The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A team of security researchers—which majorly focuses on finding clever ways to get into air-gapped computers by exploiting little-noticed emissions of a computer's components like light, sound and heat —have published another research showcasing that they can steal data not only from an air gap computer but also from a computer inside a Faraday cage. Air-gapped computers are those that are isolated from the Internet and local networks and so, are believed to be the most secure devices that are difficult to infiltrate. Whereas, Faraday cages are metallic enclosures that even blocks all electromagnetic signals, such as Wi-Fi, Bluetooth, cellular and other wireless communications, making any device kept inside the cage, even more, isolate from outside networks. However, Cybersecurity Research Center at Israel's Ben Gurion University, directed by 38-year-old Mordechai Guri, has developed two techniques that helped them exfiltrate data from computers placed inside a Faraday...

After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities (Variant 2). For those unaware, Spectre ( Variant 1, Variant 2 ) and Meltdown ( Variant 3 ) are security flaws disclosed by researchers earlier last month in processors from Intel, ARM, and AMD, leaving nearly every PC, server, and mobile phone on the planet vulnerable to data theft. Shortly after the researchers disclosed the Spectre and Meltdown exploits , Intel started releasing microcode patches for its systems running Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors. However, later the chip maker rollbacked the firmware updates and had to tell users to stop using an earlier update due to users complaining of frequent reboots and other unpredictable system behavior after installing patches. Although it should be a bit quicker, Intel i...

Apple source code for a core component of iPhone's operating system has purportedly been leaked on GitHub, that could allow hackers and researchers to discover currently unknown zero-day vulnerabilities to develop persistent malware and iPhone jailbreaks. The source code appears to be for iBoot —the critical part of the iOS operating system that's responsible for all security checks and ensures a trusted version of iOS is loaded. In other words, it's like the BIOS of an iPhone which makes sure that the kernel and other system files being booted whenever you turn on your iPhone are adequately signed by Apple and are not modified anyhow. The iBoot code was initially shared online several months back on Reddit , but it just resurfaced today on GitHub (repository now unavailable due to DMCA takedown). Motherboard consulted some security experts who have confirmed the legitimacy of the code. However, at this moment, it is unclear if the iBoot source code is complete...

Security researchers have discovered a custom-built piece of malware that's wreaking havoc in Asia for past several months and is capable of performing nasty tasks, like password stealing, bitcoin mining, and providing hackers complete remote access to compromised systems. Dubbed Operation PZChao , the attack campaign discovered by the security researchers at Bitdefender have been targeting organizations in the government, technology, education, and telecommunications sectors in Asia and the United States. Researchers believe nature, infrastructure, and payloads, including variants of the Gh0stRAT trojan, used in the PZChao attacks are reminiscent of the notorious Chinese hacker group— Iron Tiger . However, this campaign has evolved its payloads to drop trojan, conduct cyber espionage and mine Bitcoin cryptocurrency. The PZChao campaign is attacking targets across Asia and the U.S. by using similar attack tactics as of Iron Tiger, which, according to the researchers, si...

Virtual Private Network (VPN) is one of the best solutions you can have to protect your privacy and data on the Internet, but you should be more vigilant while choosing a VPN service which truly respects your privacy. If you are using the popular VPN service Hotspot Shield for online anonymity and privacy, you may inadvertently be leaking your real IP address and other sensitive information. Developed by AnchorFree GmbH, Hotspot Shield is a VPN service available for free on Google Play Store and Apple Mac App Store with an estimated 500 million users around the world. The service promises to " secure all online activities ," hide users' IP addresses and their identities and protect them from tracking by transferring their internet and browsing traffic through its encrypted channel. However, an 'alleged' information disclosure vulnerability discovered in Hotspot Shield results in the exposure of users data, like the name of Wi-Fi network name (if conne...

Due to the recent surge in cryptocurrency prices, threat actors are increasingly targeting every platform, including IoT, Android, and Windows, with malware that leverages the CPU power of victims' devices to mine cryptocurrency. Just last month, Kaspersky researchers spotted fake antivirus and porn Android apps infected with malware that mines Monero cryptocurrency, launches DDoS attacks, and performs several other malicious tasks, causing the phone's battery to bulge out of its cover. Now, security researchers at Chinese IT security firm Qihoo 360 Netlab discovered a new piece of wormable Android malware, dubbed ADB.Miner , that scans wide-range of IP addresses to find vulnerable devices and infect them to mine digital cryptocurrency. According to the researchers, ADB.Miner is the first Android worm to reuse the scanning code programmed in Mirai —the infamous IoT botnet malware that knocked major Internet companies offline last year by launching massive DDoS attac...

A critical vulnerability discovered in the Chrome and Firefox browser extension of the grammar-checking software Grammarly inadvertently left all 22 million users' accounts, including their personal documents and records, vulnerable to remote hackers. According to Google Project Zero researcher Tavis Ormandy, who discovered the vulnerability on February 2, the Chrome and Firefox extension of Grammarly exposed authentication tokens to all websites that could be grabbed by remote attackers with just 4 lines of JavaScript code. In other words, any website a Grammarly user visits could steal his/her authentication tokens, which is enough to login into the user's account and access every "documents, history, logs, and all other data" without permission. "I'm calling this a high severity bug, because it seems like a pretty severe violation of user expectations," Ormandy said in a vulnerability report . "Users would not expect that visiting a we...