The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Among several vulnerabilities, Microsoft on Tuesday patched a critical vulnerability that could be exploited by hackers to bypass security measures on all versions of Windows operating systems from XP to Windows 10, just by modifying a single bit. The local privilege escalation vulnerability ( CVE-2015-0057 ) could give attackers total control of the victims' machines, explains Udi Yavo, the chief technology officer at the security firm enSilo. " A threat actor that gains access to a Windows machine can exploit this vulnerability to bypass all Windows security measures, defeating mitigation measures such as sandboxing, kernel segregation and memory randomization ," said Yavo. INTERESTING PART OF THE FLAW Yavo continued, " Interestingly, the exploit requires modifying only a single bit of the Windows operating system. " The flaw existed in the graphical user interface (GUI) component of the Win32k.sys module within the Windows Kernel which, amon...

Social Networking giant Facebook has just launched a new platform called ThreatExchange , which is designed to mount a coordinated defense against cybercrime. Many security professionals rely largely on manual methods for collecting, analyzing, and consuming information about latest cyber security threats such as malware and botnets . Whereas, Mark Zuckerberg's ThreatExchange is a unique social media platform where multiple organizations can sign up and share information about new threats to cyber security, new types of hacks, phishing attacks and malicious activities they may have experienced. COLLABORATE AND TAKE ACTION Facebook is currently using a threat analysis framework called " ThreatData " to discover and tackle scams and cybercrimes, but with the growth in the magnitude of cyber attacks, Facebook believes that better communication between companies could help stamp them out. " We quickly learned that sharing with one another was key to bea...

Security researchers have warned of a pair of vulnerabilities in the Google Play Store that could allow cyber crooks to install and launch malicious applications remotely on Android devices. Tod Beardsley, technical lead for the Metasploit Framework at Rapid7 warns that an X-Frame-Options (XFO) vulnerability – when combined with a recent Android WebView (Jelly Bean) flaw – creates a way for hackers to quietly install any arbitrary app from the Play store onto victims' device even without the users consent. USERS AFFECTED The vulnerability affects users running Android version 4.3 Jelly Bean and earlier versions of Android that no longer receive official security updates from Android security team for WebView , a core component used to render web pages on an Android device . Also, users who have installed third party browsers are affected. According to the researcher, the web browser in Android 4.3 and prior that are vulnerable to a Universal Cross-Site Scripting (...

A Serious vulnerability in Facebook has recently been reported that could allow anyone to delete your complete Facebook photo album without having authentication. Security Researcher Laxman Muthiyah told The Hacker News that the vulnerability actually resides in Facebook Graph API mechanism, which allows "a hacker to delete any photo album on Facebook . Any photo album owned by an user or a page or a group could be deleted." DELETING FACEBOOK PHOTO ALBUMS According to Facebook developers documentation, its not possible to delete albums using the Graph API, but Indian security researcher has found a way to delete not just his own, but also others Facebook photo albums within few seconds. " I decided to try it with Facebook for mobile access token because we can see delete option for all photo albums in Facebook mobile application isn't it? Yeah and also it uses the same Graph API ," he said. In general, Facebook Graph API requires an access tok...

Nearly 40,000 organisations running MongoDB , a NoSQL high performance and cross-platform document-oriented database, are found to be unprotected and vulnerable to hackers. Three students from University of Saarland in Germany at the Centre for IT Security – Kai Greshake, Eric Petryka and Jens Heyens – discovered that MongoDB databases running at TCP port 27017 as a service on several thousands of commercial web servers are easily accessible on the Internet. MongoDB is an open-source database used by companies of all sizes, across all industries for a wide variety of applications. MongoDB is built for scalability, performance and high availability, scaling from single server deployments to large, complex multi-site architectures. By leveraging in-memory computing, MongoDB provides high performance for both reads and writes. The German researchers said that they were able to get "read and write access" to the unsecured MongoDB databases without using any sp...

The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. This vulnerability is named after the GetHOSTbyname function involved in the exploit. Attackers utilize buffer overflow vulnerabilities like this one by sending specific packets of data to a vulnerable system. The attack allows the attacker to execute arbitrary code and take control of the victim's vulnerable machine. Unfortunately, the vulnerability exists in the GNU C Library (glibc) , a code library originally released in 2000, meaning it has been widely distributed. Many derivative programs utilize the glibc to carry out common tasks. Although an update released by Linux in 2013 mitigated this vulnerability, most systems and products have not installed the patch. What Can I Do About GHOST Vulnerability? Like with any vulnerability, the best way to mitigate GHOST vulnerability is to identify vulnerable systems, prioritiz...