-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

ExpressVPN Removes Servers in India After Refusing to Comply with Government Order

ExpressVPN Removes Servers in India After Refusing to Comply with Government Order

Jun 02, 2022
Virtual Private Network (VPN) provider ExpressVPN on Thursday announced that it's removing Indian-based VPN servers in response to a new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In). "Rest assured, our users will still be able to connect to VPN servers that will give them Indian IP addresses and allow them to access the internet as if they were located in India," the company  said . "These 'virtual' India servers will instead be physically located in Singapore and the U.K." The development comes as the CERT-In has enforced new  controversial   data retention requirements  that are set to come into effect on June 27, 2022, and mandate VPN service providers to store subscribers' real names, contact details, and IP addresses assigned to them for at least five years. The logged user data, CERT-In emphasized, will only be requested for the purposes of "cyber incident response, protective and preventive ...
Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

Jun 02, 2022
A critical security flaw has been uncovered in UNISOC's smartphone chipset that could be potentially weaponized to disrupt a smartphone's radio communications through a malformed packet. "Left unpatched, a hacker or a military unit can leverage such a vulnerability to neutralize communications in a specific location," Israeli cybersecurity company Check Point said in a report shared with The Hacker News. "The vulnerability is in the modem firmware, not in the Android OS itself." UNISOC, a semiconductor company based in Shanghai, is the world's fourth-largest mobile processor manufacturer after Mediatek, Qualcomm, and Apple, accounting for 10% of all SoC shipments in Q3 2021, according to  Counterpoint Research . The now-patched issue has been assigned the identifier CVE-2022-20210 and is rated 9.4 out of 10 for severity on the CVSS vulnerability scoring system. In a nutshell, the vulnerability — discovered following a reverse-engineering of UNISOC...
SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities

SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities

Jun 02, 2022
The threat actor known as SideWinder has added a new custom tool to its arsenal of malware that's being used in phishing attacks against Pakistani public and private sector entities. "Phishing links in emails or posts that mimic legitimate notifications and services of government agencies and organizations in Pakistan are primary attack vectors of the gang," Singapore-headquartered cybersecurity company Group-IB  said  in a Wednesday report. SideWinder, also tracked under the monikers Hardcore Nationalist, Rattlesnake, Razor Tiger, and T-APT-04, has been active since at least 2012 with a primary focus on Pakistan and other Central Asian countries like Afghanistan, Bangladesh, Nepal, Singapore, and Sri Lanka. Last month, Kaspersky  attributed  to this group over 1,000 cyber attacks that took place in the past two years, while calling out its persistence and sophisticated obfuscation techniques. The threat actor's modus operandi involves the use of spear-phishing...
cyber security

Take the AI Sprawl CISO Survey. Get fast track to BlackHat swag

websiteRecoAI Security / SaaS Security
Answer questions on AI sprawl. First access to the peer benchmark report.
cyber security

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders

websiteZscalerAI Security / Network Security
VPN Risk Report reveals attackers using AI to move at machine speed, leaving legacy VPNs exposed.
DOJ Seizes 3 Web Domains Used to Sell Stolen Data and DDoS Services

DOJ Seizes 3 Web Domains Used to Sell Stolen Data and DDoS Services

Jun 02, 2022
The U.S. Department of Justice (DoJ) on Wednesday  announced  the seizure of three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service (DDoS) attacks for hire. This includes weleakinfo[.]to, ipstress[.]in, and ovh-booter[.]com, the first of which allowed its users to traffic hacked personal data and offered a searchable database containing illegally amassed information obtained from over 10,000 data breaches. The database consisted of seven billion indexed records featuring names, email addresses, usernames, phone numbers, and passwords for online accounts that could be accessed through different subscription tiers. The shutdown of weleakinfo[.]to comes more than two years after a related internet domain named weleakinfo[.]com was  confiscated in January 2020 , with law enforcement officials arresting 21 individuals in connection to the operation later that year. Last May, one of its operators was  sen...
New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

Jun 01, 2022
A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim. "Once the email is viewed, the attacker can silently take over the complete mail server without any further user interaction," SonarSource said in a report shared with The Hacker News. "The vulnerability exists in the default configuration and can be exploited with no knowledge of a targeted Horde instance." The issue, which has been assigned the CVE identifier  CVE-2022-30287 , was reported to the vendor on February 2, 2022. The maintainers of the Horde Project did not immediately respond to a request for comment regarding the unresolved vulnerability. At its core, the issue makes it possible for an authenticated user of a Horde instance to run malicious code on the underlying server by taking advantage of a quirk in how the client...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources