Search results for new-found | Breaking Cybersecurity News | The Hacker News

Preview : Web App Hacker's Handbook 2nd Edition ! The first draft of the new edition of WAHH is now completed, and the lengthy editing and production process is underway. Just to whet everyone's appetite, I'm posting below an exclusive extract from the Introduction, describing what has changed in the second edition. (And in a vain attempt to quell the tidal wave of questions: the book will be published in October; there won't be any more extracts; we don't need any proof readers, thanks.) What's Changed in the Second Edition? In the four years since the first edition of this book was published, much has changed and much has stayed the same. The march of new technology has, of course, continued apace, and this has given rise to specific new vulnerabilities and attacks. The ingenuity of hackers has also led to the development of new attack techniques, and new ways of exploiting old bugs. But neither of these factors, technological or human, has created a rev...

The same team of cybersecurity researchers who discovered several severe vulnerabilities, collectively dubbed as Dragonblood , in the newly launched WPA3 WiFi security standard few months ago has now uncovered two more flaws that could allow attackers to hack WiFi passwords . WPA, or WiFi Protected Access, is a WiFi security standard that has been designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and intended to prevent hackers from eavesdropping on your wireless data. The WiFi Protected Access III (WPA3) protocol was launched a year ago in an attempt to address technical shortcomings of the WPA2 protocol from the ground, which has long been considered to be insecure and found vulnerable to more severe KRACK attacks . WPA3 relies on a more secure handshake, called SAE (Simultaneous Authentication of Equals), which is also known as Dragonfly, that aims to protect WiFi networks against offline dictionary attacks. However, in less ...

Even after being aware of various active cyber attacks against the GPON Wi-Fi routers, if you haven't yet taken them off the Internet, then be careful—because a new botnet has joined the GPON party, which is exploiting an undisclosed zero-day vulnerability in the wild. Security researchers from Qihoo 360 Netlab have warned of at least one botnet operator exploiting a new zero-day vulnerability in the Gigabit-capable Passive Optical Network (GPON) routers, manufactured by South Korea-based DASAN Zhone Solutions. The botnet, dubbed TheMoon, which was first seen in 2014 and has added at least 6 IoT device exploits to its successor versions since 2017, now exploits a newly undisclosed zero-day flaw for Dasan GPON routers. Netlab researchers successfully tested the new attack payload on two different versions of GPON home router, though they didn't disclose details of the payload or release any further details of the new zero-day vulnerability to prevent more attacks. Th...

Last year saw a record-setting number of new threats appear online. In particular, criminals managed to create one-third of all viruses ever seen, 34% of all malware in existence, and 40% of all known fake AV. Those findings come from a study released Wednesday by PandaLabs, the malware research arm of antivirus vendor Panda Security. The firm said it had analyzed 99.4% of the 134 million unique files its systems automatically collected in 2010. Of those files, 60 million were malware -- viruses, worms, Trojans, and other threats. The report also found that the volume of new malware created -- about 20 million new strains -- remained roughly constant from 2009 to 2010, while the number of new threats overall increased. Between the beginning and end of 2010, according to PandaLabs, "the average number of new threats created every day has risen from 55,000 to 63,000." While names such as Zeus and Bredolab continue to make headlines -- since they're behind many attacks --...

Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible, is taken. While many have anecdotally suggested ways in which Covid-19 related cyberattacks would unfold, we have little data supporting the actual impact of Covid-19 on cybersecurity. Several have reported that the number of malicious emails with the subject related to Covid-19 has grown several hundred percent and that the majority of Covid-19 related emails are now malicious. Beyond the anticipated increase in Covid-19 related malicious emails, videos, and an array of downloadable files, which we all anticipated, what else is going on behind the scenes? Interestingly, cybersecurity ...

What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third-party risk. And, this growing attack surface, much of which is unknown or unmanaged in most orgs, has become an attractive target for attackers. So, why should you prioritize securing your SaaS attack surface in 2025? Here are 4 reasons. ‍ 1. Modern work runs on SaaS. When's the last time you used something other than a cloud-based app to do your work? Can't remember? You're not alone.  Outside of ...

It's been close to five years since we last looked at Incapsula , a security-focused CDN service known for its DDoS mitigation and web application security features. As one would expect, during these five years the company has expanded and improved, introducing lots of new features and even several new products. Most recently, Incapsula underwent an extensive network expansion that includes new PoPs in Asia including two new data centers in New Delhi and Mumbai. This seems like an excellent opportunity to revisit the service and see how it has evolved. Acquisition, Award and Growth Before we jump into Incapsula's service upgrades, we want to mention the changes in the company itself briefly. The most notable of those is Incapsula's 2014 acquisition by Imperva—an authority in web application security and a four-time Gartner Magic Quadrant leader for web application firewalls. The acquisition boosted Incapsula's security capabilities, resulting in its own cloud...

