. Sophisticated and remotely exploitable vulnerabilities are a thing now, which takes more time and

Last year Google employees took an initiative to help thousands of Open Source Projects patch a critical remote code execution vulnerability in a widely used Apache Commons Collections (ACC) library. Dubbed Operation Rosehub , the initiative was volunteered by some 50 Google employees, who utilized 20 percent of their work time to patch over 2600 open source projects on Github, those were vulnerable to "Mad Gadget vulnerability." Mad Gadget vulnerability ( CVE-2015-6420 ) is a remote code execution bug in the Java deserialization used by the Apache Commons Collections (ACC) library that could allow an unauthenticated, remote attacker to execute arbitrary code on a system. The ACC Library is widely deployed by many Java applications to decode data passed between computers. To exploit this flaw, all an unauthorized attacker need to do is submit maliciously crafted input to an application on a targeted system that uses the ACC library. Once the vulnerable ACC libra

Is anything safe? It's 2017, and the likely answer is NO. Making sure your passwords are secure is one of the first line of defense – for your computer, email, and information – against hacking attempts, and Password Managers are the one recommended by many security experts to keep all your passwords secure in one place. Password Managers are software that creates complex passwords, stores them and organizes all your passwords for your computers, websites, applications and networks, as well as remember them on your behalf. But what if your Password Managers itself are vulnerable? Well, it's not just an imagination, as a new report has revealed that some of the most popular password managers are affected by critical vulnerabilities that can expose user credentials. The report, published on Tuesday by a group of security experts from TeamSIK of the Fraunhofer Institute for Secure Information Technology in Germany, revealed that nine of the most popular Android pass

What could be more exciting for hackers than exploiting a vulnerability in a widely used software without having to struggle too much? One such easy-to-exploit, but critical vulnerability has been discovered in ESET's antivirus software that could allow any unauthenticated attackers to remotely execute arbitrary code with root privileges on a Mac system. The critical security flaw, tracked as CVE-2016-9892, in ESET Endpoint Antivirus 6 for macOS was discovered by Google Security Team's researchers Jason Geffner and Jan Bee at the beginning of November 2016. As detailed in the full disclosure , all a hacker needs to get root-level remote code execution on a Mac computer is to intercept the ESET antivirus package's connection to its backend servers using a self-signed HTTPS certificate, put himself in as a man-in-the-middle (MITM) attacker, and exploit an XML library flaw. The actual issue was related to a service named esets_daemon, which runs as root. The service

This month has yet been kind of interesting for cyber security researchers, with Google successfully cracked SHA1 and the discovery of Cloudbleed bug in Cloudflare that caused the leakage of sensitive information across sites hosted behind Cloudflare. Besides this, Google last week disclosed an unpatched vulnerability in Windows Graphics Device Interface (GDI) library, which affects Microsoft's Windows operating systems ranging from Windows Vista Service Pack 2 to the latest Windows 10. While the Windows vulnerability has yet to be patched by the company, Google today released the details of another unpatched Windows security flaw in its browser, as Microsoft did not act within its 90-day disclosure deadline. The vulnerability (CVE-2017-0037), discovered and disclosed by Google Project Zero team's researcher Ivan Fratric, is a so-called " type confusion flaw " in a module in Microsoft Edge and Internet Explorer that potentially leads to arbitrary code exec

A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data. CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of the critical bug that could have exposed a range of sensitive information, including passwords, and cookies and tokens used to authenticate users. Dubbed Cloudbleed , the nasty flaw is named after the Heartbleed bug that was discovered in 2014, but believed to be worse than Heartbleed. The vulnerability is so severe that it not only affects websites on the CloudFlare network but affects mobile apps as well. What exactly is "Cloudbleed," how it works, how are you affected by this bug, and how you can protect yourself? Let's figure it out. What is Cloudbleed? Discovered by Google Project Ze

