The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Finally, it's happening. Microsoft has built its own custom Linux kernel to power " Azure Sphere ," a newly launched technology that aims to better secure billions of " Internet of things " devices by combining the custom Linux kernel with new chip design, and its cloud security service. Project Azure Sphere focuses on protecting microcontroller-based IoT devices, including smart appliances, connected toys, and other smart gadgets, Microsoft announced during the security-focused RSA Conference in San Francisco Monday. It is basically a security package consists of three main components: Azure Sphere-certified microcontrollers (MCUs) Azure Sphere OS Azure Sphere Security Service "Azure Sphere provides security that starts in the hardware and extends to the cloud, delivering holistic security that protects, detects, and responds to threats—so they're always prepared," Microsoft said. Internet of Things (IoT) devices are 'ridicu...

Security researchers have been warning about an ongoing malware campaign hijacking Internet routers to distribute Android banking malware that steals users' sensitive information, login credentials and the secret code for two-factor authentication. In order to trick victims into installing the Android malware, dubbed Roaming Mantis , hackers have been hijacking DNS settings on vulnerable and poorly secured routers . DNS hijacking attack allows hackers to intercept traffic, inject rogue ads on web-pages and redirect users to phishing pages designed to trick them into sharing their sensitive information like login credentials, bank account details, and more. Hijacking routers' DNS for a malicious purpose is not new. Previously we reported about widespread DNSChanger and Switcher —both the malware worked by changing the DNS settings of the wireless routers to redirect traffic to malicious websites controlled by attackers. Discovered by security researchers at Kaspersk...

Internet-connected technology, also known as the Internet of Things (IoT), is now part of daily life, with smart assistants like Siri and Alexa to cars, watches, toasters, fridges, thermostats, lights, and the list goes on and on. But of much greater concern, enterprises are unable to secure each and every device on their network, giving cybercriminals hold on their network hostage with just one insecure device. Since IoT is a double-edged sword, it not only poses huge risks to enterprises worldwide but also has the potential to severely disrupt other organisations, or the Internet itself . There's no better example than Mirai , the botnet malware that knocked the world's biggest and most popular websites offline for few hours over a year ago. We have another great example that showcases how one innocent looking insecure IoT device connected to your network can cause security nightmares. Nicole Eagan, the CEO of cybersecurity company Darktrace, told attendees at...

A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial brands, all claiming to back new ways to earn passive income. The goal? Build trust quickly and steer readers toward professional-looking scam platforms like Trap10, Solara Vynex, or Eclipse Earn. Scammers use sponsored ads on Google, Meta, and blog networks to push traffic to these sites. Ads often carry clickbait headlines—"You won't believe what a prominent public figure just revealed"—paired with official photos or national flags to make them feel legit. Clicking the ad directs users to a fake article, which then redirects them to a fraudulent trading platform. Many of these scams follow a...

Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit code. Two weeks ago, Drupal security team discovered a highly critical remote code execution vulnerability, dubbed Drupalgeddon2 , in its content management system software that could allow attackers to completely take over vulnerable websites. To address this vulnerability the company immediately released updated versions of Drupal CMS without releasing any technical details of the vulnerability, giving more than a million sites enough time to patch the issue. Two days ago, security researchers at Check Point and Dofinity published complete technical details about this vulnerability (CVE-2018-7600), using which, a Russian security researcher published a proof-of-concept (PoC) exploit code for Drupalgeddon2 on GitHub. The Drupalgeddon2 vulnerability that affects all versions of Drupal from 6 to 8 allows an unauthenticated, remote attack...

While performing in-depth analysis of various malware samples, security researchers at Cyberbit found a new code injection technique, dubbed Early Bird , being used by at least three different sophisticated malware that helped attackers evade detection. As its name suggests, Early Bird is a "simple yet powerful" technique that allows attackers to inject malicious code into a legitimate process before its main thread starts, and thereby avoids detection by Windows hook engines used by most anti-malware products. The Early Bird code injection technique "loads the malicious code in a very early stage of thread initialization, before many security products place their hooks—which allows the malware to perform its malicious actions without being detected," the researchers said. The technique is similar to the AtomBombing code injection technique that does not rely on easy-to-detect API calls, allowing malware to inject code into processes in a manner that no a...

Android ecosystem is highly broken when it comes to security, and device manufacturers (better known as OEMs) make it even worse by not providing critical patches in time. According to a new study, most Android vendors have been lying to users about security updates and telling customers that their smartphones are running the latest updates. In other words, most smartphone manufacturers including big players like Samsung, Xiaomi, OnePlus, Sony, HTC, LG, and Huawei are not delivering you every critical security patch they're supposed to, a study by Karsten Nohl and Jakob Lell of German security firm Security Research Labs (SRL) revealed. Nohl and Lell examined the firmware of 1,200 smartphones from over a dozen vendors, for every Android patch released last year, and found that many devices have a "patch gap," leaving parts of the Android ecosystem exposed to hackers. "Sometimes these guys just change the date without installing any patches. Probably for m...

