#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes

New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes

Aug 31, 2021
Details have emerged about a now-patched security vulnerability impacting Microsoft Exchange Server that could be weaponized by an unauthenticated attacker to modify server configurations, thus leading to the disclosure of Personally Identifiable Information (PII). The issue, tracked as  CVE-2021-33766  (CVSS score: 7.3) and coined " ProxyToken ," was discovered by Le Xuan Tuyen, a researcher at the Information Security Center of Vietnam Posts and Telecommunications Group (VNPT-ISC), and reported through the Zero-Day Initiative (ZDI) program in March 2021. "With this vulnerability, an unauthenticated attacker can perform configuration actions on mailboxes belonging to arbitrary users," the ZDI  said  Monday. "As an illustration of the impact, this can be used to copy all emails addressed to a target and account and forward them to an account controlled by the attacker." Microsoft addressed the issue as part of its  Patch Tuesday updates  for July 2021...
How Does MTA-STS Improve Your Email Security?

How Does MTA-STS Improve Your Email Security?

Aug 30, 2021
Simple Mail Transfer Protocol or SMTP has easily exploitable security loopholes. Email routing protocols were designed in a time when cryptographic technology was at a nascent stage (e.g., the de-facto protocol for email transfer, SMTP, is nearly 40 years old now), and therefore security was not an important consideration.  As a result, in most email systems encryption is still opportunistic, which implies that if the opposite connection does not support TLS, it gets rolled back to an unencrypted one delivering messages in plaintext.  To mitigate SMTP security problems,  MTA-STS  (Mail Transfer Agent Strict Transport Security) is the recommended email authentication standard. It enforces TLS in order to allow MTAs to send emails securely. This means that it will only allow mail from MTAs that support TLS encryption, and it will only allow mail to go to MX hosts that support TLS encryption. In case an encrypted connection cannot be negotiated between communicating...
Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses

Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses

Aug 29, 2021
Not all heroes wear capes. Cybersecurity professionals are digital warriors who use their knowledge and skill to battle malicious hackers.  Sounds like an exciting career, right?  If the comic-book comparisons aren't working for you, perhaps some figures will. According to ZipRecruiter, the average salary of a cybersecurity professional is just over $100,000 a year. The Complete 2021 CyberSecurity Super Bundle  can help you get started in this niche, with 24 courses working towards top certification exams.  If you went and bought these courses separately, you would pay a total of $7,080.  To bring the price down, The Hacker News has teamed up with iCollege to offer  all the training for just $69.99 . That is 99% off the full value! You don't need a college education to get a job in cybersecurity, but you do need to pass some exams.  This bundle gives you full prep for important tests, including CISSP, and CompTIA Security+, PenTest+, CySA+, and...
cyber security

Free Tool: Help Desk Verification Codes

websitePush SecurityThreat Detection / Identity Security
Get secure, rotating codes in employee browsers to verify their identity and stop Scattered Spider breaches.
Between Buzz and Reality: The CTEM Conversation We All Need

Between Buzz and Reality: The CTEM Conversation We All Need

Jun 24, 2025Threat Exposure Management
I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...
LockFile Ransomware Bypasses Protection Using Intermittent File Encryption

LockFile Ransomware Bypasses Protection Using Intermittent File Encryption

Aug 28, 2021
A new ransomware family that emerged last month comes with its own bag of tricks to bypass ransomware protection by leveraging a novel technique called "intermittent encryption." Called  LockFile , the operators of the ransomware have been found exploiting recently disclosed flaws such as  ProxyShell  and  PetitPotam  to compromise Windows servers and deploy file-encrypting malware that scrambles only every alternate 16 bytes of a file, thereby giving it the ability to evade ransomware defences. "Partial encryption is generally used by ransomware operators to speed up the encryption process and we've seen it implemented by BlackMatter, DarkSide and LockBit 2.0 ransomware," Mark Loman, Sophos director of engineering, said in a statement. "What sets LockFile apart is that, unlike the others, it doesn't encrypt the first few blocks. Instead, LockFile encrypts every other 16 bytes of a document." "This means that a file such as a text documen...
Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

