The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system. The vulnerability, identified as  CVE-2019-5736 , was discovered by open source security researchers Adam Iwaniuk and Borys Popławski and publicly disclosed by Aleksa Sarai, a senior software engineer and runC maintainer at SUSE Linux GmbH on Monday. The flaw resides in runC—a lightweight low-level command-line tool for spawning and running containers, an operating-system-level virtualization method for running multiple isolated systems on a host using a single kernel. Originally created by Docker, runC is the default container run-time for Docker, Kubernetes, ContainerD, CRI-O, and other container-dependent programs, and is widely being used by major cloud hosting and server providers. runC Cont...

A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac computers by deploying malicious EXE files that normally run only on Windows computers. Researchers found several samples of malicious macOS application (.dmg) masquerading as installers for popular software on a torrent site that includes an EXE application compiled with Mono framework to make it compatible with macOS. Mono is an open source implementation of Microsoft's .NET Framework that allows developers to create cross-platform .NET applications, which work across all supported platforms, including Linux, Windows and Mac OS X. Usually, running any Windows executable results in error on macOS systems, and its built-in protection mechanisms such as Gatekeeper also skips scann...

A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users. The malware, described as a " Clipper ," masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging to attackers, ESET researcher Lukas Stefanko explained in a blog post . Since cryptocurrency wallet addresses are made up of long strings of characters for security reasons, users usually prefer copying and pasting the wallet addresses using the clipboard over typing them out. The newly discovered clipper malware, dubbed Android/Clipper.C by ESET, took advantage of this behavior to steal users cryptocurrency. To do this, attackers first tricked users into installing the malicious app that impersonated a legitimate cryptocurrency service called MetaMask , claiming to let users...

Google has launched a new encryption algorithm that has been built specifically to run on mobile phones and smart IoT devices that don't have the specialized hardware to use current encryption methods to encrypt locally stored data efficiently. Encryption has already become an integral part of our everyday digital activities. However, it has long been known that encryption is expensive, as it causes performance issues, especially for low-end devices that don't have hardware support for making the encryption and decryption process faster. Since data security concerns have recently become very important, not using encryption is no more a wise tradeoff, and at the same time, using a secure but slow device on which apps take much longer to launch is also not a great idea. Currently Android OS supports AES-128-CBC-ESSIV for full-disk encryption and AES-256-XTS for file-based encryption, and Google has already made it mandatory for device manufacturers to include AES encry...

Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge. The Facetime bug (CVE-2019-6223) was discovered by 14-year-old Grant Thompson of Catalina Foothills High School while he was trying to set up a Group FaceTime session with his friends. Thompson reported the bug to the company a week before it made headlines across the internet, forcing Apple to temporarily disable the group calling feature within FaceTime. In its advisory published Thursday, Apple described the bug as "a logic issue existed in the handling of Group FaceTime calls," that also impacted the group FaceTime calling feature on Apple's macOS Mojave 10.14.2. Along with Thompson, Apple has also credited Daven Morris of Arlington, Texas, in its official advisory for reporting this bug. Acc...