The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

If you also found yourself logged out of Facebook on Friday, you are not alone. Facebook forced more than 90 million users to log out and back into their accounts in response to a massive data breach. On Friday afternoon, the social media giant disclosed that some unknown hackers managed to exploit three vulnerabilities in its website and steal data from 50 million users and that as a precaution, the company reset access tokens for nearly 90 million Facebook users. We covered a story yesterday based upon the information available at that time. Facebook Hack: 10 Important Updates You Need To Know About However, in a conference call [ Transcript 1 , Transcript 2 ] with reporters, Facebook vice president of product Guy Rosen shared a few more details of the terrible breach, which is believed to be the most significant security blunder in Facebook's history. Here's below we have briefed the new developments in the Facebook data breach incident that you need to know abo...

Logged out from your Facebook account automatically? Well you're not alone… Facebook just admitted that an unknown hacker or a group of hackers exploited a zero-day vulnerability in its social media platform that allowed them to steal secret access tokens for more than 50 million accounts. UPDATE:  10 Important Updates You Need To Know About the Latest Facebook Hacking Incident . In a brief blog post published Friday, Facebook revealed that its security team discovered the attack three days ago (on 25 September) and they are still investigating the security incident. The vulnerability, whose technical details has yet not been disclosed and now patched by Facebook, resided in the "View As" feature—an option that allows users to find out what other Facebook users would see if they visit your profile. According to the social media giant, the vulnerability allowed hackers to steal secret access tokens that could then be used to directly access users' private in...

Julian Assange, the founder of popular whistleblower website WikiLeaks, is stepping down from the position of editor-in-chief of the organisation under "extraordinary circumstances." Assange, the 47-year-old Australian hacker, founded WikiLeaks in 2006 and has since made many high-profile leaks, exposing 'dirty' secrets of several individuals, political parties as well as government organisations across the world. Assange has been forced to live in the Ecuadorian Embassy in London since June 2012, after he was granted asylum by the Ecuador government when a British court ordered his extradition to Sweden to face questioning sexual assault and rape. Ecuador has cut Assange off the Internet and any communication with the outside world except for his lawyers since late March this year, making it difficult for him to do his job of editor-in-chief to run WikiLeaks. Wikileaks Appoints Its New Editor-in-Chief According to a recent tweet from Wikileaks, those ...

A cybersecurity researcher with Google Project Zero has released the details, and a proof-of-concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8. Discovered by white hat hacker Jann Horn, the kernel vulnerability (CVE-2018-17182) is a cache invalidation bug in the Linux memory management subsystem that leads to use-after-free vulnerability, which if exploited, could allow an attacker to gain root privileges on the targeted system. The use-after-free (UAF) vulnerabilities are a class of memory corruption bug that can be exploited by unprivileged users to corrupt or alter data in memory, enabling them to cause a denial of service (system crash) or escalate privileges to gain administrative access on a system. Linux Kernel Exploit Takes an Hour to Gain Root Access However, Horn says his PoC Linux kernel exploit made available to the public "takes about an hour to run before popping a root shell....

An Australian teenager who pleaded guilty to break into Apple's private systems  multiple times over several months and download some 90GB of secure files has avoided conviction and will not serve time in prison. An Australian Children's Court has given the now 19-year-old adult defendant, who was 16 at the time of committing the crime, a probation order of eight months, though the magistrate made him understand how serious his offense was. The teen, whose cannot be named under a local law that protects the identity of juveniles, told the court that he hacked into Apple's systems because he was a huge fan of the company and "dreamed of" working for the technology giant. The "Hacky Hack Hack" Folder The teen hacked into Apple's servers not once, but numerous times over the course of more than a year—between June 2015 and November 2016, and in April 2017. As soon as the tech giant detected his presence on their servers, it blocked him and...

Bad news for Apple. The Chinese hacking team Pangu is back and has once again surprised everyone with a jailbreak for iOS 12 running on the brand-new iPhone XS. Well, that was really fast. Pangu jailbreak team has been quiet for a while, since it last released the untethered jailbreak tool for iOS 9 back in October 2015. Jailbreaking is a process of removing limitations on Apple's iOS devices so users can install third-party software not certified by Apple. Today, Android and iOS security researcher Min(Spark) Zheng shared a Tweet with two screenshots showing a working jailbreak on Apple's newly released iPhone XS with A12 Bionic chip achieved by one of the Pangu researchers. The Tweet also revealed that the iOS 12 jailbreak works by bypassing a functional PAC (Pointer authentication codes) mitigation implemented in the new Apple's A12 Bionic chip. Moreover, since the hardware of iPhone XS is very much identical to iPhone XS Max, the new iOS 12 jailbreak expl...

Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe. Dubbed LoJax , the UEFI rootkit is part of a malware campaign conducted by the infamous Sednit group, also known as APT28, Fancy Bear , Strontium , and Sofacy , to target several government organizations in the Balkans as well as in Central and Eastern Europe. Operating since at least 2007, Sednit group is a state-sponsored hacking group believed to be a unit of GRU (General Staff Main Intelligence Directorate), a Russian secret military intelligence agency. The hacking group has been associated with a number of high profile attacks, including the DNC hack just before the U.S. 2016 presidential election . UEFI, or Unified Extensible Firmware Interface, a replacement for the traditional BIOS, is a core and critical firmware component of a...

Security researchers have discovered even more dangerous capabilities in VPNFilter —the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier. Attributed to Russia's APT 28, also known as 'Fancy Bear,' VPNFilter is a malware platform designed to infect routers and network-attached storage devices from 75 brands including Linksys, MikroTik, Netgear, TP-Link, QNAP, ASUS, D-Link, Huawei, ZTE, Ubiquiti, and UPVEL. In May, when VPNFilter infected half a million routers and NAS devices in 54 countries, the FBI seized a key command-and-control domain used by the malware and asked people to reboot their routers. Initially, it was found that VPNFilter had been built with multiple attack modules that could be deployed to the infected routers to steal website credentials and monitor industrial controls or SCADA systems, such as those used in electric grids, other infr...

The same day Apple released its latest macOS Mojave operating system, a security researcher demonstrated a potential way to bypass new privacy implementations in macOS using just a few lines of code and access sensitive user data. On Monday, Apple started rolling out its new macOS Mojave 10.14 operating system update to its users, which includes a number of new privacy and security controls, including authorization prompts. Mojave 10.14 now pops up authorization prompts that require direct and real user interaction before any unprivileged third-party application can tap into users' sensitive information, such as address books, location data, message archives, Mail, and photos. Patrick Wardle, an ex-NSA hacker and now chief research officer at Digita Security, discovered a zero-day flaw that could allow an attacker to bypass authorization prompts and access users' personal information by using an unprivileged app. Wardle tweeted a video Monday showing how he was able ...

Security researchers have published the details and proof-of-concept (PoC) exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance solutions provider Qualys, which has been dubbed "Mutagen Astronomy," affects the kernel versions released between July 2007 and July 2017, impacting the Red Hat Enterprise Linux, CentOS, and Debian distributions. The Mutagen Astronomy vulnerability tracked as CVE-2018-14634, is a type of a local privilege escalation issue—one of the most common issues with operating systems as a whole—and exists in the Linux kernel's create_elf_tables() function that operates the memory tables. To successfully exploit this vulnerability, attackers need to have access to the targeted system and run their exploit that leads to a buffer overflow, thereby resulting in the execution of malici...

A former NSA employee has been sentenced to five and a half years in prison for illegally taking a copy of highly classified documents and hacking tools to his home computer between 2010 and 2015, which were later stolen by Russian hackers. Nghia Hoang Pho, 68, of Ellicott City, Maryland—who worked as a developer with Tailored Access Operations (TAO) hacking group at the NSA since April 2006—held various security clearances and had access to national defense and classified information. The personal Windows computer on which Pho stored the classified documents and tools was running Kaspersky antivirus software, which was then allegedly used, one way or another, by Russian hackers to steal the documents in 2015. Though Kaspersky Lab consistently denied any direct involvement in helping Russian intelligence agencies to pilfer sensitive secrets, the United States government banned federal agencies from using Kaspersky antivirus software over spying fears. In response, Kasper...

U.S. online fashion retailer SHEIN has admitted that the company has suffered a significant data breach after unknown hackers stole personally identifiable information (PII) of almost 6.5 million customers. Based in North Brunswick and founded in 2008, SHEIN has become one of the largest online fashion retailers that ships to more than 80 countries worldwide. The site has been initially designed to produce "affordable" and trendy fashion clothing for women. SHEIN revealed last weekend that its servers had been targeted by a "concerted criminal cyber-attack" that began in June this year and lasted until August 22, when the company was finally made aware of the potential theft. Soon after that, the company scanned its servers to remove all possible backdoored entry points, leveraging which hackers could again infiltrate the servers. SHEIN assured its customers that the website is now safe to visit. Hackers Stole Over 6.42 Million SHEIN Customers' Data ...