The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Last week Microsoft released its Advance Notification for the month of December 2014 Patch Tuesday Updates, and finally today released a total of seven security bulletins, which will address several vulnerabilities in its products, out of which three are marked 'critical' and rest are 'important' in severity. Last month after a big pile of security patches , the company released an an unusual emergency patch to fix a critical vulnerability in Microsoft Windows Kerberos KBC, authentication system used by default in the operating system, that cybercriminals exploited to compromise whole networks of computers. The three critical bulletins affect Internet Explorer, Office and Windows. All the versions of Microsoft Internet Explorer (IE) are affected except Server Core, which does not include IE. The critical zero-day IE vulnerability (CVE-2014-8967) was discovered by security researcher Arthur Gerkis of Zero Day Initiative (ZDI) in June this year. By explo...

POODLE , a critical SSL flaw discovered in October that was patched and fixed by webmasters around the world after Google alerted software and hardware vendors, has again made its way and this time the vulnerability affects implementations of the newer Transport Layer Security (TLS) protocol . Yes, the serious POODLE vulnerability that affected the most widely used web encryption standard Secure Sockets Layer (SSL) 3.0 has once again returned and is likely to affect some of the most popular web sites in the world — including those owned or operated by Bank of America, the US Department of Veteran's Affairs, and Accenture. POODLE (Padding Oracle On Downgraded Legacy Encryption) flaw, disclosed two months ago by Google security team, allowed attackers to perform Man-in-the-Middle (MitM) attack in order to intercept traffic between a user's browser and an HTTPS website to decrypt sensitive information, like the user's authentication cookies. Now, the dangerous flaw ...

Security researchers have discovered a highly nasty Linux trojan that has been used by cybercriminals in state sponsored attack in order to steal personal, confidential information from government institutions, military and pharmaceutical companies around the world. A previously unknown piece of a larger puzzle called " Turla ," one of the most complex Advanced Persistent Threats (APTs) uncovered by researchers at Kaspersky Lab in August, remained hidden on some systems for at least four years. The malware was notable for its use of a rootkit that made it extremely hard to detect. The German security company G Data believed that Turla campaign is linked to Russia and has in the past exploited a variety of Windows vulnerabilities, at least two of which were zero-days, to infect government institutions, embassies, military, education, research, and pharmaceutical companies in more than 45 countries. Recently, security researchers from Moscow-based Kaspersky Lab...

Security researchers have discovered a number of critical vulnerabilities in the Java environment of the Google App Engine (GAE) that enables attackers to bypass critical security sandbox defenses. Google App Engine is Google's PaaS (Platform as a Service) Cloud computing Platform for developing and hosting web applications in Google-managed data centers. GAE offers to run custom-built programs using a wide variety of popular languages and frameworks, out of which many are built on the Java environment. The vulnerabilities was reported by Security Explorations, the same security research company that carried out multiple researches related to Java in past. The discovery was announced on the Full Disclosure security mailing list by Adam Gowdiak , founder and CEO of Security Explorations. According to the security firm, the flaws can be exploited by attackers to achieve a complete Java VM security sandbox escape, as well as to execute an arbitrary code. The researchers ...

A critical, but easily exploitable personal information disclosure vulnerability has been discovered in the widely popular online marketplace AliExpress website that affects its millions of users worldwide. The reported vulnerability could allow anyone to steal personal information of hundreds of millions of AliExpress users without knowing their account passwords. AliExpress is an online marketplace owned by Chinese E-Commerce giant Alibaba.com , which offers more than 300 Million active users from more than 200 countries and regions to order items in bulk or one at a time at low wholesale prices. Amitay Dan , an Israeli application security researcher working at Cybermoon.cc, reported the vulnerability to The Hacker News after providing full disclosure of the flaw to the AliExpress team and Israeli media. According to the Proof-of-Concept video and screenshots provided by the security researcher to The Hacker News , AliExpress website allows logged in user to add...

Malware authors are trying hard to create malicious software with more innovative ways to infect victims. A new mobile Trojan horse infection has been discovered by security researchers that comes pre-loaded onto low-cost Chinese-made Android smartphones popular in Asia and Africa. The trojan, dubbed DeathRing , is a Chinese Trojan that masquerades as a ringtone app and comes pre-installed onto some cheap Android smartphones most popular in Asian and African countries including Vietnam, Indonesia, India, Nigeria, Taiwan, and China. DeathRing malware app cannot be uninstalled or removed by the end user or by antimalware software because it comes pre-installed in the system directory of the handsets at an unknown point within the supply chain, making the threat even more severe. WHAT DOES DEATHRING DO? Though the malware pretends to be a genuine ringtone app, but actually downloads SMS and WAP content from its command-and-control server to the victim's handset, which ...