The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Phishing incidents are on the rise. A report from IBM shows that phishing was the most popular attack vector in 2021, resulting in one in five employees falling victim to phishing hacking techniques. The Need for Security Awareness Training  Although technical solutions protect against phishing threats, no solution is 100% effective . Consequently, companies have no choice but to involve their employees in the fight against hackers. This is where security awareness training comes into play.  Security awareness training gives companies the confidence that their employees will execute the right response when they discover a phishing message in their inbox. As the saying goes, "knowledge is power," but the effectiveness of knowledge depends heavily on how it is delivered. When it comes to phishing attacks, simulations are among the most effective forms of training because the events in training simulations directly mimic how an employee would react in the event of an actu...

Cisco on Wednesday rolled out patches to address eight security vulnerabilities , three of which could be weaponized by an unauthenticated attacker to gain remote code execution (RCE) or cause a denial-of-service (DoS) condition on affected devices. The most critical of the flaws impact Cisco Small Business RV160, RV260, RV340, and RV345 Series routers. Tracked as CVE-2022-20842 (CVSS score: 9.8), the weakness stems from an insufficient validation of user-supplied input to the web-based management interface of the appliances. "An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device," Cisco said in an advisory. "A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition." A second shortcoming relates to a command injection vulnerability residing in the routers' web filter database update featur...

A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in an hour's time. The algorithm in question is SIKE — short for Supersingular Isogeny Key Encapsulation — which made it to the  fourth round  of the Post-Quantum Cryptography (PQC) standardization process initiated by the U.S. Department of Commerce's National Institute of Standards and Technology (NIST). "Ran on a single core, the appended  Magma   code  breaks the Microsoft  SIKE challenges  $IKEp182 and $IKEp217 in about 4 minutes and 6 minutes, respectively," KU Leuven researchers Wouter Castryck and Thomas Decru  said  in a new paper. "A run on the SIKEp434 parameters, previously believed to meet NIST's quantum security level 1, took about 62 minutes, again on a single core." The code was executed on an Intel  Xeon CPU E5-2630v2 ...

Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering attack. Other most impersonated legitimate apps by icon include 7-Zip, TeamViewer, CCleaner, Microsoft Edge, Steam, Zoom, and WhatsApp, an analysis from VirusTotal has revealed. "One of the simplest social engineering tricks we've seen involves making a malware sample seem a legitimate program," VirusTotal  said  in a Tuesday report. "The icon of these programs is a critical feature used to convince victims that these programs are legitimate." It's no surprise that threat actors resort to a variety of approaches to compromise endpoints by tricking unwitting users into downloading and running seemingly innocuous executables. This, in turn, is primarily achieved by taking advantage of genuine domains in a bid to get around IP-based firewall defenses...

The only threat more persistent to organizations than cyber criminals? The cyber security skills crisis.  Nearly  60% of enterprises  can't find the staff to protect their data (and reputations!) from new and emerging breeds of cyber-attacks, reports the Information Systems Security Association (ISSA) in its 5th annual global industry study.  The result?  Heavier workloads, unfilled positions, and burnout.  And technology  isn't  easing the burden in many organizations, especially smaller ones. In fact, it's making the problem worse, suggests  Cynet's recent CISO survey . Big Tech Pushes Small Teams to the Limits Tech stacks normally supercharge cyber security teams, but in the case of crews of five or fewer — it just leads to overwhelm. For example, it took them an average of 18 months to fully implement and feel proficient in endpoint detection and response (EDR) tools — making the technology yet another barrier to cyber security for ...

A new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts. "It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing multi-factor authentication," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu  said  in a Tuesday report. "The campaign is specifically designed to reach end users in enterprises that use Microsoft's email services." Prominent targets include fintech, lending, insurance, energy, manufacturing, and federal credit union verticals located in the U.S., U.K., New Zealand, and Australia. This is not the first time such a phishing attack has come to light. Last month, Microsoft  disclosed  that over 10,000 organizations had been targeted since September 2021 by means of AitM techniques to breach accounts secured with multi-factor authentication (MFA). The ongoing campaign, effective June 2022,...

Virtualization services provider VMware on Tuesday shipped updates to  address 10 security flaws  affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions. The issues, tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 - 9.8), impact VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager Connector, vRealize Automation, Cloud Foundation, and vRealize Suite Lifecycle Manager. The most severe of the flaws is CVE-2022-31656 (CVSS score: 9.8), an authentication bypass vulnerability affecting local domain users that could be leveraged by a bad actor with network access to obtain administrative rights. Also resolved by VMware are three remote code execution vulnerabilities (CVE-2022-31658, CVE-2022-31659, and CVE-2022-31665) related to JDBC and SQL injection that could be weaponized by an adversary with administrator and network access. Elsewhere, it has also remediated...