The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies. According to a report published by Palo Alto Networks' Unit 42 threat intelligence team, the purpose of these Docker images is to generate funds by deploying a cryptocurrency miner using Docker containers and leveraging the Docker Hub repository to distribute these images. "Docker containers provide a convenient way for packaging software, which is evident by its increasing adoption rate," Unit 42 researchers said . "This, combined with coin mining, makes it easy for a malicious actor to distribute their images to any machine that supports Docker and instantly starts using its compute resources towards cryptojacking." Docker is a well-known platform-as-a-servic...

GeoVision, a Taiwanese manufacturer of video surveillance systems and IP cameras, recently patched three of the four critical flaws impacting its card and fingerprint scanners that could've potentially allowed attackers to intercept network traffic and stage man-in-the-middle attacks. In a report shared exclusively with The Hacker News, enterprise security firm Acronis said it discovered the vulnerabilities last year following a routine security audit of a Singapore-based major retailer. "Malicious attackers can establish persistence on the network and spy on internal users, steal data — without ever getting detected," Acronis said. "They can reuse your fingerprint data to enter your home and/or personal devices, and photos can be easily reused by malicious actors to perpetrate identity theft based on biometric data." In all, the flaws affect at least 6 device families, with over 2,500 vulnerable devices discovered online across Brazil, US, Germany, Ta...

Unprecedented times call for unprecedented measures. No, we're not talking about 'coronavirus,' the current global pandemic because of which Apple—for the very first time in history—organized its Worldwide Developer Conference ( WWDC ) virtually. Here we're talking about a world in which we are all connected and constantly sharing data, also known as the new oil, with something called "privacy" for which we still have to fight on several fronts together. During WWDC 2020 on Monday, the world's most valuable company announced the next versions of its operating systems — iOS 14 for iPhones, iPadOS 14 for iPads, watchOS 7 for Apple Watches, and macOS Big Sur for MacBooks — with new features and enhancements. What's important is that the company also highlighted a few new security and privacy features that have been added to the upcoming iOS 14 and macOS Big Sur systems, categorically aiming to help users: better control which apps installed...

VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm. VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples, researchers rely on the rapid discovery and sharing provided by VirusTotal to keep their companies safe from attacks. VirusTotal relies on a continuous stream of new malware discoveries to protect its members from significant damage. Cynet , the creator of the autonomous breach protection platform, has now integrated its Cynet Detection Engine into VirusTotal. The benefits of this partnership are twofold. First, Cynet provides the VirusTotal partner network cutting-edge threat intelligence from its ML-based detection engine (CyAI) that actively protects the company's clients around th...

Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites. According to several independent reports from PerimeterX , Kaspersky , and Sansec , threat actors are now injecting data-stealing code on the compromised websites in combination with tracking code generated by Google Analytics for their own account, letting them exfiltrate payment information entered by users even in conditions where content security policies are enforced for maximum web security. "Attackers injected malicious code into sites, which collected all the data entered by users and then sent it via Analytics," Kaspersky said in a report published yesterday. "As a result, the attackers could access the stolen data in their Google Analytics account." The cybersecurity firm said it found about two dozen infected websites across Europe and North and South America that specialized in...

A group of hacktivists and transparency advocates has published a massive 269 GB of data allegedly stolen from more than 200 police departments, fusion centers, and other law enforcement agencies across the United States. Dubbed BlueLeaks , the exposed data leaked by the DDoSecrets group contains hundreds of thousands of sensitive documents from the past ten years with official and personal information. DDoSecrets, or Distributed Denial of Secrets , is a transparency collective similar to WikiLeaks, which publicly publishes data and classified information submitted by leakers and hackers while claiming the organization itself never gets involved in the exfiltration of data. According to the hacktivist group, BlueLeaks dump includes "police and FBI reports, bulletins, guides and more," which "provides unique insights into law enforcement and a wide array of government activities, including thousands of documents mentioning COVID19. As you can see in the screens...

Google recently removed 106 more extensions from its Chrome Web Store after they were found illegally collecting sensitive user data as part of a "massive global surveillance campaign" targeting oil and gas, finance, and healthcare sectors. Awake Security, which disclosed the findings late last week, said the malicious browser add-ons were tied back to a single internet domain registrar, GalComm. However, it's not immediately clear who is behind the spyware effort. "This campaign and the Chrome extensions involved performed operations such as taking screenshots of the victim device, loading malware, reading the clipboard, and actively harvesting tokens and user input," Awake Security said. The extensions in question posed as utilities offering capabilities to convert files from one format to the other, among other tools for secure browsing, while relying on thousands of fake reviews to trick unsuspecting users into installing them. Furthermore, the...