-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

New BLISTER Malware Using Code Signing Certificates to Evade Detection

New BLISTER Malware Using Code Signing Certificates to Evade Detection

Dec 24, 2021
Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems. The binary, a loader, has been dubbed "Blister" by researchers from Elastic Security, with the malware samples having  negligible  to  zero  detections on VirusTotal. As of writing, the infection vector used to stage the attack, as well as the ultimate objectives of the intrusion, remains unknown. A notable aspect of the attacks is that they leverage a valid code signing certificate issued by  Sectigo . The malware has been observed signed with the certificate in question dating back to September 15, 2021. Elastic said it reached out to the company to ensure that the abused certificates are revoked. "Executables with valid code signing certificates are often scrutinized to a lesser degree t...
CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities

Dec 23, 2021
Cybersecurity agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory in response to widespread exploitation of multiple vulnerabilities in Apache's Log4j software library by nefarious adversaries. "These vulnerabilities, especially Log4Shell, are severe," the intelligence agencies said in the  new   guidance . "Sophisticated cyber threat actors are actively scanning networks to potentially exploit  Log4Shell ,  CVE-2021-45046 , and  CVE-2021-45105  in vulnerable systems. These vulnerabilities are likely to be exploited over an extended period." An attacker can exploit Log4Shell (CVE-2021-44228) by submitting a specially crafted request to a vulnerable system that causes that system to execute arbitrary code. CVE-2021-45046, on the other hand, allows for remote code execution in certain non-default configurations, while CVE-2021-45105 could be leveraged by a remote attacker to cause a denial-of-service...
IoT SAFE — An Innovative Way to Secure IoT

IoT SAFE — An Innovative Way to Secure IoT

Dec 23, 2021
By the end of 2021, there will be 12 billion connected IoT devices, and by 2025, that number will rise to 27 billion . All these devices will be connected to the internet and will send useful data that will make industries, medicine, and cars more intelligent and more efficient. However, will all these devices be safe? It's worth asking what you can do to prevent (or at least reduce) becoming a victim of a cybercrime such as data theft or other forms of cybercrime in the future? Will IoT security ever improve? In recent years, the number of security vulnerabilities related to the Internet of Things has increased significantly. Let us start at the very beginning — most IoT devices come with default and publicly disclosed passwords. Moreover, the fact is that there are many cheap and low-capacity Internet of Things devices that lack even the most basic security. And that's not all — security experts are discovering new critical vulnerabilities every day. Numerous IoT devic...
cyber security

The Systems That Power America Are Under Threat. Is Your ICS/OT Program Ready?

websiteSANS InstituteCritical infrastructure / Webinar
Discover where federal ICS programs are most exposed and what closing the skills gap requires in practice.
cyber security

Inside Device Code Phishing: Live Demos, Real Kits, and What's Next

websitePush SecurityPhishing Attack / Webinar
Device code attacks are up 37x this year, with 18+ kits in the wild. Now available on-demand.
4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories

4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories

Dec 23, 2021
A security flaw has been unearthed in Microsoft's Azure App Service that resulted in the exposure of source code of customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. The vulnerability, codenamed " NotLegit ," was reported to the tech giant by Wiz researchers on October 7, 2021, following which mitigations have been undertaken to fix the information disclosure bug in November. Microsoft  said  a "limited subset of customers" are at risk, adding "Customers who deployed code to App Service Linux via Local Git after files were already created in the application were the only impacted customers." The  Azure App Service  (aka Azure Web Apps) is a cloud computing-based platform for building and hosting web applications. It allows users to deploy source code and artifacts to the service using a local  Git  repository, or via repositories hosted on GitHub and Bitbucket. The insecure default be...
Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software

Researchers Disclose Unpatched Vulnerabilities in Microsoft Teams Software

Dec 23, 2021
Microsoft said it won't be fixing or is pushing patches to a later date for three of the four security flaws uncovered in its Teams business communication platform earlier this March. The disclosure comes from Berlin-based cybersecurity firm Positive Security, which  found  that the implementation of the link preview feature was susceptible to a number of issues that could "allow accessing internal Microsoft services, spoofing the link preview, and, for Android users, leaking their IP address, and DoS'ing their Teams app/channels." Of the four vulnerabilities, Microsoft is said to have addressed only one that results in IP address leakage from Android devices, with the tech giant noting that a fix for the denial-of-service (DoS) flaw will be considered in a future version of the product. The issues were responsibly disclosed to the company on March 10, 2021. Chief among the flaws is a server-side request forgery ( SSRF ) vulnerability in the endpoint "/urlp...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources