The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update. The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions. Upon successful exploitation, both critical vulnerabilities could allow an attacker to achieve arbitrary code execution in the context of the current user and take control of an affected system. However, the good news is that the company found no evidence of any exploits in the wild for these security issues, Adobe said. The vulnerability in Adobe Photoshop CC , discovered by Trend Micro Zero Day Initiative and assigned CVE-2019-7094, is a heap corruption issue which affects Photoshop CC 19.1.7 and earlier 19.x versions as well as Photoshop CC 20.0.2 and earlier 20.x versions for Microsoft Windows and Apple macOS operating systems. Users are recommended ...

Cynet goes head-to-head with CrowdStrike, DarkTrace, Cylance, Carbon Black & Symantec, offering their unhappy customers a refund for the time remaining on their existing contracts. Cynet, the automated threat discovery and mitigation platform was built to address the advanced threats that AV and Firewalls cannot stop. Today, Cynet announced that any organization currently deploying an advanced security solution from the list below who are unhappy with it and up for renewal in 2019 - can try Cynet for free  here. If they decide to switch to Cynet – they will be reimbursed for the remaining contract with the previous security vendor. The Cynet offer is relevant to companies that have at least 300 endpoints and are currently customers of any of the following solutions: Crowdstrike / Carbon Black / Darktrace / Cylance / Symantec / Fire Eye Endpoint Protection / SentinelOne / Cybereason / CISCO AMP / Trend Micro Apex / Palo Alto Networks Traps. What makes Cynet s...

Do you always think twice before installing Windows updates worrying that it could crash your system or leave it non-working the day after Patch Tuesdays? Don't worry. Microsoft has addressed this issue by adding a safety measure that would from now onwards automatically uninstall buggy software updates installed on your system if Windows 10 detects a startup failure, which could be due to incompatibility or issues in new software. A new document published by Microsoft on Monday, a day before this month's Patch Tuesday, says just like Windows "automatically installs updates to keep your device secure and running at peak efficiency," the OS will now run another automatic process to uninstall problematic updates. From now on, if you receive the following notification on your device, that means your Windows 10 computer has recently been recovered from a startup failure,first sighted by Windows Latest blog . "We removed some recently installed updates...

One of the most important software companies NGINX , which is also behind the very popular open-source web server of the same name, is being acquired by its rival, F5 Networks , in a deal valued at about $670 million. While NGINX is not a name that you have ever heard of, the reality is that you use NGINX every day when you post a photo, watch streaming video, purchase goods online, or log into your applications at work. NGINX powers over half of the busiest websites in the world. Majority of sites on the Internet today, including The Hacker News, and hundreds of thousands apps, like Instagram, Pinterest, Netflix, and Airbnb are hosted on web servers running NGINX. NGINX web server is the third most widely used servers in the world—behind only Microsoft and Apache, and ahead of Google. In short, the internet as we know it today would not exist without NGINX. F5 Acquires NGINX to Bridge NetOps and DevOps F5 Networks is the industry leader in cloud and security application...

A cybersecurity researcher who last month warned of a creative phishing campaign has now shared details of a new but similar attack campaign with The Hacker News that has specifically been designed to target mobile users. Just like the previous campaign, the new phishing attack is also based on the idea that a malicious web page could mimic look and feel of the browser window to trick even the most vigilant users into giving away their login credentials to attackers. Antoine Vincent Jebara , co-founder and CEO of password managing software Myki , shared a new video with The Hacker News, demonstrating how attackers can reproduce native iOS behavior, browser URL bar and tab switching animation effects of Safari in a very realistic manner on a web-page to present fake login pages, without actually opening or redirecting users to a new tab. New Phishing Attack Mimics Mobile Browser Animation and Design As you can see in the video, a malicious website that looks like Airbnb pro...