-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

Feb 28, 2022
A group of academics from Tel Aviv University have disclosed details of now-patched "severe" design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool  said . Trusted Execution Environments ( TEEs ) are a secure zone that provide an isolated environment for the execution of Trusted Applications (TAs) to carry out security critical tasks to ensure confidentiality and integrity. On Android, the hardware-backed  Keystore  is a system that facilitates the creation and storage of cryptographic keys within the TEE, making them more difficult to be extracted from the device in a manner that prevents the underlying operating system fr...
CISA Warns of High-Severity Flaws in Schneider and GE Digital's SCADA Software

CISA Warns of High-Severity Flaws in Schneider and GE Digital's SCADA Software

Feb 28, 2022
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system ( ICS ) advisory related to multiple vulnerabilities impacting Schneider Electric's  Easergy  medium voltage protection relays. "Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay," the agency  said  in a bulletin on February 24, 2022. "This could result in loss of protection to your electrical network." The two high-severity weaknesses impact Easergy P3 versions prior to v30.205 and Easergy P5 versions before v01.401.101. Details of the flaws are as follows – CVE-2022-22722  (CVSS score: 7.5) – Use of hardcoded credentials that could be abused to observe and manipulate traffic associated with the device. CVE-2022-22723  and  CVE-2022-22725  (CVSS score: 8.8) – A buffer overflow vulnerability ...
Rebirth of Emotet: New Features of the Botnet and How to Detect it

Rebirth of Emotet: New Features of the Botnet and How to Detect it

Feb 28, 2022
One of the most dangerous and infamous threats is back again. In January 2021, global officials took down the botnet. Law enforcement sent a destructive update to the Emotet's executables. And it looked like the end of the trojan's story.  But the malware never ceased to surprise.  November 2021, it was reported that TrickBot no longer works alone and delivers Emotet. And ANY.RUN with colleagues in the industry were among the first to notice the emergence of Emotet's malicious documents. First Emotet malicious documents And this February, we can see a very active wave with crooks running numerous attacks, hitting the top in the rankings. If you are interested in this topic or researching malware, you can make use of the special help of  ANY.RUN , the interactive sandbox for the detection and analysis of cyber threats. Let's look at the new version's changes that this disruptive malware brought this time.  Emotet history Emotet is a sophisticated, constantly ...
cyber security

The AI Security Starter Pack

websiteWizAI Security / Cloud Security
Unlock 7 of the most widely used AI security resources in one place. Each asset provides practical tools for securing AI apps, models, and agents.
cyber security

11 real-world stories proving how identity drift opens active attack paths

websiteXM CyberIdentity Security / Exposure Management
Learn how attackers leverage privilege drift to reach critical assets across 11 architectural teardowns.
Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

Experts Create Apple AirTag Clone That Can Bypass Anti-Tracking Measures

Feb 28, 2022
Cybersecurity researchers have managed to build a clone of Apple Airtag that circumvents the anti-stalking protection technology built into its Find My Bluetooth-based tracking protocol. The result is a stealth AirTag that can successfully track an iPhone user for over five days without triggering a tracking notification, Positive Security's co-founder Fabian Bräunlein  said  in a deep-dive published last week. Find My is Apple's asset tracking app that allows users to track the GPS location of iOS, iPadOS, macOS, watchOS devices, AirPods, AirTags as well as other supported third-party accessories through a connected iCloud account. It also enables users to view the location of others who have opted to share their location. This is far from the first time weaknesses have been uncovered in Apple's Find My system. In March 2021, the Secure Mobile Networking Lab at the Technical University of Darmstadt, Germany (SEEMO)  disclosed  design and implementation flaws in...
Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

Iranian Hackers Using New Spying Malware That Abuses Telegram Messenger API

Feb 28, 2022
An Iranian geopolitical nexus threat actor has been uncovered deploying two new targeted malware that come with "simple" backdoor functionalities as part of an intrusion against an unnamed Middle East government entity in November 2021. Cybersecurity company Mandiant attributed the attack to an uncategorized cluster it's tracking under the moniker  UNC3313 , which it assesses with "moderate confidence" as associated with the MuddyWater state-sponsored group. "UNC3313 conducts surveillance and collects strategic information to support Iranian interests and decision-making," researchers Ryan Tomcik, Emiel Haeghebaert, and Tufail Ahmed  said . "Targeting patterns and related lures demonstrate a strong focus on targets with a geopolitical nexus." In mid-January 2022, U.S. intelligence agencies  characterized  MuddyWater (aka Static Kitten, Seedworm, TEMP.Zagros, or Mercury) as a subordinate element of the Iranian Ministry of Intelligence and...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources