The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions. The vulnerability, identified as CVE-2019-12498, resides in the "WP Live Chat Support" that is currently being used by over 50,000 businesses to provide customer support and chat with visitors through their websites. Discovered by cybersecurity researchers at Alert Logic , the flaw originates because of an improper validation check for authentication that apparently could allow unauthenticated users to access restricted REST API endpoints. As described by researchers, a potential remote attacker can exploit exposed endpoints for malicious purposes, including: stealing the entire chat history for all chat sessions, modifying or deleting the chat history, injecting messages into an active chat session, posing as a custome...

Linux users, beware! If you haven't recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim. Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim —two most popular and powerful command-line text editing applications that come pre-installed with most Linux-based operating systems. On Linux systems, Vim editor allows users to create, view or edit any file, including text, programming scripts, and documents. Since Neovim is just an extended forked version of Vim, with better user experience, plugins and GUIs, the code execution vulnerability also resides in it. Code Execution Flaw in Vim and Neovim Razmjou discovered a flaw in the way Vim editor handles "modelines," a feature that's enabled-by-default to automatically find and apply a set of custom pref...

An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day exploits for unpatched Windows vulnerabilities. In the past year, the hacker has disclosed over half a dozen zero-day vulnerabilities in Windows OS without actually bothering to make Microsoft aware of the issues first. Just two weeks ago, the hacker disclosed four new Windows exploits , one of which was an exploit that could allow attackers to bypass a patched elevation of privilege vulnerability (CVE-2019-0841) in Windows that existed when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. Now, the hacker claims to have found a new way to bypass Microsoft security patch for the same vulnerability, allowing a specially crafted malicious application to escalate its ...

Security researchers have discovered an ongoing sophisticated botnet campaign that is currently brute-forcing more than 1.5 million publicly accessible Windows RDP servers on the Internet. Dubbed GoldBrute , the botnet scheme has been designed in a way to escalate gradually by adding every new cracked system to its network, forcing them to further find new available RDP servers and then brute force them. To fly under the radar of security tools and malware analysts, attackers behind this campaign command each infected machine to target millions of servers with a unique set of username and password combination so that a targeted server receives brute force attempts from different IP addresses. The campaign, discovered  by Renato Marinho at Morphus Labs, works as shown in the illustrated image, and its modus operandi has been explained in the following steps: Step 1 — After successfully brute-forcing an RDP server, the attacker installs a JAVA-based GoldBrute botnet malw...

The Information Technology industry has seen exponential growth over the years. It is essential for everyone to earn cybersecurity certification if you want to be a part of this growing industry. Organizations always prefer employees with strong internationally-recognized professional certifications. It proofs your skills, knowledge, and gives more credibility to advance your career. IT Certification training not only helps you cover new areas but also enables you to reinforce the skills you already have. There are a vast number of cybersecurity courses and training programs in the market, but CompTIA certifications are among the most trusted credentials in the IT industry. CompTIA certifications help you build a solid foundation of essentials knowledge and skills to stay ahead in an IT career. CompTIA is a global provider of IT Certifications that offers a wide range of popular certifications, such as A+, Network+, Cloud+, Linux+, and Security+ certifications. CompTI...

Are you using Komodo's Agama Wallet to store your KMD and BTC cryptocurrencies? Were your funds also unauthorisedly transferred overnight to a new address? If yes, don't worry, it's probably safe, and if you are lucky, you will get your funds back. Here's what exactly happened… Komodo, a cryptocurrency project and developer of Agama wallet, adopted a surprisingly unique way to protect its customers' funds. The company hacked its customers and unauthorisedly transferred nearly 8 million KMD and 96 Bitcoins from their cryptocurrency wallets to a new address owned by the company. Why? To secure funds of its customers from hackers. This may sound weird, but it's true. Komodo recently learned about a malicious open source, third-party JavaScript library that the company was using in its Agama Wallet app. The library, named "electron-native-notify," two months ago received a update from its anonymous author who included a secret backdoo...

Security researchers have discovered multiple critical vulnerabilities in a popular IPTV middleware platform that is currently being used by more than a thousand regional and international online media streaming services to manage their millions of subscribers. Discovered by security researchers at CheckPoint , the vulnerabilities reside in the administrative panel of Ministra TV platform, which if exploited, could allow attackers to bypass authentication and extract subscribers' database, including their financial details. Besides this, the flaws could also allow attackers to replace broadcast and steam any content of their choice on the TV screens of all affected customer networks. Ministra TV platform, previously known as Stalker Portal, is a software written in PHP that works as a middleware platform for media streaming services for managing Internet Protocol television (IPTV), video-on-demand (VOD) and over-the-top (OTT) content, licenses and their subscribers. Deve...