The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

A number of security vulnerabilities have been disclosed in 42 Gears' SureMDM device management solution that could be weaponized by attackers to perform a supply chain compromise against affected organizations. Cybersecurity firm Immersive Labs, in a  technical write-up  detailing the findings, said that 42Gears released a series of updates between November 2021 and January 2022 to close out multiple flaws affecting both the platform's Linux agent and the web console. The India-based company's  SureMDM  is a cross-platform mobile device management service that allows enterprises to remotely monitor, manage, and secure a fleet of company-owned systems for dedicated-use and employee-owned devices. 42Gears  claims  that SureMDM is used by over 10,000 companies worldwide. The issues identified in the web dashboard are also of critical in nature, potentially allowing an attacker to gain code execution over individual devices, desktops, or servers. Further...

Samba has issued  software updates  to address multiple security vulnerabilities that, if successfully exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations. Chief among them is  CVE-2021-44142 , which  impacts  all versions of Samba before 4.13.17 and concerns an  out-of-bounds  heap read/write vulnerability in the VFS module " vfs_fruit " that provides compatibility with Apple SMB clients. Samba  is a popular freeware implementation of the Server Message Block (SMB) protocol that allows users to access files, printers, and other commonly shared resources over a network. "All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit," the maintainers said in an advisory published on January 31. According to ...

With just about everything delivered from the cloud these days, employees can now collaborate and access what they need from anywhere and on any device. While this newfound flexibility has changed the way we think about productivity, it has also created new cybersecurity challenges for organizations. Historically, enterprise data was stored inside data centers and guarded by perimeter-based security tools. But with users using endpoints and networks your IT teams don't manage, this approach has become antiquated. To combat this new reality, organizations have turned to tactics such as relying on device management and antivirus software, as well as single sign-on and multi-factor authentication. Some vendors have even begun to claim these measures as a form of  Zero Trust , a popular idea where organizations should not trust any entity and provide access to its applications and data until its risk levels are verified. In this blog, I will break down what is and what isn't Zero T...

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the convenience of SaaS extends to resilience. It doesn't. These platforms weren't built with full-scale data protection in mind . Most follow a shared responsibility model — wherein the provider ensures uptime and application security, but the data inside is your responsibility. In a world of hybrid architectures, global teams, and relentless cyber threats, that responsibility is harder than ever to manage. Modern organizations are being stretched across: Hybrid and multi-cloud environments with decentralized data sprawl Complex integration layers between IaaS, SaaS, and legacy systems Expanding regulatory pressure with steeper penalties for noncompliance Escalating ransomware threats and inside...

Researchers have demonstrated a new type of fingerprinting technique that exploits a machine's graphics processing unit (GPU) as a means to persistently track users across the web. Dubbed  DrawnApart , the method "identifies a device from the unique properties of its GPU stack," researchers from Australia, France, and Israel said in a new paper, adding "variations in speed among the multiple execution units that comprise a GPU can serve as a reliable and robust device signature, which can be collected using unprivileged JavaScript." A device fingerprint or machine fingerprint is information that is collected about the hardware, installed software, as well as the web browser and its associated add-ons from a remote computing device for the purpose of unique identification. Fingerprints can be a double-edged sword. On the one hand, a fingerprint algorithm may allow a service provider (e.g., bank) to detect and prevent identity theft and credit card fraud. But ...

A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user's personal data — i.e., IP address — to Google via the search giant's Fonts library without the individual's consent. The unauthorized disclosure of the plaintiff's IP address by the unnamed website to Google constitutes a contravention of the user's privacy rights, the court said, adding the website operator could theoretically combine the gathered information with other third-party data to identify the "persons behind the IP address." The violation amounts to the "plaintiff's loss of control over a personal data to Google," the ruling  issued by Landgericht München's third civil chamber in Munich read. Google Fonts is a  font embedding service  library from Google, allowing developers to add fonts to their Android apps and websites simply by referencing a stylesheet. As of January 2022, Google Fonts is a repos...

A group of academics at South Korea's Gwangju Institute of Science and Technology (GIST) have utilized natural silk fibers from domesticated silkworms to build an environmentally friendly digital security system that they say is "practically unbreachable." "The first natural physical unclonable function (PUF) […] takes advantage of the diffraction of light through natural microholes in native silk to create a secure and unique digital key for future security solutions," the researchers said . Physical unclonable functions or  PUFs  refer to devices that leverage inherent randomness and microscopic differences in electronics introduced during manufacturing to generate a unique identifier (e.g., cryptographic keys) for a given set of inputs and conditions. In other words, PUFs are non-algorithmic one-way functions derived from uncopiable elements to create unbreakable identifiers for strong authentication. Over the years, PUFs have been widely used in smartca...

Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues. By exploiting a chain of security issues with iCloud Sharing and Safari 15, it enables the attacker to hijack the multimedia permission and gain "full access to every website ever visited by the victim" in Safari, including Gmail, iCloud, Facebook, and PayPal accounts. The  issues  specifically concern ShareBear, an iCloud file-sharing mechanism that prompts users upon attempting to open a shared document for the first time. Taking advantage of the fact that users are never displayed the prompt again once they accept to open the file, Pickren found that it's possible to alter the file's content to...

An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb ( DDW ) clearnet website, nearly a year after the individual pleaded guilty to the charges. Tal Prihar, 37, an Israeli citizen residing in Brazil, is said to have played the role of an administrator of DDW since the website became functional in October 2013. He  pleaded guilty  to money laundering charges in March 2021 and agreed to forfeit the illegally amassed profits. DDW, until its seizure in May 2019, ostensibly  served  as a "news" website that connected internet users with underground marketplaces on the dark web that operate via darknets such as Tor, enabling the purchase of illegal firearms, malware and hacking tools, stolen financial data, heroin, fentanyl, and other illicit materials. Prihar, acting in cohorts with co-defendant Michael Phan, 34, of Israel, provided direct links to illegal marketplaces and in return for advertising these links, reaped s...