The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. Apache Struts is an open source framework for developing web applications in the Java programming language and is widely used by enterprises globally, including by 65 percent of the Fortune 100 companies, like Vodafone, Lockheed Martin, Virgin Atlantic, and the IRS. The vulnerability ( CVE-2018-11776 ) resides in the core of Apache Struts and originates because of insufficient validation of user-provided untrusted inputs in the core of the Struts framework under certain configurations. The newly found Apache Struts exploit can be triggered just by visiting a specially crafted URL on the affected web server, allowing attackers to execute malicious code and eventually take complete control over the targeted server running the vulnerable applicatio...

Adobe released an out-of-band security update earlier today to address two critical remote code execution vulnerabilities impacting Adobe Photoshop CC for Microsoft Windows and Apple macOS machines. According to the security advisory published Wednesday by Adobe, its Photoshop CC software is vulnerable to two critical memory corruption vulnerabilities, which could allow a remote attacker to execute arbitrary code in the context of the targeted user. The vulnerabilities, identified as CVE-2018-12810 and CVE-2018-12811, impact Adobe Photoshop CC 2018 version 19.1.5 and earlier 19.x versions, as well as Adobe Photoshop CC 2017 version 18.1.5 and earlier 18.x versions. The critical security flaws were discovered and reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs, and have now been addressed by Adobe with the release of Photoshop CC versions 19.1.6 and 18.1.6. Also Read: Teen Arrested for Hacking into Apple's Network It should be noted that these RCE vu...

Google Project Zero's security researcher has discovered a critical remote code execution (RCE) vulnerability in Ghostscript—an open source interpreter for Adobe Systems' PostScript and PDF page description languages. Written entirely in C, Ghostscript is a package of software that runs on different platforms, including Windows, macOS, and a wide variety of Unix systems, offering software the ability to convert PostScript language files (or EPS) to many raster formats, such as PDF, XPS, PCL or PXL. A lot of popular PDF and image editing software, including ImageMagick and GIMP, use Ghostscript library to parse the content and convert file formats. Ghostscript suite includes a built-in -dSAFER sandbox protection option that handles untrusted documents, preventing unsafe or malicious PostScript operations from being executed. However, Google Project Zero team researcher Tavis Ormandy discovered that Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities,...

Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013. Dubbed Dark Tequila , the campaign delivers an advanced keylogger malware that managed to stay under the radar for five years due to its highly targeted nature and a few evasion techniques. Dark Tequila has primarily been designed to steal victims' financial information from a long list of online banking sites, as well as login credentials to popular websites, ranging from code versioning repositories to public file storage accounts and domain registrars. The list of targeted sites includes "Cpanels, Plesk, online flight reservation systems, Microsoft Office 365, IBM Lotus Notes clients, Zimbra email, Bitbucket, Amazon, GoDaddy, Register, Namecheap, Dropbox, Softlayer, Rackspace, and other services," the researchers say in a blog post . The malware gets delivered to the victims' comp...

Google was in the news last week for a misleading claim that "with Location History off, the places you go are no longer stored," which is not true. Now, the search engine giant is once again in the news after a San Diego man has filed the first lawsuit against Google over this issue. Last week, the Associated Press investigation revealed that the search engine giant tracks movements of millions of iPhone and Android device users, even if they have disabled the "Location History" setting to prevent it. However, it turned out that to fully opt-out of having your location activities stored by Google, you also have to disable the 'Web and App Activity' control as well, about which the company has mentioned deep into its product documentation. In response to the AP investigation, Google defended itself by saying, "there are a number of different ways that Google may use location to improve people's experience," and that "we provide c...

Microsoft claims to have uncovered another new Russian hacking attempts targeting United States' Senate and conservative think tanks ahead of the 2018 midterm elections. The tech giant said Tuesday that the APT28 hacking group—also known as Strontium, Fancy Bear , Sofacy, Sednit, and Pawn Storm, which is believed to be tied to the Russian government—created at least six fake websites related to US Senate and conservative organizations to trick its visitors and hack into their computers. Three fake web domains were intended to look as if they belonged to the U.S. Senate, while one non-political website spoofed Microsoft's own online products. The two other phony websites were designed to mimic two U.S. conservative organizations: The Hudson Institute — a conservative Washington think tank hosting extended discussions on topics including cybersecurity, among other important activities. The International Republican Institute (IRI) — a nonprofit group that promotes ...

Well, there's something quite embarrassing for Apple fans. Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible. The teenager from Melbourne, Australia, managed to break into Apple servers and downloaded some 90GB of secure files, including extremely secure authorized keys used to grant login access to users, as well as access multiple user accounts. The teen told the authorities that he hacked Apple because he was a huge fan of the company and "dreamed of" working for the technology giant. What's more embarrassing? The teen, whose name is being withheld as he's still a minor, hacked the company's servers not once, but numerous times over the course of more than a year, and Apple's system administrators failed to stop their users' data from being stolen. When Apple finally noticed the intrusion, the company contacted the FBI, which took the help of the Australian Fede...