In-short conclusion—Whatsapp service or its 45-days deletion policy doesn't seem to have a bug. For detailed logical explanation, please read below. An Amazon employee earlier today tweeted details about an incident that many suggest could be a sign of a huge privacy bug in the most popular end-to-end encrypted Whatsapp messaging app that could expose some of your secret messages under certain circumstances. According to Abby Fuller, she found some mysterious messages on WhatsApp, notably not associated with her contacts, immediately after she created a new account with the messaging app on her brand new phone using a new number for the very first time. Fuller believes that the mysteriously appeared content on her new account was the message history associated with the WhatsApp account of the previous owner of the same SIM/mobile number, which WhatsApp pushed to her phone. Since for WhatsApp, your phone number is your username and password is the OTP it sends to that n...

This week, cyber attackers are moving quickly, and businesses need to stay alert. They're finding new weaknesses in popular software and coming up with clever ways to get around security. Even one unpatched flaw could let attackers in, leading to data theft or even taking control of your systems. The clock is ticking—if defenses aren't updated regularly, it could lead to serious damage. The message is clear: don't wait for an attack to happen. Take action now to protect your business. Here's a look at some of the biggest stories in cybersecurity this week: from new flaws in WinRAR and NVIDIA Triton to advanced attack techniques you should know about. Let's get into the details. ⚡ Threat of the Week Trend Micro Warns of Actively Exploited 0-Day — Trend Micro has released temporary mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The vulnerabilities (CVE-2025-54948 and CVE-2025-54987),...

Hacker himself got hacked. It turns out that most samples of the LokiBot malware being distributed in the wild are modified versions of the original sample, a security researcher has learned. Targeting users since 2015, LokiBot is a password and cryptocoin-wallet stealer that can harvest credentials from a variety of popular web browsers, FTP, poker and email clients, as well as IT administration tools such as PuTTY. The original LokiBot malware was developed and sold by online alias "lokistov," a.k.a. "Carter," on multiple underground hacking forums for up to $300, but later some other hackers on the dark web also started selling same malware for a lesser price (as low as $80). It was believed that the source code for LokiBot was leaked which might have allowed others to compile their own versions of the stealer. However, a researcher who goes by alias " d00rt " on Twitter found that someone made little changes (patching) in the original Lok...

Face to Face with Duqu malware Once again we discuss about Stuxnet, cyber weapons and of the malware that appears derivate from the dangerous virus. The international scientific community has defined a Stuxnet deadly weapon because been designed with a detailed analysis of final target environment supported by a meticulous intelligence work that for the first time in history has embraced the world of information technology. The agent was designed with the intent to strike the Iranian nuclear program and even more clear is who has always opposed such a program, U.S. and Israel first, and consider also the technology skill necessary to develope a weapon with the observed architecture is really high. Extremely important two factors af the event: 1. the choose of control systems as target of the malware. 2. the conception of the virus as an open project, a modular system for which it was designed a development platform used to assemble the deadly cyber weapons in relation to the final...

Remember the ' Olympic Destroyer ' cyber attack? The group behind it is still alive, kicking and has now been found targeting biological and chemical threat prevention laboratories in Europe and Ukraine, and a few financial organisation in Russia. Earlier this year, an unknown group of notorious hackers targeted Winter Olympic Games 2018 , held in South Korea, using a destructive malware that purposely planted sophisticated false flags to trick researchers into mis-attributing the campaign. Unfortunately, the destructive malware was successful to some extent, at least for a next few days, as immediately after the attack various security researchers postmortem the Olympic Destroyer malware and started attributing the attack to different nation-state hacking groups from North Korea, Russia, and China. Later researchers from Russian antivirus vendor Kaspersky Labs uncovered more details about the attack, including the evidence of false attribution artifacts, and conclud...

Imagine the world where you do not have to make any efforts to learn new skills or knowledge. Just like new programs are uploaded to a Robot to teach them new skills, What if new skills are uploaded to your brain to make you learn, say, playing Guitar, a whole language like French or German or anything else you wish? Do you want a technique, if exists, to make this possible? Of course, YES! Who would not? Now, multiple media channels are reporting that a team of researchers from HRL Laboratories in California has developed a new technology that could be used to feed any skill into the human brain without much effort. But, Is it possible in reality? Let's have a look at what media is reporting and what scientists have actually discovered. Here's what Media is Reporting: Media is reporting that researchers have found a way to "upload knowledge to your brain." Researchers claimed to have developed a simulator that can feed data dire...

A team of security researchers has reportedly discovered a total of eight new " Spectre-class " vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation , or Spectre-NG , the partial details of the vulnerabilities were first leaked to journalists at German computer magazine Heise, which claims that Intel has classified four of the new vulnerabilities as "high risk" and remaining four as "medium." The new CPU flaws reportedly originate from the same design issue that caused the original Spectre flaw , but the report claims one of the newly discovered flaws allows attackers with access to a virtual machine (VM) to easily target the host system, making it potentially more threatening than the original Spectre vulnerability. "Alternatively, it could attack the VMs of other customers running on the same server. Passwords and secret k...