The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Security researchers from Russian Internet giant Yandex have discovered a new piece of malware that is being used to target Linux and FreeBSD web servers in order to make them a part of the wide botnet, even without the need of any root privileges. Researchers dubbed the malware as Mayhem, a nasty malware modular that includes a number of payloads to cause malicious things and targets to infect only those machines which are not updated with security patches or less likely to run security software. So far, researchers have found over 1,400 Linux and FreeBSD servers around the world that have compromised by the malware , with potentially thousands more to come. Most of the compromised machines are located in the USA, Russia, Germany and Canada. Three security experts, Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov , who work at Russia-based Internet portal Yandex, discovered the malware targeting *nix servers . They were able to trace transmissions from th...

A French information security company VUPEN has recently disclosed that it held onto a serious Internet Explorer (IE) vulnerability for at least three years before revealing it at the Pwn2Own hacker competition held in March this year. The critical zero-day vulnerability affected versions 8, 9, 10 and 11 of Internet Explorer browser that allowed attackers to remotely bypass the IE Protected Mode sandbox. An attacker can exploit this issue to gain elevated privileges. VULNERABILITY DISCLOSURE TIMELINE According to a disclosure made by the security company last week, the vulnerability with ID  CVE-2014-2777  was discovered by the company on 12 February 2011, which was  patched by Microsoft  last month. 12 February 2011 - IE Zero-day discovered by Vupen. 13 March 2014 - Vupen reported to Microsoft. 11 June 2014 - Microsoft Released patch and publicly released the advisory . Sandbox is security mechanism used to run an application in a restricted environme...

The users of WordPress, a free and open source blogging tool as well as content management system (CMS), that have a popular unpatched wordPress plugin installed are being cautioned to upgrade their sites immediately. A serious vulnerability in the WordPress plugin, MailPoet , could essentially allows an attacker to inject any file including malware, defacements and spam, whatever they wanted on the server and that too without any authentication. MailPoet, formerly known as Wysija Newsletter , is a WordPress plugin with more than 1.7 million downloads that allows developers running WordPress to send newsletters and manage subscribers within the content management system. In a blog post, the security researcher and CEO of the security firm Sucuri , Daniel Cid, pointed out the vulnerability to be serious and said that within three weeks since the vulnerability unveiled, over 50,000 websites have been remotely exploited by the cybercriminals to install backdoors targeting the vulner...

The critical zero-day security flaws, discovered in the privacy and security dedicated Linux-based Tails operating system by the researcher at Exodus Intelligence that could help attackers or law enforcements to de-anonymize anyone's identity, actually lie in the I2P software that's bundled with the Operating System. Exodus Intelligence has released some details and a video evidence that demonstrate an exploit against the found vulnerability unmasking an anonymous user of the Tails operating system. The researchers at Exodus claims they can use the vulnerability to upload malicious code to a system running Tails, execute the payload remotely, and de-anonymize the targeted users' public IP address as well. Tails is a security-focused Debian-based Linux distribution and a suite of applications that can be carried on a USB stick, an SD card or a DVD. It keeps users' communications private by running all connectivity through Tor , the network that routes traffic through ...

The critical zero-day security flaws has been discovered in the privacy and security dedicated Linux-based operating system " Tails " that could be used by an attacker to unmask your identity. Tails, which is been used and recommended by the global surveillance whistleblower Edward Snowden to remain Anonymous, has a suite of privacy applications and designed to keep users' communications private by running all connectivity through Tor , the network that routes traffic through various layers of servers and encrypts data. But unfortunately, the highly secured OS has several critical zero-day vulnerabilities that could help attackers or law enforcements to de-anonymize anyone and allows to perform remote code execution , according to a researcher at Exodus Intelligence who uncovered the flaws but didn't publish the details about it. The Texas-based security firm, Exodus Intelligence , tweeted on Monday that it had found several remote code execution vulnerabilities i...

The allegations from a data forensic expert and security researcher that iOS contains a " backdoor " permitting third parties to potentially gain access to large amount of users' personal data instigated Apple to give a strong response. The company has completely denied to the claims published over the weekend by Jonathan Zdziarski, a forensic scientist and iOS security expert. The researcher, better identified as the hacker moniker " NerveGas ", detailed a number of undocumented features in a paper presentation titled, " Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices " showing his findings, from his talk at the Hackers On Planet Earth (HOPE X) conference held in New York on Friday. ALLEGATIONS ON APPLE The issue, what he explained in his finding, arises from the way Apple encrypts or fails to encrypt data from the iPhone's native apps, leaving over 600 million personal iOS devices vulnerable to third parties. ...

Mozilla has officially released its latest build Firefox 31 for all supported platforms, addressing 11 vulnerabilities in total, three of which are marked critical that could have been exploited by hackers to mount remote code execution attacks. Mozilla Firefox recommends its users to install the security update as soon as possible, warning that the three critical vulnerabilities discovered in its browser could be exploited by attackers and leverage them to " run attacker code and install software, requiring no user interaction beyond normal browsing ". CRITICAL VULNERABILITIES The three major vulnerabilities are as follows: MFSA 2014-62 - This is one of the three critical vulnerabilities reported by Patrick Cozzi and get fixed in the newer version of the browser. The vulnerability allows the exploitation of a WebGL crash with Cesium JavaScript library. Much details about the flaw are not known at the time, but Mozilla notes that the flaw cannot be exploi...