-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Dec 16, 2021
Web infrastructure company Cloudflare on Wednesday revealed that threat actors are actively attempting to exploit a  second bug  disclosed in the widely used Log4j logging utility, making it imperative that customers move quickly to install the latest version as a barrage of attacks continues to pummel unpatched systems with a variety of malware. The new vulnerability, assigned the identifier  CVE-2021-45046 , makes it possible for adversaries to carry out denial-of-service (DoS) attacks and follows disclosure from the Apache Software Foundation (ASF) that the original fix for the remote code execution bug — CVE-2021-44228 aka Log4Shell — was "incomplete in certain non-default configurations." The issue has since been addressed in Log4j version 2.16.0. "This vulnerability is actively being exploited and anyone using Log4j should update to version 2.16.0 as soon as possible, even if you have previously updated to 2.15.0," Cloudflare's Andre Bluehs and Gabriel ...
Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets

Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets

Dec 15, 2021
Meta Platforms, the company formerly known as Facebook, has announced that it's expanding its  bug bounty program  to start rewarding valid reports of scraping vulnerabilities across its platforms as well as include reports of scraping data sets that are available online. "We know that automated activity designed to scrape people's public and private data targets every website or service," said Dan Gurfinkel, security engineering manager at Meta. "We also know that it is a highly adversarial space where scrapers — be it malicious apps, websites or scripts — constantly adapt their tactics to evade detection in response to the defenses we build and improve." To that end, the social media giant aims to  monetarily compensate  for valid reports of scraping bugs in its service and identify unprotected or openly public databases containing no less than 100,000 unique Facebook user records with personally identifiable information (PII) such as email, phone numb...
Cynet's MDR Offers Organizations Continuous Security Oversight

Cynet's MDR Offers Organizations Continuous Security Oversight

Dec 15, 2021
Today's cyber attackers are constantly looking for ways to exploit vulnerabilities and infiltrate organizations. To keep up with this evolving threat landscape, security teams must be on the lookout for potential risks around the clock. Since most organizations simply cannot afford to have 24x7 security teams, managed detection and response (MDR) services have become a critical aspect of any modern security stack.  Most organizations must find outsourced MDR providers on top of their existing solutions, but that's not always a feasible solution. XDR provider Cynet offers its MDR service ( learn more here ), which the company calls CyOps, as part of its offering. The service is much more than simply a help desk, though. CyOps offers a thorough MDR service that offers both monitoring and threat hunting, as well as incident response in cases where an attack is successful.  How CyOps operates The key selling point for CyOps MDR is that it enhances organizations' security a...
cyber security

The Systems That Power America Are Under Threat. Is Your ICS/OT Program Ready?

websiteSANS InstituteCritical infrastructure / Webinar
Discover where federal ICS programs are most exposed and what closing the skills gap requires in practice.
cyber security

Inside Device Code Phishing: Live Demos, Real Kits, and What's Next

websitePush SecurityPhishing Attack / Webinar
Device code attacks are up 37x this year, with 18+ kits in the wild. Now available on-demand.
Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials

Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials

Dec 15, 2021
Malicious actors are deploying a previously undiscovered binary, an Internet Information Services ( IIS ) webserver module dubbed " Owowa ," on Microsoft Exchange Outlook Web Access servers with the goal of stealing credentials and enabling remote command execution. "Owowa is a C#-developed .NET v4.0 assembly that is intended to be loaded as a module within an IIS web server that also exposes Exchange's Outlook Web Access (OWA)," Kaspersky researchers Paul Rascagneres and Pierre Delcher  said . "When loaded this way, Owowa will steal credentials that are entered by any user in the OWA login page, and will allow a remote operator to run commands on the underlying server." The idea that a rogue IIS module can be fashioned as a backdoor is not new. In August 2021, an exhaustive study of the IIS threat landscape by Slovak cybersecurity company ESET revealed  as many as 14 malware families that were developed as native IIS modules in an attempt to interc...
Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware

Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware

Dec 15, 2021
Microsoft has rolled out  Patch Tuesday updates  to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw that's being abused to deliver Emotet, TrickBot, or Bazaloader malware payloads. The latest monthly release for December fixes a total of 67 flaws, bringing the total number of bugs patched by the company this year to 887, according to the  Zero Day Initiative . Seven of the 67 flaws are rated Critical and 60 are rated as Important in severity, with five of the issues publicly known at the time of release. It's worth noting that this is in addition to the  21 flaws  resolved in the Chromium-based Microsoft Edge browser. The most critical of the lot is  CVE-2021-43890  (CVSS score: 7.1), a Windows AppX installer spoofing vulnerability that Microsoft said could be exploited to achieve arbitrary code execution. The lower severity rating is indicative of the fact that code execution hinges on ...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources