#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Jun 11, 2021
Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. "FLoC is premised on a compelling idea: enable ad targeting without exposing users to risk,"  said  Eric Rescorla, author of TLS standard and chief technology officer of Mozilla. "But the current design has a number of privacy properties that could create significant risks if it were to be widely deployed in its current form." Short for Federated Learning of Cohorts,  FLoC  is part of Google's fledgling  Privacy Sandbox  initiative that aims to develop alternate solutions to satisfy cross-site use cases without resorting to third-party cookies or other opaque tracking mechanisms. Essentially, FLoC allows marketers to guess users' interests without having to uniquely identify them, thereby eli
Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Jun 11, 2021
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices.  "The impact of these bugs could have allowed an attacker to access and edit the victim's contacts, calls, SMS/MMS, install arbitrary apps with device administrator rights, or read and write arbitrary files on behalf of a system user which could change the device's settings," Sergey Toshin, founder of mobile security startup Oversecured,  said  in an analysis published Thursday. Toshin reported the flaws to Samsung in February 2021, following which  patches were issued  by the manufacturer as part of its monthly security updates for April and May. The list of the seven vulnerabilities is as follows - CVE-2021-25356  - Third-party authentication bypass in Managed Provisioning CVE-2021-25388  - Arbitrary app installation
Live Cybersecurity Webinar — Deconstructing Cobalt Strike

Live Cybersecurity Webinar — Deconstructing Cobalt Strike

Jun 11, 2021
Organizations' cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments. Instead of the standard virus or trojan, attackers today will deploy a variety of tools and methods to infiltrate an organization's environment and attack it from the inside. In an interesting twist of fate, one of the tools organizations have used to audit and improve their defenses has also become a popular tool attackers use to infiltrate. Cobalt Strike is an Adversary Simulation and Red Team Operations tool that allows organizations to simulate advanced attacks and test their security stacks in a close-to-real-world simulation. A new research webinar from XDR provider Cynet ( register here ) offers a better look at Cobalt Strike. The webinar, led by Cyber Operations Analyst for the Cynet MDR Team Yuval Fischer, will take a deep dive into the thr
cyber security

Managing SaaS Security: What's Your Maturity Level?

websiteAdaptive ShieldSaaS Security / Identity Security
Find out how your security team compares to other organizations in the new SaaS Security Survey report.
4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets

4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets

May 28, 2024Threat Exposure Management
You're probably familiar with the term "critical assets". These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe.  But is every technology asset considered a critical asset? Moreover, is every technology asset considered a  business -critical asset? How much do we really know about the risks to our  business -critical assets?  Business-critical assets are the underlying technology assets of your business in general – and we all know that technology is just one of the 3 essential pillars needed for a successful business operation. In order to have complete cybersecurity governance, organizations should consider: 1) Technology, 2) Business processes, and 3) Key People. When these 3 pillars come together, organizations can begin to understand the
7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

Jun 11, 2021
A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a malicious unprivileged local attacker to bypass authorization and escalate permissions to the root user. Tracked as  CVE-2021-3560  (CVSS score: 7.8), the flaw affects polkit versions between 0.113 and 0.118 and was discovered by GitHub security researcher Kevin Backhouse, who said the issue was  introduced in a code commit  made on Nov. 9, 2013. Red Hat's Cedric Buissart  noted  that Debian-based distributions, based on polkit 0.105, are also vulnerable. Polkit  (née PolicyKit) is a toolkit for defining and handling authorizations in Linux distributions, and is used for allowing unprivileged processes to communicate with privileged processes. "When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and it cannot verify the privileg
New Cyber Espionage Group Targeting Ministries of Foreign Affairs

New Cyber Espionage Group Targeting Ministries of Foreign Affairs

Jun 11, 2021
Cybersecurity researchers on Thursday took the wraps off a new cyber espionage group that has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017. Dubbed " BackdoorDiplomacy ," the campaign involves targeting weak points in internet-exposed devices such as web servers to perform a panoply of cyber hacking activities, including laterally moving across the network to deploy a custom implant called Turian that's capable of exfiltrating sensitive data stored in removable media. "BackdoorDiplomacy shares tactics, techniques, and procedures with other Asia-based groups. Turian likely represents a next stage evolution of  Quarian , the backdoor last observed in use in 2013 against diplomatic targets in Syria and the U.S," said Jean-Ian Boutin, head of threat research at Slovak cybersecurity firm ESET. Engineered to target both Windows and Linux operating systems, th
U.S. Authorities Shut Down Slilpp—Largest Marketplace for Stolen Logins

U.S. Authorities Shut Down Slilpp—Largest Marketplace for Stolen Logins

Jun 11, 2021
The U.S. Department of Justice (DoJ) Thursday said it disrupted and took down the infrastructure of an underground marketplace known as " Slilpp " that specialized in trading stolen login credentials as part of an international law enforcement operation. Over a dozen individuals have been charged or arrested in connection with the illegal marketplace. The cyber crackdown, which involved the joint efforts of the U.S., Germany, the Netherlands, and Romania, also commandeered a set of servers hosting its infrastructure as well as the multiple domains the group operated. Operational since 2012, Slilpp was a marketplace for allegedly stolen online account login credentials belonging to 1,400 companies worldwide, offering for sale more than 80 million plundered usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts, which were abused to conduct unauthorized transactions, such as wire transfers, fro
Emerging Ransomware Targets Dozens of Businesses Worldwide

Emerging Ransomware Targets Dozens of Businesses Worldwide

Jun 10, 2021
An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational by riding on the coattails of a notorious ransomware syndicate. First observed in February 2021, " Prometheus " is an offshoot of another well-known ransomware variant called  Thanos , which was previously deployed against state-run organizations in the Middle East and North Africa last year. The affected entities are believed to be government, financial services, manufacturing, logistics, consulting, agriculture, healthcare services, insurance agencies, energy and law firms in the U.S., U.K., and a dozen more countries in Asia, Europe, the Middle East, and South America, according to new research published by Palo Alto Networks' Unit 42 threat intelligence team. Like other ransomware gangs, Prometheus takes advantage of double-extortion tactics and hosts a dark web leak site, where it names and shames new victims and makes stol
Expert Insights
Cybersecurity Resources