The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

It's April 2020 Patch Tuesday , and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely. Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 new security vulnerabilities, 17 of which are critical and 96 rated important in severity. Patches for 4 Zero-Days Exploited In the Wild Most importantly, two of the security flaws have been reported as being publicly known at the time of release, and the 3 are being actively exploited in the wild by hackers. One of the publicly disclosed flaws, which was also exploited as zero-day, resides in the Adobe Font Manager Library used by Windows, the existence of which Microsoft revealed last month within an early security warning for its millions of users. Tracked as CVE-2020-10...

Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed ' SafeBIOS Events & Indicators of Attack ' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. BIOS (Basic Input Output System) is a small but highly-privileged program that handles critical operations and starts your computer before handing it over to your operating system. Protecting the BIOS program is crucial because: Changes to the system BIOS settings could allow malicious software to run during the boot process, Once a hacker takes over the BIOS, he can stealthily control the targeted computer and gain access to the data stored on it, Malware in BIOS remains persistent and doesn't get away even when you format or...

As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals—with no conscience and empathy—are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers. The new research, published by Palo Alto Networks and shared with The Hacker News, confirmed that "the threat actors who profit from cybercrime will go to any extent, including targeting organizations that are in the front lines and responding to the pandemic on a daily basis." While the security firm didn't name the latest victims, it said a Canadian government healthcare organization and a Canadian medical research university both suffered ransomware attacks, as criminal groups seek to exploit the crisis for financial gain. The attacks were detected between March 24 and March 26 and were initiated as part of the coronavirus-themed phishing campaigns that have become widespr...

The Coronavirus quarantine introduces an extreme challenge for IT and Security teams to maintain secure environments during the mass transition of employees working remotely and the surge in cyberattacks targeting its inherent security weaknesses. In a webinar for security service providers taking place on April 22nd ( register here ), a leading MSSP will share how they conquer and overcome the coronavirus quarantine challenges to grow their customer base. The webinar sheds light on the opportunities and challenges this new reality introduces to MSSPs from the perspective of a leading Canadian MSSP. While it might sound strange to discuss the opportunities Coronavirus brings, especially with the changes it imposes on the IT environment, but it does bring a shift in priorities. It turns out that cyber threats that were normally considered a reasonable risk to contain, suddenly become regarded as a critical need to address. Thus, organizations that did not have advanced threat...

Tech giants Apple and Google have joined forces to develop an interoperable contact-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19. As part of this new initiative, the companies are expected to release an API that public agencies can integrate into their apps. The next iteration will be a built-in system-level platform that uses Bluetooth low energy (BLE) beacons to allow for contact tracing on an opt-in basis. The APIs are expected to be available mid-May for Android and iOS, with the broader contact tracing system set to roll out "in the coming months." "Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders," the companies said. The rare collaboration comes as governments worldwide are increasingly turning to technology such as phone tracking and facial recognition to ...

In our previous stories, you might have already read about various campaigns warning how threat actors are capitalizing on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money. Unfortunately, to some extent, it's working, and that's because the attack surface is changing and expanding rapidly as many organizations and business tasks are going digital without much preparation, exposing themselves to more potential threats. Most of the recent cyberattacks are primarily exploiting the fears around the COVID-19 outbreak—fueled by disinformation and fake news—to distribute malware via Google Play apps , malicious links and attachments, and execute ransomware attacks. Here, we took a look at some of the wide range of unseen threats rising in the digital space, powered by coronavirus-themed lures that cybercriminals are using for espionage and commercial gain. The latest development adds to a l...

Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage ' distributed denial-of-service ' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services. The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as routers (from Dasan Zhone, Dlink, and ASUS), video recorders, and thermal cameras, to co-opt them into the botnet. So far, dark_nexus comprises at least 1,372 bots, acting as a reverse proxy, spanning across various locations in China, South Korea, Thailand, Brazil, and Russia. "While it might share some features with previously known IoT botnets, the way some of its modules have been developed makes it significantly more potent and robust," the researchers said . "For example, payloads are compiled for 12 different CPU architectures and dynamically deliver...