Another privilege-escalation vulnerability has been discovered in Linux kernel that dates back to 2005 and affects major distro of the Linux operating system, including Redhat, Debian, OpenSUSE, and Ubuntu. Over a decade old Linux Kernel bug ( CVE-2017-6074 ) has been discovered by security researcher Andrey Konovalov in the DCCP (Datagram Congestion Control Protocol) implementation using Syzkaller , a kernel fuzzing tool released by Google. The vulnerability is a use-after-free flaw in the way the Linux kernel's "DCCP protocol implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket." The DCCP double-free vulnerability could allow a local unprivileged user to alter the Linux kernel memory, enabling them to cause a denial of service ( system crash ) or escalate privileges to gain administrative access on a system. "An attacker can control what object that would be and overwrite

Microsoft on Tuesday released security update (KB 4010250) to patch flaws in Adobe Flash Player for its customers using Internet Explorer on Windows 8.1 and later, as well as Edge for Windows 10, but two already disclosed flaws remain unpatched. Just last week, Microsoft announced that its February patches would be delayed until March due to a last minute issue, a move that led to Google publishing details of an unpatched Windows bug . However, the software giant emailed a handful of big business to alert them to the incoming patches on Monday, advising them to update their systems as soon as possible. The security patches are now available to all Windows customers over Windows Update, and " No other security updates are scheduled for release until the next scheduled monthly update release on March 14, 2017 ," Microsoft says. Bulletin MS17-005 for Adobe Flash Player addresses remote code execution (RCE) vulnerabilities for some currently supported Windows systems.

This newly discovered bugs in Java and Python is a big deal today. The two popular programming languages, Java and Python, contain similar security flaws that can be exploited to send unauthorized emails and bypass any firewall defenses. And since both the flaws remain unpatched, hackers can take advantage to design potential cyber attack operations against critical networks and infrastructures. The unpatched flaws actually reside in the way Java and Python programming languages handle File Transfer Protocol (FTP) links, where they don't syntax-check the username parameter, which leads to, what researchers call, protocol injection flaw. Java/Python FTP Injection to Send Unauthorized SMTP Emails In a blog pos t published over the past week, security researcher Alexander Klink detailed the FTP protocol injection vulnerability in Java's XML eXternal Entity (XXE) that allows attackers to inject non-FTP malicious commands inside an FTP connection request. To demonst

Microsoft is once again facing embarrassment for not patching a vulnerability on time. Yes, Google's Project Zero team has once again publicly disclosed a vulnerability  ( with POC exploit ) affecting Microsoft's Windows operating systems ranging from Windows Vista Service Pack 2 to the latest Windows 10 that had yet to be patched. A few months back, the search engine giant disclosed a critical Windows vulnerability to the public just ten days after revealing the flaw to Microsoft. However, this time Google revealed the vulnerability in Windows to the public after Microsoft failed to patch it within the 90-day window given by the company. Google's Project Zero member Mateusz Jurczyk responsibly reported a vulnerability in Windows' Graphics Device Interface (GDI) library to Microsoft Security Team on the 9th of June last year. The vulnerability affects any program that uses this library, and if exploited, could potentially allow hackers to steal informatio

Last weekend a security researcher publically disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months. The zero-day memory corruption flaw resides in the implementation of the SMB (server message block) network file sharing protocol that could allow a remote, unauthenticated attacker to crash systems with denial of service attack, which would then open them to more possible attacks. According to US-CERT, the vulnerability could also be exploited to execute arbitrary code with Windows kernel privileges on vulnerable systems, but this has not been confirmed right now by Microsoft. Without revealing the actual scope of the vulnerability and the kind of threat the exploit poses, Microsoft has just downplayed the severity of the issue, saying: "Windows is the only platform with a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as

2017 is the year of Artificial Intelligence (A.I.), Big Data, Virtual Reality (VR) and Cyber Security with major companies like Google, Facebook, Apple, IBM and Salesforce and technology pioneers like SpaceX founder Elon Musk investing in these hot technologies. Since everyone seems to be talking about the hottest trend — artificial intelligence and machine learning — broadly, 62 percent of large enterprises will be using AI technologies by 2018, says a report from Narrative Science. But why AI is considered to be the next big technology? Because it can enhance and change everything about the way we think, interact, manufacture and deliver. Last year, we saw a significant number of high-profile hacks targeting big organizations, governments, small enterprises, and individuals — What's more worrisome? It's going to get worse, and we need help. No doubt, we, the human, can find vulnerabilities but can not analyze millions of programs with billions of lines of codes at o