The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Twitter on Tuesday announced an expansion to its private information policy to include private media, effectively prohibiting the sharing of photos and videos without express permission from the individuals depicted in them with an aim to curb doxxing and harassment. "Beginning today, we will not allow the sharing of private media, such as images or videos of private individuals without their consent. Publishing people's private info is also prohibited under the policy, as is threatening or incentivizing others to do so," the company's Safety team  said  in a tweet. To that end, the policy also  discourages  users from sharing information such as sign-in credentials that would enable malicious actors to gain access to a person's sensitive information without their authorization. It also forbids users from seeking financial compensation in exchange for posting (or not posting) another individual's private information as part of blackmail schemes. As part o...

One of the harsh realities of cybersecurity today is that malicious actors and attackers don't distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the current security landscape requires constant attention, and sometimes a little support. XDR provider Cynet has built a new minisite ( find it here ) with the goal of giving these lean IT Security teams a space to find answers, share their wins and strategies, gain new insights, and have some fun in the process. The company refers to these lean teams and the people that make them up as Lean IT Security Heroes. These groups often work with fewer resources, but are always able to defend against massive threats through creativity, ingenuity, and hard work. This new Lean IT Security Heroes minisite offers a variety of activities and tools that are ideal for lean teams looking to enhance their defenses. Additionally, th...

Cybersecurity researchers on Tuesday disclosed eight-year-old security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks. The two weaknesses — collectively called  Printing Shellz  — were discovered and reported to HP by F-Secure Labs researchers Timo Hirvonen and Alexander Bolshev on April 29, 2021, prompting the PC maker to  issue   patches  earlier this month — CVE-2021-39237  (CVSS score: 7.1) - An information disclosure vulnerability impacting certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers. CVE-2021-39238  (CVSS score: 9.3) - A buffer overflow vulnerability impacting certain HP Enterprise LaserJet, HP LaserJet Managed, HP Enterprise PageWide, and HP PageWide Managed products. "The flaws are in the unit's ...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...

Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company  said  in a short statement published on November 26. Panasonic didn't reveal the exact nature of the data that was accessed, but TechCrunch  reported  that the breach began on June 22 and ended on November 3. The Osaka-based company said that immediately upon discovering the intrusion on November 11, it took steps to report the incident to the relevant authorities and that it implemented security countermeasures, including preventing external access to the network. Panasonic also noted it's currently working with an independent "specialist" organization to probe the extent of the leak and determine if the access ...

Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as  CVE-2021-24084  (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain unauthorized file system access and read arbitrary files. Security researcher Abdelhamid Naceri was credited with discovering and reporting the bug in October 2020, prompting Microsoft to address the issue as part of its February 2021 Patch Tuesday updates. But as  observed  by Naceri in June 2021, not only could the patch be bypassed to achieve the same objective, the researcher this month found that the incompletely patched vulnerability could also be  exploited  to gain administrator privileges and run malicious code on Windows 10 machines running the  late...

Government, diplomatic entities, military organizations, law firms, and financial institutions primarily located in the Middle East have been targeted as part of a stealthy malware campaign as early as 2019 by making use of malicious Microsoft Excel and Word documents. Russian cybersecurity company Kaspersky attributed the attacks with high confidence to a threat actor named WIRTE, adding the intrusions involved "MS Excel droppers that use hidden spreadsheets and VBA macros to drop their first stage implant," which is a Visual Basic Script (VBS) with functionality to amass system information and execute arbitrary code sent by the attackers on the infected machine. An analysis of the campaign as well as the toolset and methods employed by the adversary has also led the researchers to conclude with low confidence that the  WIRTE group  has connections to another politically motivated collective called the  Gaza Cybergang . The affected entities are spread across Armenia,...

Four different Android banking trojans were spread via the official Google Play Store between August and November 2021, resulting in more than 300,000 infections through various dropper apps that posed as seemingly harmless utility apps to take full control of the infected devices. Designed to deliver Anatsa (aka TeaBot), Alien, ERMAC, and Hydra, cybersecurity firm ThreatFabric  said  the malware campaigns are not only more refined, but also engineered to have a small malicious footprint, effectively ensuring that the payloads are installed only on smartphones devices from specific regions and preventing the malware from being downloaded during the publishing process . Once installed, these banking trojans can surreptitiously siphon user passwords and SMS-based two-factor authentication codes, keystrokes, screenshots, and even deplete users' bank accounts without their knowledge by using a tool called Automatic Transfer System ( ATSs ). The apps have since been removed fro...

North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat (APT) as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the infiltrations to a North Korean hacker group tracked as  ScarCruft , also known as  APT37 , Reaper Group, InkySquid, and Ricochet Chollima. "The actor utilized three types of malware with similar functionalities: versions implemented in PowerShell, Windows executables and Android applications," the company's Global Research and Analysis Team (GReAT)  said  in a new report published today. "Although intended for different platforms, they share a similar command and control scheme based on HTTP communication. Therefore, the malware operators can control the whole malware family through one set of command and control scripts." Likely active since at least 2012, ScarC...

Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation. "While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation," Google's Cybersecurity Action Team (CAT)  outlined  as part of its recent Threat Horizons report published last week. Of the 50 recently compromised GCP instances, 86% of them were used to conduct cryptocurrency mining, in some cases within 22 seconds of successful breach, while 10% of the instances were exploited to perform scans of other publicly accessible hosts on the Internet to identify vulnerable systems, and 8% of the instances were used to strike other entiti...