The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

As 5G networks are being gradually rolled out in major cities across the world, an analysis of its network architecture has revealed a number of potential weaknesses that could be exploited to carry out a slew of cyber assaults, including denial-of-service (DoS) attacks to deprive subscribers of Internet access and intercept data traffic. The findings form the basis of a new " 5G Standalone core security research " published by London-based cybersecurity firm Positive Technologies today, exactly six months after the company released its " Vulnerabilities in LTE and 5G Networks 2020 " report in June detailing high impact flaws in LTE and 5G protocols. "Key elements of network security include proper configuration of equipment, as well as authentication and authorization of network elements," Positive Technologies said. "In the absence of these elements, the network becomes vulnerable [to] subscriber denial of service due to exploitation of vulnera...

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet, it can also help web development by enhancing UX through reverse geocoding. Not to mention auto-completing forms to make the likes of checking-out easier. This article examines Geocode API, the premier provider of geocoding services. Read on to learn what the API offers, how it works, and what sets it apart. You'll discover how its free plan grants you access to 350.000 monthly requests! What is Geocoding? Geocoding describes  how to turn a location name or description and convert them into detailed coordinates. It also offers this service in reverse, i.e., convert coordinates into location information. Results can include: GPS coordinates Full address information Accuracy and ...

Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was  exploited to insert malware  and breach public and private entities in a wide-ranging espionage campaign. In a new update posted to its  advisory  page, the company urged its customers to update Orion Platform to version 2020.2.1 HF 2 immediately to secure their environments. The malware, dubbed SUNBURST (aka Solorigate), affects Orion app versions 2019.4 through 2020.2.1, released between March 2020 and June 2020. "Based on our investigation, we are not aware that this vulnerability affects other versions—including future versions—of Orion Platform products," the company said. "We have scanned the code of all our software products for markers similar to those used in the attack on our Orion Platform products identified above, and we have found no evidence that other versions of our Orion Platform products or ou...

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called " Gitpaste-12 ," which used GitHub to host malicious code containing as many as 12 known attack modules that are executed via commands downloaded from a Pastebin URL. The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020. Now according to Juniper, the  second wave of attacks  began on November 10 using payloads from a different GitHub repository, which, among others, contains a Linux crypto-miner ("ls"), a file with a list of passwords for brute-force attempts ("pass"), and a local privilege escalation exploit for x86_64 Linux systems. Th...

SolarWinds, the enterprise monitoring software provider which found itself at the epicenter of the most  consequential supply chain attacks , said as many as 18,000 of its high-profile customers might have installed a tainted version of its Orion products. The acknowledgment comes as part of a new filing made by the company to the US Securities and Exchange Commission on Monday. The Texas-based company serves more than 300,000 customers worldwide, including every branch of the US military and four-fifths of the Fortune 500 companies. The "incident was likely the result of a highly sophisticated, targeted and manual supply chain attack by an outside nation state," SolarWinds said in the  regulatory disclosure , adding it "currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000." The company also reiterated in its  security advisory  that besides 2019.4 HF...

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed " AIR-FI ," the attack hinges on deploying a specially designed malware in a compromised system that exploits "DDR SDRAM buses to generate electromagnetic emissions in the 2.4 GHz Wi-Fi bands" and transmitting information atop these frequencies that can then be intercepted and decoded by nearby Wi-Fi capable devices such as smartphones, laptops, and IoT devices before sending the data to remote servers controlled by an attacker. The findings were published today in a paper titled "AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers" by Dr. Mordechai Guri , the head of R&D at Ben-Gurion University of the Negev's Cyber-Security Research Center, Israel. "The AI...

Cybersecurity firms Sophos and ReversingLabs on Monday jointly released the first-ever production-scale malware research dataset to be made available to the general public that aims to build effective defenses and drive industry-wide improvements in security detection and response. " SoReL-20M " (short for  So phos- Re versing L abs –  20   M illion), as it's called, is a dataset containing metadata, labels, and features for 20 million Windows Portable Executable (.PE) files, including 10 million disarmed malware samples, with the goal of devising machine-learning approaches for better malware detection capabilities. "Open knowledge and understanding about cyber threats also leads to more predictive cybersecurity," Sophos AI group said. "Defenders will be able to anticipate what attackers are doing and be better prepared for their next move." Accompanying the release are a set of  PyTorch  and  LightGBM -based machine learning  models pre-trained...

State-sponsored actors allegedly working for Russia have  targeted  the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA), and other government agencies to  monitor internal email traffic  as part of a widespread cyberespionage campaign. The Washington Post, citing unnamed sources, said the latest attacks were the work of APT29 or Cozy Bear, the same hacking group that's believed to have orchestrated a breach of US-based cybersecurity firm  FireEye  a few days ago leading to the theft of its Red Team penetration testing tools. The motive and the full scope of what intelligence was compromised remains unclear, but signs are that adversaries tampered with a software update released by Texas-based IT infrastructure provider SolarWinds earlier this year to infiltrate the systems of government agencies as well as FireEye and mount a highly-sophisticated  supply chain attack . "The compromise of Sol...