The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Multiple security vulnerabilities have been disclosed in Canonical's  Snap  software packaging and deployment system, the most critical of which can be exploited to escalate privilege to gain root privileges. Snaps are self-contained application packages that are designed to work on operating systems that use the Linux kernel and can be installed using a tool called snapd. Tracked as  CVE-2021-44731 , the issue concerns a privilege escalation flaw in the  snap-confine  function, a program used internally by snapd to construct the execution environment for snap applications. The shortcoming is rated 7.8 on the CVSS scoring system. "Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host," Bharat Jogi, director of vulnerability and threat research at Qualys,  said , adding the weakness could be abused to "obtain full root privileges on default installations of Ubuntu." Red Hat, in an ind...

A "potentially destructive actor" aligned with the government of Iran is actively exploiting the well-known  Log4j vulnerability  to infect unpatched VMware Horizon servers with ransomware. Cybersecurity firm SentinelOne dubbed the group " TunnelVision " owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker  Phosphorus  as well as Charming Kitten and Nemesis Kitten. "TunnelVision activities are characterized by wide-exploitation of 1-day vulnerabilities in target regions," SentinelOne researchers Amitai Ben Shushan Ehrlich and Yair Rigevsky  said  in a report, with the intrusions detected in the Middle East and the U.S. Also observed alongside Log4Shell is the exploitation of Fortinet FortiOS path traversal flaw ( CVE-2018-13379 ) and the Microsoft Exchange  ProxyShell  vulnerability to gain initial access into the target networks for post-exploitation. "Tunne...

These days, businesses all around the world have come to depend on cloud platforms for a variety of mission-critical workflows. They keep their CRM data in the cloud. They process their payrolls in the cloud. They even manage their HR processes through the cloud. And all of that means they're trusting the bulk of their privileged business data to those cloud providers, too. And while most major cloud providers do a decent job of keeping data secure, the majority of business users take an upload-it-and-forget-it approach to their data security needs. And that — needless to say — is dangerous. In reality, cloud providers can only protect a business's data if the business does its part by adhering to some cloud security best practices. And fortunately, they're not that complicated. Here are the four most important cloud security best practices businesses should build into their cloud operations right away. Never Skip Selection Due Diligence The first cloud security best p...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance (ESA) that could result in a denial-of-service (DoS) condition on an affected device. The weakness, assigned the identifier CVE-2022-20653 (CVSS score: 7.5), stems from a case of insufficient error handling in  DNS  name resolution that could be abused by an unauthenticated, remote attacker to send a specially crafted email message and cause a DoS. "A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition," the company  said  in an advisory. "Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition." The flaw impacts Cisco ESA devices running Cisco AsyncOS Software running vers...

Adobe on Thursday updated its advisory for an  actively exploited zero-day  affecting Adobe Commerce and Magento Open Source to patch a newly discovered flaw that could be weaponized to achieve arbitrary code execution. Tracked as  CVE-2022-24087 , the issue – like CVE-2022-24086 – is rated 9.8 on the CVSS vulnerability scoring system and relates to an " Improper Input Validation " bug that could result in the execution of malicious code. "We have discovered additional security protections necessary for CVE-2022-24086 and have released an update to address them (CVE-2022-24087)," the company  said  in a revised bulletin. "Adobe is not aware of any exploits in the wild for the issue addressed in this update (CVE-2022-24087)." As before, Adobe Commerce and Magento Open Source versions 2.4.3-p1 and earlier and 2.3.7-p2 and earlier are impacted by CVE-2022-24087, but it's worth noting that versions 2.3.0 to 2.3.3 are not vulnerable. "A new patc...

Google on Wednesday announced plans to bring its Privacy Sandbox initiatives to Android in a bid to expand its privacy-focused, but also less disruptive, advertising technology beyond the desktop web. To that end, the internet giant said it will work towards building solutions that prevent cross-app tracking à la Apple's App Tracking Transparency ( ATT ) framework, effectively limiting sharing of user data with third-parties as well as eliminating identifiers such as advertising IDs on mobile devices. "The Privacy Sandbox on Android builds on our existing efforts on the web, providing a clear path forward to improve user privacy without putting access to free content and services at risk," Anthony Chavez, vice president of product management for Android security and privacy,  said . Privacy Sandbox , launched in 2019, is Google's umbrella term for a set of technologies that will phase out third-party cookies and curb covert tracking, like  fingerprinting , by redu...

If you haven't heard of the  term , you will soon enough. SOC 2, meaning System and Organization Controls 2 , is an auditing procedure developed by the American Institute of CPAs (AICPA). Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. In other words, you have to show (e.g., document and demonstrate) that you are acting in good faith with other people's information. In its simplest definition, it's a report card from an auditor.  At Rewind, before SOC 2, we had some processes in place, such as change management procedures for when emergency fixes need to be released to production quickly. But after beginning our SOC 2 journey we realized that we did not have a great way to track the reasoning behind a required emergency change, and this was required for our SOC 2 audit. So we worked with our auditor to set up a continuous auditing system for these requests, p...

The practice of blurring out text using a method called pixelation may not be as secure as previously thought. While the most foolproof way of concealing sensitive textual information is to use opaque black bars, other redaction methods like pixelation can achieve the opposite effect, enabling the reversal of pixelized text back into its original form. Dan Petro, a lead researcher at offensive security firm Bishop Fox, has  demonstrated  a new open-source tool called  Unredacter  to reconstruct text from the pixelated images, effectively leaking the very information that was meant to be protected. The tool is also seen as an improvement over an existing utility named  Depix , which works by looking up what permutations of pixels could have resulted in certain pixelated blocks to recover the text. The threat model works on the underlying hypothesis that given a piece of text containing both redacted and un-redacted information, the attacker uses the infor...