Aug 28, 2021
Microsoft is warning of a widespread credential phishing campaign that leverages  open redirector links  in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software. "Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking," Microsoft 365 Defender Threat Intelligence Team  said  in a report published this week. "Doing so leads to a series of redirections — including a CAPTCHA verification page that adds a sense of legitimacy and attempts to evade some automated analysis systems — before taking the user to a fake sign-in page. This ultimately leads to credential compromise, which opens the user and their organization to other attacks." Although redirect links in email messages serve a vital tool to take recipients to third-party websites or track click rates and measure the success of sales and marketin...
Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years

Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years

Aug 27, 2021
Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years, as the U.S. government  partners  with private sector companies to address threats facing the country in the wake of a string of sophisticated malicious cyber activity targeting critical infrastructure, laying bare the risks to data, organizations, and governments worldwide. The White House cybersecurity meeting, which brought together executives from the education, energy, finance, insurance, and tech sectors, included companies like ADP, Amazon, Apple, Bank of America, Code.org, Girls Who Code, Google, IBM, JPMorgan Chase, Microsoft, and Vantage Group, among others. To that end, the U.S. government on Wednesday announced a collaboration between the National Institute of Standards and Technology (NIST) and industry partners to develop a new framework to improve the security and integrity of the technology supply chain, alongside plans to exp...
Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers

Aug 27, 2021
U.S. technology firm Kaseya has  released  security patches to address two zero-day vulnerabilities affecting its Unitrends enterprise backup and continuity solution that could result in privilege escalation and authenticated remote code execution. The two weaknesses are part of a  trio of vulnerabilities  discovered and reported by researchers at the Dutch Institute for Vulnerability Disclosure (DIVD) on July 3, 2021. The IT infrastructure management solution provider has addressed the issues in server software version 10.5.5-2 released on August 12, DIVD said. An as-yet-undisclosed client-side vulnerability in Kaseya Unitrends remains unpatched, but the company has published  firewall rules  that can be applied to filter traffic to and from the client and mitigate any risk associated with the flaw. As an additional precaution, it's  recommended  not to leave the servers accessible over the internet. Although specifics related to the vulnera...
Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers

Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers

Aug 27, 2021
Cloud infrastructure security company Wiz on Thursday revealed details of a now-fixed Azure Cosmos database vulnerability that could have been potentially exploited to grant any Azure user full admin access to other customers' database instances without any authorization. The flaw, which grants read, write, and delete privileges, has been dubbed " ChaosDB ," with Wiz researchers noting that "the vulnerability has a trivial exploit that doesn't require any previous access to the target environment, and impacts thousands of organizations, including numerous Fortune 500 companies." Cosmos DB is Microsoft's proprietary  NoSQL database  that's advertised as "a fully managed service" that "takes database administration off your hands with automatic management, updates and patching." The Wiz Research Team reported the issue to Microsoft on August 12, after which the Windows maker took steps to mitigate the issue within 48 hours of r...
The Increased Liability of Local In-home Propagation

The Increased Liability of Local In-home Propagation

Aug 26, 2021
Today I discuss an attack vector conducive to cross-organizational spread, in-home local propagation. Though often overlooked, this vector is especially relevant today, as many corporate employees remain working from home. In this post, I contrast in-home local propagation with traditional vectors through which a threat (ransomware in particular) spreads throughout an organization. I discuss the reasons this type of spread is problematic for employees and corporations alike. Finally, I offer simple solutions to mitigate the risk of such tactics.  Why Should IT and Security Stakeholders Care? Today's long cycle attacks are often reconnoitering the victim environment for weeks, if not months. In this time, the attacker gains a tremendous amount of knowledge about systems in the victim's footprint. This additional loiter time in the victim's environment, coupled with ad-hoc maintained work-from-home environments, presents both an  ingress avenue  for attacks into their n...
Expert Insights Articles Videos
Cybersecurity Resources