The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue , the lack of rate limiting enabled "an attacker to attempt all 1 million passwords in a matter of minutes and gain access to other people's private (password protected) Zoom meetings." It's worth noting that Zoom began requiring a passcode for all meetings back in April as a preventive measure to combat Zoom-bombing attacks, which refers to the act of disrupting and hijacking Zoom meetings uninvited to share obscene and racist content. Anthony reported the security issue to the company on April 1, 2020, along with a Python-based proof-of-concept script, a week after which Zoom patched the flaw...

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed ' BootHole ' and tracked as CVE-2020-10713 , the reported vulnerability resides in the GRUB2 bootloader, which, if exploited, could potentially let attackers bypass the Secure Boot feature and gain high-privileged persistent and stealthy access to the targeted systems. Secure Boot is a security feature of the Unified Extensible Firmware Interface (UEFI) that uses a bootloader to load critical components, peripherals, and the operating system while ensuring that only cryptographically signed code executes during the boot process. "One of the explicit design goals of Secure Boot is to prevent unauthorized code, even running with administrator privileges, from gaining additional privileges and pre-OS pers...

Many endpoint security vendors are beginning to offer their applications only in the cloud, sunsetting their on-premise offerings. This approach may be beneficial to the vendor, but many clients continue to need on-premise solutions. Vendors that sunset on-premise solutions force clients that prefer on-premise solutions to either change their operating environment and approach or change vendors. Fortunately, some vendors continue to provide their offerings in both cloud and on-premise versions. One such company is Cynet , which allows clients to deploy their EDR and XDR (Extended Detection and Response) solutions in on-premise, cloud, and hybrid cloud delivery models. Clients can access the solution in any way they see fit now and into the future. This provides an alternative for organizations that do not want to be forced to move into the cloud. Cloud vs. On-Premise The cloud vs. on-premise argument continues to rage. Recently, however, it seems that everyone is jumpin...

Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS). A new report published by industrial cybersecurity company Claroty demonstrates multiple severe vulnerabilities in enterprise-grade VPN installations, including Secomea GateManager M2M Server, Moxa EDR-G902, and EDR-G903, and HMS Networks eWon's eCatcher VPN client. These vulnerable products are widely used in field-based industries such as oil and gas, water utilities, and electric utilities to remotely access, maintain and monitor ICS and field devices, including programmable logic controllers (PLCs) and input/output devices. According to Claroty researchers, successful exploitation of these vulnerabilities can give an unauthenticated attacker direct access to the ICS devices an...

Cybersecurity researchers today disclosed several security issues in popular online dating platform OkCupid that could potentially let attackers remotely spy on users' private information or perform malicious actions on behalf of the targeted accounts. According to a report shared with The Hacker News, researchers from Check Point found that the flaws in OkCupid's Android and web applications could allow the theft of users' authentication tokens, users IDs, and other sensitive information such as email addresses, preferences, sexual orientation, and other private data. After Check Point researchers responsibly shared their findings with OkCupid, the Match Group-owned company fixed the issues, stating, "not a single user was impacted by the potential vulnerability." The Chain of Flaws The flaws were identified as part of reverse engineering of OkCupid's Android app version 40.3.1, which was released on April 29 earlier this year. Since then, there ...