Do you think it is possible to extract data from a computer using its power cables? If no, then you should definitely read about this technique. Researchers from Israel's Ben Gurion University of the Negev—who majorly focus on finding clever ways to exfiltrate data from an isolated or air-gapped computer—have now shown how fluctuations in the current flow "propagated through the power lines" could be used to covertly steal highly sensitive data. Sound something like a James Bond movie? Well, the same group of researchers has previously demonstrated various out-of-band communication methods to steal data from a compromised air-gapped computer via light , sound , heat , electromagnetic , magnetic and ultrasonic waves . Air-gapped computers are those that are isolated from the Internet and local networks and therefore, are believed to be the most secure devices that are difficult to infiltrate or exfiltrate data. "As a part of the targeted attack, the adve...

A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete patch this month —almost 18 months after receiving the responsible disclosure report. The Microsoft Outlook vulnerability (CVE-2018-0950) could allow attackers to steal sensitive information, including users' Windows login credentials, just by convincing victims to preview an email with Microsoft Outlook, without requiring any additional user interaction. The vulnerability, discovered by Will Dormann of the CERT Coordination Center (CERT/CC), resides in the way Microsoft Outlook renders remotely-hosted OLE content when an RTF (Rich Text Format) email message is previewed and automatically initiates SMB connections. A remote attacker can exploit this vulnerability by sending an RTF email to a target victim, containing a remotely-hosted image file (OLE object), loading from the attacker-controlled SMB server. Since Microsoft Outlook a...

Can you get hacked just by clicking on a malicious link or opening a website? — YES . Microsoft has just released its April month's Patch Tuesday security updates, which addresses multiple critical vulnerabilities in its Windows operating systems and other products, five of which could allow an attacker to hack your computer by just tricking you visit a website. Microsoft has patched five critical vulnerabilities in Windows Graphics Component that reside due to improper handling of embedded fonts by the Windows font library and affects all versions of Windows operating systems to date, including Windows 10 / 8.1 / RT 8.1 / 7, Windows Server 2008 / 2012 / 2016. An attacker can exploit these issues by tricking an unsuspecting user to open a malicious file or a specially crafted website with the malicious font, which if open in a web browser, would hand over control of the affected system to the attacker. All these five vulnerabilities in Windows Microsoft Graphics were dis...

Facebook pays millions of dollars every year to researchers and bug hunters to stamp out security holes in its products and infrastructure, but following Cambridge Analytica scandal , the company today launched a bounty program to reward users for reporting "data abuse" on its platform. The move comes as Facebook CEO Mark Zuckerberg prepares to testify before Congress this week amid scrutiny over the data sharing controversy surrounding Cambridge Analytica, a political consultancy firm that obtained and misused data on potentially 87 million of its users . Through its new " Data Abuse Bounty " program, Facebook would ask users to help the social media giant find app developers misusing data, Facebook announced Tuesday. Similar to its existing bug bounty program, the Data Abuse Bounty program will reward a sum of money to anyone who reports valid events of data collection that violate Facebook's revamped data policies . "This program is complemen...

A serious vulnerability has been exposed in "emergency alert systems" that could be exploited remotely via radio frequencies to activate all the sirens, allowing hackers to trigger false alarms. The emergency alert sirens are used worldwide to alert citizens about natural disasters, man-made disasters, and emergency situations, such as dangerous weather conditions, severe storms, tornadoes and terrorist attacks. False alarms can create panic and chaos across the city, as witnessed in Dallas last year , when 156 emergency sirens were turned on for about two hours, waking up residents and sparking fears of a disaster. Dubbed " SirenJack Attack ," the vulnerability discovered by a researcher at Bastille security firm affects warning sirens manufactured by Boston-based ATI Systems, which are being used across major towns and cities, as well as Universities, military facilities, and industrial sites. According to Balint Seeber, director of threat research at...

Facebook CEO Mark Zuckerberg will testify before Congress this week to explain how his company collects and handles users' personal information. The past few weeks have been difficult for Facebook over concerns that the data of millions of users has been breached. Facebook stores details of almost every action you have taken and interaction you have engaged in on its platform. What many Facebook users are unaware of, though, is that you can easily download and see all the information Facebook has collected from you in just a few minutes. Here's how to find out what data Facebook has collected over time, including all your past posts, messages, photos, videos and more. Here's how to Download Your Facebook Data: First, sign into Facebook (on a desktop browser, not your mobile). Then, click the drop-down arrow on the top right, and click on "Settings." This will take you to facebook.com/settings, where you will find your "General Account Set...