-->
#1 Trusted Cybersecurity News Platform
Followed by 5.70+ million
The Hacker News Logo
Get the Latest News
cybersecurity

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy

Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy

Oct 07, 2022
Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices. Tracked as CVE-2022-40684 (CVSS score: 9.6), the critical flaw relates to an authentication bypass vulnerability that may permit an unauthenticated adversary to carry out arbitrary operations on the administrative interface via a specially crafted HTTP(S) request. The issue impacts the following versions, and has been addressed in FortiOS versions  7.0.7  and  7.2.2 , and FortiProxy versions 7.0.7 and 7.2.1 released this week: FortiOS - From 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1 FortiProxy - From 7.0.0 to 7.0.6 and 7.2.0 "Due to the ability to exploit this issue remotely, Fortinet is strongly recommending all customers with the vulnerable versions to perform an immediate upgrade," the company  cautioned  in an alert shared by a securit...
Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials

Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials

Oct 07, 2022
Meta Platforms on Friday disclosed that it had identified over 400 malicious apps on Android and iOS that it said targeted online users with the goal of stealing their Facebook login information. "These apps were listed on the Google Play Store and Apple's App Store and disguised as photo editors, games, VPN services, business apps, and other utilities to trick people into downloading them," the social media behemoth  said  in a report shared with The Hacker News. 42.6% of the rogue apps were photo editors, followed by business utilities (15.4%), phone utilities (14.1%), games (11.7%), VPNs (11.7%), and lifestyle apps (4.4%). Interestingly, a majority of the iOS apps posed as ads manager tools for Meta and its Facebook subsidiary. Besides concealing its malicious nature as a set of seemingly harmless apps, the operators of the scheme also published fake reviews that were designed to offset the negative reviews left by users who may have previously downloaded the apps...
The essentials of GRC and cybersecurity — How they empower each other

The essentials of GRC and cybersecurity — How they empower each other

Oct 07, 2022
Understanding the connection between GRC and cybersecurity When talking about cybersecurity, Governance, Risk, and Compliance (GRC) is often considered the least exciting part of business protection. However, its importance can't be ignored, and this is why.  While cybersecurity focuses on the technical side of protecting systems, networks, devices, and data, GRC is the tool that will help the entire organization understand and communicate how to do it. What does it mean? GRC tools like StandardFusion help companies  define and implement the best practices, procedures, and governance to ensure everyone understands the risks associated with their actions and how they can affect business security, compliance, and success. In simple words, GRC is the medium for creating awareness around cybersecurity's best practices to reduce risks and achieve business goals. Why is cybersecurity more relevant than ever before Cybersecurity aims to protect sensitive business data, intell...
cyber security

The AI Security Starter Pack

websiteWizAI Security / Cloud Security
Unlock 7 of the most widely used AI security resources in one place. Each asset provides practical tools for securing AI apps, models, and agents.
cyber security

11 real-world stories proving how identity drift opens active attack paths

websiteXM CyberIdentity Security / Exposure Management
Learn how attackers leverage privilege drift to reach critical assets across 11 architectural teardowns.
LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data

LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data

Oct 07, 2022
Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work of a single threat actor dubbed LofyGang . Checkmarx said it discovered 199 rogue packages totaling thousands of installations, with the group operating for over a year with the goal of stealing credit card data as well as user accounts associated with Discord Nitro, gaming, and streaming services. "LofyGang operators are seen promoting their hacking tools in hacking forums, while some of the tools are shipped with a hidden backdoor," the software security company said in a report shared with The Hacker News prior to its publication. Various pieces of the attack puzzle have already been reported by  JFrog ,  Sonatype , and  Kaspersky  (which called it LofyLife), but the latest analysis pulls the various operations together under one organizational umbrella that Checkmarx is referring to as  LofyGang . Believed to be ...
Hackers Can Use 'App Mode' in Chromium Browsers' for Stealth Phishing Attacks

Hackers Can Use 'App Mode' in Chromium Browsers' for Stealth Phishing Attacks

Oct 07, 2022
In what's a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create "realistic desktop phishing applications." Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window, while also displaying the website's favicon and hiding the address bar. According to security researcher mr.d0x – who also devised the browser-in-the-browser ( BitB ) attack method earlier this year – a bad actor can leverage this behavior to resort to some HTML/CSS trickery and display a fake address bar on top of the window and fool users into giving up their credentials on rogue login forms. "Although this technique is meant more towards internal phishing, you can technically still use it in an external phishing scenario," mr.d0x  said . "You can deliver these fake applications independently as files." This is...
BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

Oct 07, 2022
In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection," Sophos threat researcher Andreas Klopsch  said  in a new technical write-up. BYOVD is an  attack technique  that involves threat actors abusing vulnerabilities in legitimate, signed drivers to achieve successful kernel-mode exploitation and seize control of compromised machines. Weaknesses in signed drivers have been increasingly co-opted by nation-state threat groups in recent years, including  Slingshot ,  InvisiMole ,  APT28 , and most recently, the  Lazarus Group . BlackByte, believed to be an offshoot of the  now-discontinued Conti group , is part of the big game cybercrime crews, which zeroes in on larg...
⚡ Top Stories This Week
Expert Insights Articles Videos
Cybersecurity Resources