#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

spoofing | Breaking Cybersecurity News | The Hacker News

Category — spoofing
New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users

New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users

Mar 01, 2024 Phishing Kit / Cryptocurrency
A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster codenamed CryptoChameleon that's designed to primarily target mobile devices. "This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs, and even photo IDs from hundreds of victims, mostly in the United States," Lookout  said  in a report. Targets of the phishing kit include employees of the Federal Communications Commission (FCC), Binance, Coinbase, and cryptocurrency users of various platforms like Binance, Coinbase, Gemini, Kraken, ShakePay, Caleb & Brown, and Trezor. More than 100 victims have been successfully phished to date. The phishing pages are designed such that the fake login screen is displayed only after the victim completes a CAPTCHA test using hCaptcha, thus pre...
Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private

Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private

Feb 21, 2024 Secure Communication / Anonymity
End-to-end encrypted (E2EE) messaging app Signal said it's piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. "If you use Signal, your phone number will no longer be visible to everyone you chat with by default," Signal's Randall Sarafa  said . "People who have your number saved in their phone's contacts will still see your phone number since they already know it." Setting a new username requires account holders to provide two or more numbers at the end of it (e.g., axolotl.99) in an effort to keep them "egalitarian and minimize spoofing." Usernames can be changed any number of times, but it's worth noting that they are not logins or handles. Put differently, a username is an anonymous way to initiate conversations on the chat platform without having to share phone numbers. The feature is opt-in, although Signal said it's also taking steps to hide by default users' phone ...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

Oct 12, 2021
The maintainers of LibreOffice and OpenOffice have shipped security updates to their productivity software to remediate multiple vulnerabilities that could be weaponized by malicious actors to alter documents to make them appear as if they are digitally signed by a trusted source. The list of the three flaws is as follows — CVE-2021-41830  /  CVE-2021-25633  - Content and Macro Manipulation with Double Certificate Attack CVE-2021-41831  /  CVE-2021-25634  - Timestamp Manipulation with Signature Wrapping CVE-2021-41832  /  CVE-2021-25635  - Content Manipulation with Certificate Validation Attack Successful exploitation of the vulnerabilities could permit an attacker to  manipulate the timestamp  of signed ODF documents, and worse,  alter the contents  of a document or  self-sign a document  with an untrusted signature, which is then tweaked to change the  signature algorithm  to an invalid or un...
cyber security

Innovate Securely: Top Strategies to Harmonize AppSec and R&D Teams

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Bug in Gmail app for Android Allows anyone to Send Spoofed Emails

Bug in Gmail app for Android Allows anyone to Send Spoofed Emails

Nov 14, 2015
A security researcher has discovered an interesting loophole in Gmail Android app that lets anyone send an email that looks like it was sent by someone else, potentially opening doors for Phishers. This is something that we call E-mail Spoofing – the forgery of an e-mail header so that the email appears to have originated from someone other than the actual source. Generally, to spoof email addresses, an attacker needs: A working SMTP (Simple Mail Transfer Protocol) server to send email A M ailing Software However, an independent security researcher, Yan Zhu , discovered a similar bug in official Gmail Android app that allowed her to hide her real email address and change her display name in the account settings so that the receiver will not be able to know the actual sender. How to Send Spoofed Emails via Gmail Android App? To demonstrate her finding, Zhu sent an email to someone by changing her display name to yan ""security@google.com" (w...
WinRAR File Extension Spoofing vulnerability allows Hackers to Hide Malware

WinRAR File Extension Spoofing vulnerability allows Hackers to Hide Malware

Apr 02, 2014
Imagine, You Open a Winrar archive of MP3 files, but what if it will install a malware into your system when you play anyone of them. WinRAR, a widely used file archiver and data compression utility helps hackers to distribute malicious code. Israeli security researcher  Danor Cohen (An7i)   discovered the WinRAR file extension spoofing vulnerability. WinRAR file extension spoofing vulnerability allows hackers to modify the filename and extension inside the traditional file archive, that helps them to hide binary malicious code inside an archive, pretending itself as '.jpg' , '.txt' or any other format. Using a Hex editor tool, he analysed a ZIP file and noticed that winrar tool also adds some custom properties to an archive, including two names - First name is the original filename (FAX.png) and second name is the filename (FAX.png) that will appear at the WINRAR GUI window. Danor manipulated the second filename and extension to prepare a special Z...
NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

NSA allegedly hacked Belgian Cryptography Expert with spoofed LinkedIn Profile

Feb 03, 2014
Cryptographer Professor Jean-Jacques Quisquater has become the part of a targeted attack by the US National Security Agency (NSA) and its British counterpart GCHQ, first reported on Saturday morning by De Standaard . A few months back in September 2013 it was revealed that, Belgacom , the largest telecommunications company in Belgium was hacked and number of employees on Belgacom's network, including their servers were compromised. Later in November 2013 , it was revealed that the NSA and GCHQ were behind the infiltration of the company's computers, according to the document provided by the former NSA contractor Edward Snowden . The document detailed that the British intelligence agency GCHQ created fake ' LinkedIn ' and ' Slashdot ' pages to spy on computers of Belgacom network engineers. They used a method called " quantum insert ", to redirect employees to fake websites that contained malware using Man in the middle attack to a spoofed server ( codenamed "...
Security Risks of FTP and Benefits of Managed File Transfer

Security Risks of FTP and Benefits of Managed File Transfer

Dec 10, 2013
File transfer services such as FTP or HTTP has been the most common way of file transfer for business requirements. Typically what a file transfer means is that a file transfer protocol such as FTP or HTTP is used to send the stream of bits stored as a single unit in a file system including file name, file size, timestamp and other metadata from one host to another host over a TCP-based network such as the Internet. But this process is not foolproof. FTP, by itself, is not a secure file transfer protocol and it has a lot of security vulnerabilities. It's a known fact that FTP doesn't provide any encryption for data transfer. Most of the times, the requirement in any business is pretty simple: to transfer files between two endpoints in different locations, and the parties involved do not think much about how secure the file transfer process is going to be. Using FTP for official file transfer can leave your data transmission exposed to many security attacks: FTP Bounce Attack Gener...
Microsoft discontinues MD5 crypto for digital certificates to improve RDP Authentication

Microsoft discontinues MD5 crypto for digital certificates to improve RDP Authentication

Aug 15, 2013
This week Microsoft has released several advisories to help their users update from weak crypto. Microsoft is beginning the process of discontinuing support for digital certificates that use the MD5 hashing algorithm and to improve the network-level authentication for the Remote Desktop Protocol . Microsoft's optional updates : Microsoft Security Advisory 2661254: The private keys used in these certificates can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks . Microsoft Security Advisory 2862973: Microsoft is announcing the availability of an update for supported editions of Windows Vista, Windows Server 2008, Windows 7 , Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT that restricts the use of certificates with MD5 hashes. This restriction is limited to certificates issued under roots in the Microsoft root certificate...
Fake Turkish digital Certificates blocked by Browser vendors

Fake Turkish digital Certificates blocked by Browser vendors

Jan 04, 2013
It's the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google's web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts. Microsoft has been immediately started the procedure to update its Certificate Trust list (CTL) and all versions of its OSs to revoke the certificate. Microsoft has also decided to revoke other two certificates for the same reason, it seems that some attacks using the first certificate have been already detected, fraudulent digital certificate that was mistakenly issued by a domain registrar run by a Turkish domain registrar. Microsoft has issued a security advisory " Microsoft Security Advisory ( 2798897 ) -Fraudulent Digital Certificates Could Allow Spoofing " that states: "Microsoft is aware of active attacks using one fraudulent digital certificate is...
GPS based tracking service provided by Samsung vulnerable to thieves

GPS based tracking service provided by Samsung vulnerable to thieves

Dec 07, 2012
Samsung which is currently believed to the highest Smartphones Seller in the World is now providing a Remote tracking solution in all its smartphones to Track the lost phone with the name " Samsung Dive ". The Service is based on the Architecture which primarily acquires precise location of the smart phone using it GPS and other subsidiary location acquisition techniques. The Service is basically meant to be used by the users to track their phone in case of theft or lost phone. Security Researcher Jiten Jain discovered that this GPS based location tracking service provided by manufacturer (Samsung) is also vulnerable to Theft and Malwares. To use this inbuilt tracking Service, User has to simply create an account with Samsung (www.samsungdive.com). Users than have to enable remote services to track device and wipe data remotely. The permission can be disabled or modified only by the Samsung account holder after logging in and cannot be disabled by anyone else...
iPhone Instagram users vulnerable to hackers

iPhone Instagram users vulnerable to hackers

Dec 03, 2012
Instagram - Facebook's popular photo sharing app for iOS, is currently has a vulnerability that could make your account susceptible to hackers. A security researcher Carlos Reventlov  published on Friday another attack on Facebook's Instagram photo-sharing service that could allow a hacker to seize control of a victim's account. " The Instagram app communicates with the Instagram API via HTTP and HTTPs connections. Highly sensitive activities, such as login and editing profile data, are sent through a secure channel. However, some other request are sent through plain HTTP without a signature, those request could be exploited by an attacker connected to the same LAN of the victim's iPhone. " Vulnerability Details --   The vulnerability is in the 3.1.2 version of Instagram's application, which is  susceptible to "eavesdropping and man in the middle attacks that could lead an evil user to delete photos and download private media without the victim's con...
Expert Insights / Articles Videos
Cybersecurity Resources