#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Microsoft Issues Security Patch Update for 14 New Critical Vulnerabilities

Microsoft Issues Security Patch Update for 14 New Critical Vulnerabilities

Feb 14, 2018
Microsoft's Patch Tuesday for this month falls the day before the most romantic day of the year. Yes, it's Valentine's, and the tech giant has released its monthly security update for February 2018, addressing a total of 50 CVE-listed vulnerabilities in its Windows operating system, Microsoft Office, web browsers and other products. Fourteen of the security updates are listed as critical, 34 are rated as important, and 2 of them are rated as moderate in severity. The critical update patches serious security flaws in Edge browser and Outlook client, an RCE in Windows' StructuredQuery component, and several memory corruption bugs in the scripting engines used by Edge and Internet Explorer. Critical Microsoft Outlook Vulnerability One of the most severe bugs includes a memory corruption vulnerability ( CVE-2018-0852 ) in Microsoft Outlook, which can be exploited to achieve remote code execution on the targeted machines. In order to trigger the vulnerability...
Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

Feb 13, 2018
A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash. The Telegram vulnerability was uncovered by security researcher Alexey Firsh from Kaspersky Lab last October and affects only the Windows client of Telegram messaging software. The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software onto their PCs that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine, according to a blogpost on Securelist. Here's How Telegram Vulnerability Works The vulnerability resides in the way Telegram Windows client handles the RLO (right-to-left override) Unicode character (U+202E), which is used for coding languages that are written from right to left, li...
PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack

PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack

Feb 13, 2018
The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday. The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of televisions and internet at the main press center, leaving attendees unable to print their tickets for events or get venue information. The Pyeongchang Winter Olympics organizing committee confirmed Sunday that a cyber attack hit its network helping run the event during the opening ceremony, which was fully restored on 8 am local time on Saturday—that's full 12 hours after the attack began. Multiple cybersecurity firms published reports on Monday, suggesting that the cause of the disruption was "destructive" wiper malware that had been spread throughout the Winter Games' official network using stolen credentials. Dubbed...
cyber security

10 Best Practices for Building a Resilient, Always-On Compliance Program

websiteXM CyberCyber Resilience / Compliance
Download XM Cyber's handbook to learn 10 essential best practices for creating a robust, always-on compliance program.
cyber security

Maximize the Security Tools You Already Have

websitePrelude SecuritySecurity Control Validation
Hone your EDR, identity, vuln, and email platforms against the threats that matter with a 14-day trial.
Thousands of Government Websites Hacked to Mine Cryptocurrencies

Thousands of Government Websites Hacked to Mine Cryptocurrencies

Feb 12, 2018
There was a time when hackers simply defaced websites to get attention, then they started hijacking them to spread banking trojan and ransomware, and now the trend has shifted towards injecting scripts into sites to mine cryptocurrencies. Thousands of government websites around the world have been found infected with a specific script that secretly forces visitors' computers to mine cryptocurrency for attackers. The cryptocurrency mining script injection found on over 4,000 websites, including those belonging to UK's National Health Service (NHS), the Student Loan Company, and data protection watchdog Information Commissioner's Office (ICO), Queensland legislation, as well as the US government's court system. Users who visited the hacked websites immediately had their computers' processing power hijacked, also known as cryptojacking, to mine cryptocurrency without their knowledge, potentially generating profits for the unknown hacker or group of hackers. ...
Russian Scientists Arrested for Using Nuclear Weapon Facility to Mine Bitcoins

Russian Scientists Arrested for Using Nuclear Weapon Facility to Mine Bitcoins

Feb 10, 2018
Two days ago when infosec bods claimed to have uncovered what's believed to be the first case of a SCADA network (a water utility) infected with cryptocurrency-mining malware, a batch of journalists accused other authors of making fear-mongering headlines, taunting that the next headline could be about cryptocurrency-miner detected in a nuclear plant. It seems that now they have to run a story themselves with such headlines on their website because Russian Interfax News Agency yesterday reported that several scientists at Russia's top nuclear research facility had been arrested for mining cryptocurrency with "office computing resources." The suspects work as engineers at the Russian Federation Nuclear Center facility—also known as the All-Russian Research Institute of Experimental Physics—which works on developing nuclear weapons. The center is located in Sarov, Sarov is still a restricted area with high security. It is also the birthplace of the Soviet Uni...
WordPress Update Breaks Automatic Update Feature—Apply Manual Update

WordPress Update Breaks Automatic Update Feature—Apply Manual Update

Feb 09, 2018
WordPress administrators are once again in trouble. WordPress version 4.9.3 was released earlier this week with patches for a total 34 vulnerabilities, but unfortunately, the new version broke the automatic update mechanism for millions of WordPress websites. WordPress team has now issued a new maintenance update, WordPress 4.9.4 , to patch this severe bug, which WordPress admins have to install manually. According to security site WordFence , when WordPress CMS tries to determine whether the site needs to install an updated version, if available, a PHP error interrupts the auto-update process. If not updated manually to the latest 4.9.4 version, the bug would leave your website on WordPress 4.9.3 forever, leaving it vulnerable to future security issues. Here's what WordPress lead developer Dion Hulse explained about the bug: "#43103-core aimed to reduce the number of API calls which get made when the auto-update cron task is run. Unfortunately, due to human e...
New Point-of-Sale Malware Steals Credit Card Data via DNS Queries

New Point-of-Sale Malware Steals Credit Card Data via DNS Queries

Feb 09, 2018
Cybercriminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect. A new strain of malware has now been discovered that relies on a unique technique to steal payment card information from point-of-sale (PoS) systems. Since the new POS malware relies upon User Datagram Protocol (UDP) DNS traffic for the exfiltration of credit card information, security researchers at Forcepoint Labs, who have uncovered the malware, dubbed it UDPoS . Yes, UDPoS uses Domain Name System (DNS) queries to exfiltrate stolen data, instead of HTTP that has been used by most POS malware in the past. This malware is also thought to be first of its kind. Besides using 'unusual' DNS requests to exfiltrate data, the UDPoS malware disguises itself as an update from LogMeIn —a legitimate remote desktop control service used to manage computers and other systems remo...
Secure VPN Services — Get 91% Off On Lifetime Subscriptions

Secure VPN Services — Get 91% Off On Lifetime Subscriptions

Feb 08, 2018
Since most of us rely upon the Internet for day-to-day activities, hacking and spying have become a prime concern today, and so have online security and privacy. The governments across the world have been found to be conducting mass surveillance and then there are hackers and cybercriminals who are always looking for ways to steal your sensitive and personal data from the ill-equipped networks, websites, and PCs. Even most online services and websites today collect your personal data, including search histories, location data, and buying habits, and makes millions by sharing them with advertisers and marketers. In short, we have no or very little online privacy. This is why schools, colleges, hospitals and other small and big businesses are moving towards adopting a solution that allows them to store and access their personal data securely. The solution: Virtual Private Network. Virtual Private Network, or VPN, serves as an encrypted tunnel that secures your computer's Int...
Hackers Can Now Steal Data Even From Faraday Cage Air-Gapped Computers

Hackers Can Now Steal Data Even From Faraday Cage Air-Gapped Computers

Feb 08, 2018
A team of security researchers—which majorly focuses on finding clever ways to get into air-gapped computers by exploiting little-noticed emissions of a computer's components like light, sound and heat —have published another research showcasing that they can steal data not only from an air gap computer but also from a computer inside a Faraday cage. Air-gapped computers are those that are isolated from the Internet and local networks and so, are believed to be the most secure devices that are difficult to infiltrate. Whereas, Faraday cages are metallic enclosures that even blocks all electromagnetic signals, such as Wi-Fi, Bluetooth, cellular and other wireless communications, making any device kept inside the cage, even more, isolate from outside networks. However, Cybersecurity Research Center at Israel's Ben Gurion University, directed by 38-year-old Mordechai Guri, has developed two techniques that helped them exfiltrate data from computers placed inside a Faraday...
Intel Releases New Spectre Patch Update for Skylake Processors

Intel Releases New Spectre Patch Update for Skylake Processors

Feb 08, 2018
After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities (Variant 2). For those unaware, Spectre ( Variant 1, Variant 2 ) and Meltdown ( Variant 3 ) are security flaws disclosed by researchers earlier last month in processors from Intel, ARM, and AMD, leaving nearly every PC, server, and mobile phone on the planet vulnerable to data theft. Shortly after the researchers disclosed the Spectre and Meltdown exploits , Intel started releasing microcode patches for its systems running Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors. However, later the chip maker rollbacked the firmware updates and had to tell users to stop using an earlier update due to users complaining of frequent reboots and other unpredictable system behavior after installing patches. Although it should be a bit quicker, Intel i...
Apple's iBoot Source Code for iPhone Leaked on Github

Apple's iBoot Source Code for iPhone Leaked on Github

Feb 08, 2018
Apple source code for a core component of iPhone's operating system has purportedly been leaked on GitHub, that could allow hackers and researchers to discover currently unknown zero-day vulnerabilities to develop persistent malware and iPhone jailbreaks. The source code appears to be for iBoot —the critical part of the iOS operating system that's responsible for all security checks and ensures a trusted version of iOS is loaded. In other words, it's like the BIOS of an iPhone which makes sure that the kernel and other system files being booted whenever you turn on your iPhone are adequately signed by Apple and are not modified anyhow. The iBoot code was initially shared online several months back on Reddit , but it just resurfaced today on GitHub (repository now unavailable due to DMCA takedown). Motherboard consulted some security experts who have confirmed the legitimacy of the code. However, at this moment, it is unclear if the iBoot source code is complete...
Cyber Espionage Group Targets Asian Countries With Bitcoin Mining Malware

Cyber Espionage Group Targets Asian Countries With Bitcoin Mining Malware

Feb 07, 2018
Security researchers have discovered a custom-built piece of malware that's wreaking havoc in Asia for past several months and is capable of performing nasty tasks, like password stealing, bitcoin mining, and providing hackers complete remote access to compromised systems. Dubbed Operation PZChao , the attack campaign discovered by the security researchers at Bitdefender have been targeting organizations in the government, technology, education, and telecommunications sectors in Asia and the United States. Researchers believe nature, infrastructure, and payloads, including variants of the Gh0stRAT trojan, used in the PZChao attacks are reminiscent of the notorious Chinese hacker group— Iron Tiger . However, this campaign has evolved its payloads to drop trojan, conduct cyber espionage and mine Bitcoin cryptocurrency. The PZChao campaign is attacking targets across Asia and the U.S. by using similar attack tactics as of Iron Tiger, which, according to the researchers, si...
Expert Insights Articles Videos
Cybersecurity Resources