The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

More than 50 Android apps on the Google Play Store—most of which were designed for kids and had racked up almost 1 million downloads between them—have been caught using a new trick to secretly click on ads without the knowledge of smartphone users. Dubbed " Tekya ," the malware in the apps imitated users' actions to click ads from advertising networks such as Google's AdMob, AppLovin', Facebook, and Unity, cybersecurity firm Check Point Research noted in a report shared with The Hacker News. "Twenty four of the infected apps were aimed at children (ranging from puzzles to racing games), with the rest being utility apps (such as cooking apps, calculators, downloaders, translators, and so on)," the researchers said. While the offending apps have been removed from Google Play, the find by Check Point Research is the latest in an avalanche of ad fraud schemes that have plagued the app storefront in recent years, with malware posing as optimizer an...

Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers. According to Microsoft , both unpatched flaws are being used in limited, targeted attacks and impact all supported versions of the Windows operating system—including Windows 10, 8.1 and Server 2008, 2012, 2016, and 2019 editions, as well as Windows 7 for which Microsoft ended its support on January 14, 2020. Both vulnerabilities reside in the Windows Adobe Type Manager Library , a font parsing software that not only parses content when open with a 3rd-party software but also used by Windows Explorer to display the content of a file in the 'Preview Pane' or 'Details Pane' without having users to open it. The flaws exist in Microsoft Windows when the Adobe Type Manager Library improperly "handles a specially-crafted multi-master font - Adobe Type ...

For the first time ever, the Apache Pulsar PMC team is publishing a user survey report. The 2020 Apache Pulsar User Survey Report reveals Pulsar's accelerating rate of global adoption, details how organizations are leveraging Pulsar to build real-time streaming applications, and highlights key features on Pulsar's product roadmap. Apache Pulsar is a cloud-native, distributed open source publish-subscribe (pub/sub) based high-performance server-to-server messaging and streaming system that manages hundreds of billions of events per day. It provides very low end-to-end latency, guaranteed message delivery, zero data loss, and a serverless lightweight computing framework for stream native data processing. Pulsar adoption has largely been driven by the market's increased demand for real-time, data-enabled technologies. While companies have tried to leverage monolithic messaging systems to build-out real-time offerings, they've hit major roadblocks. Ultimately, the...

Multiple zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360 's Netlab team, who say different attack groups have been using LILIN DVR zero-day vulnerabilities to spread Chalubo , FBot , and Moobot botnets at least since August 30, 2019. Netlab researchers said they reached out to LILIN on January 19, 2020, although it wasn't until a month later the vendor released a firmware update (2.0b60_20200207) addressing the vulnerabilities. The development comes as IoT devices are increasingly being used as an attack surface to launch DDoS attacks and as proxies to engage in various forms of cybercrime. What Are the LILIN Zero-Days About? The flaw in itself concerns a chain of vulnerabilities that make use of hard-coded login cred...

A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines. Called " Mukashi ," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall products to take control of the devices and add them to a network of infected bots that can be used to carry out Distributed Denial of Service (DDoS) attacks. Multiple Zyxel NAS products running firmware versions up to 5.21 are vulnerable to the compromise, Palo Alto Networks' Unit 42 global threat intelligence team said, adding they uncovered the first such exploitation of the flaw in the wild on March 12. Zyxel's Pre-Authentication Command Injection Flaw Mukashi hinges on a pre-authentication command injection vulnerability (tracked as CVE-2020-9054 ), for which a proof-...