The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an elevation of privilege vulnerability (CVE-2019-1235) in Windows Text Service Framework (TSF), more likely related to a 20-year-old flaw Google security researcher disclosed last month . Two other vulnerabilities patched this month are reported as being actively exploited in the wild by hackers, both are privilege elevation flaws—one resides in the Windows operating system and the other in Windows Common Log File System Driver. Besides these, Microsoft has released patches for four critical RCE vulnerabilities in Windows built-in Remote Desktop Client application that could enabl...

What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecure storage of credentials, potentially affecting every user and system on that network. Researcher Simon Kenin told The Hacker News that he discovered a total of five vulnerabilities—two in a D-Link DSL modem typically installed to connect a home network to an ISP, and three in multiple Comba Telecom WiFi devices. These flaws could potentially allow attackers to change your device settings, extract sensitive information, perform MitM attacks, redirect you to phishing or malicious sites and launch many more types of attacks. "Since your router is the gateway in and out of your entire network it can potentially affect every user and system on that network. An attacker-controlled ...

It's Patch Tuesday again—the day of the month when both Adobe and Microsoft release security patches for vulnerabilities in their software. Adobe has just released its monthly security updates to address a total of 3 security vulnerabilities in only two of its products this time—Adobe Flash Player and Adobe Application Manager (AAM). None of the security vulnerabilities patched this month in Adobe products is being exploited in the wild. The latest update for Adobe Flash Player , the software that will receive security patch updates until the end of 2020, this month addresses two critical vulnerabilities and affects Windows, macOS, Linux, and Chrome OS versions of the software. Both the critical vulnerabilities in Flash Player, listed below, lead to arbitrary code execution in the context of the current user, allowing attackers to take complete control over targeted systems. Same-origin method execution (CVE-2019-8069) Use-after-free (CVE-2019-8070) Both the vuln...

Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server. Active since 2012, Stealth Falcon is a sophisticated hacking group known for targeting journalists, activists, and dissidents with spyware in the Middle East, primarily in the United Arab Emirates (UAE). Dubbed Win32/StealthFalcon , named after the hacking group, the malware communicates and sends collected data to its remote command-and-control (C&C) servers using Windows Background Intelligent Transfer Service (BITS). BITS is a communication protocol in Windows that takes unused network bandwidth to facilitate asynchronous, prioritized, and throttled transfer of files between machines in the foreground or background, without impacting the network experience. BITS is commonly used by software up...

Facebook has patched two high-severity vulnerabilities in its server application that could have allowed remote attackers to unauthorisedly obtain sensitive information or cause a denial of service just by uploading a maliciously constructed JPEG image file. The vulnerabilities reside in HHVM (HipHop Virtual Machine)—a high-performance, open source virtual machine developed by Facebook for executing programs written in PHP and Hack programming languages. HHVM uses a just-in-time (JIT) compilation approach to achieve superior performance of your Hack and PHP code while maintaining the development flexibility that the PHP language provides. Since the affected HHVM server application is open-source and free, both issues may also impact other websites that use HHVM, including Wikipedia, Box and especially those which allow their users to upload images on the server. Both the vulnerabilities, as listed below, reside due to a possible memory overflow in the GD extension of HHVM wh...