Search results for security | Breaking Cybersecurity News | The Hacker News

Nearly five dozen security vulnerabilities have been disclosed in devices from 10 operational technology (OT) vendors due to what researchers call are "insecure-by-design practices." Collectively dubbed  OT:ICEFALL  by Forescout, the 56 issues span as many as 26 device models from Bently Nevada, Emerson, Honeywell, JTEKT, Motorola, Omron, Phoenix Contact, Siemens, and Yokogawa. "Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of OT devices, bypass authentication, compromise credentials, cause denials of service or have a variety of operational impacts," the company said in a technical report. These vulnerabilities could have disastrous consequences considering the impacted products are widely employed in critical infrastructure industries such as oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, min

More than 600 Million users of Samsung Galaxy smartphones, including the newly released Galaxy S6, are potentially vulnerable to a software bug that allows hackers to secretly monitor the phone's camera and microphone, read text messages and install malicious apps. The vulnerability is due to a problem with the Samsung built-in keyboard app that enables easier predictive text. One of the keyboard app version, SwiftKey IME , that comes prepackaged with Samsung's latest Galaxy smartphones could allow a malicious hacker to remotely execute code on user's phone even when if they are not using the keyboard app. Users cannot get rid of this Flaw The app cannot be uninstalled or disabled by the users of the Samsung smartphone devices, so it is up to Samsung to fix the critical bug. The vulnerability was discovered by NowSecure mobile security researcher Ryan Welton, who notified Samsung about the bug in December last year. The keyboard app periodic

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Chinese hackers broke into the computer systems of United States government agency that keeps the personal information of all federal employees, according to the paper published in the New York Times. The attack occurred on the Office of Personnel Management and Senior American officials believe that the attackers successfully gained access to some of the agency's databases in March before the federal authorities detected the threat and blocked them from the network. The hackers targeted the files of tens of thousands of federal employees who have applied for top-secret security clearances, the newspaper reported. " The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal inf

What's worse than knowing that innocent looking JPEGs, PDFs and font files can hijack your iPhone, iPad, and iPod. Yes, attackers can take over your vulnerable Apple's iOS device remotely – all they have to do is trick you to view a maliciously-crafted JPEG graphic or PDF file through a website or an email, which could allow them to execute malicious code on your system. That's a terrible flaw (CVE-2016-4673), but the good news is that Apple has released the latest version of its mobile operating system, iOS 10.1 , for iPhones and iPads to address this remote-code execution flaw, alongside an array of bug fixes. And now that the company has rolled out a security patch, some hackers would surely find vulnerable Apple devices to exploit the vulnerability and take full control of them. So, users running older versions of iOS are advised to update their mobile devices to iOS 10.1 as soon as possible. Besides this remote code execution flaw, the newest iOS 10.1 incl

If you use Zoom to host your remote online meetings, you need to read this piece carefully. The massively popular video conferencing software has patched a security loophole that could have allowed anyone to remotely eavesdrop on unprotected active meetings, potentially exposing private audio, video, and documents shared throughout the session. Besides hosting password-protected virtual meetings and webinars, Zoom also allows users to set up a session for non-pre-registered participants who can join an active meeting by entering a unique Meeting ID, without requiring a password or going through the Waiting Rooms. Zoom generates this random meeting ID, comprised of 9, 10, and 11-digit numbers, for each meeting you schedule or create. If leaked beyond an individual or intended group of people, merely knowing Meeting IDs could allow unwelcome guests joining meetings or webinars. This could be bad news for anyone expecting their conversations to be private. To circumvent suc

Microsoft on Tuesday rolled out its scheduled  monthly security update  with patches for 55 security flaws affecting Windows, Exchange Server, Internet Explorer, Office, Hyper-V, Visual Studio, and Skype for Business. Of these 55 bugs, four are rated as Critical, 50 are rated as Important, and one is listed as Moderate in severity. Three of the vulnerabilities are publicly known, although, unlike  last month , none of them are under active exploitation at the time of release. The most critical of the flaws addressed is  CVE-2021-31166 , a wormable remote code execution vulnerability in the HTTP protocol stack. The issue, which could allow an unauthenticated attacker to send a specially crafted packet to a targeted server, is rated 9.8 out of a maximum of 10 on the CVSS scale. Another vulnerability of note is a remote code execution flaw in Hyper-V ( CVE-2021-28476 ), which also scores the highest severity among all flaws patched this month with a CVSS rating of 9.9. "This i

Ransomware has been a thorn in the side of cybersecurity teams for years. With the move to remote and hybrid work, this insidious threat has become even more of a challenge for  organizations everywhere. 2021 was a case study in ransomware due to the wide variety of attacks, significant financial and economic impact, and diverse ways that organizations responded.  These attacks  should be seen as a lesson that can inform future security strategies to mitigate ransomware risk. As an organization continues to evolve, so should its security strategy. The Remote Environment Is Primed for Ransomware With organizations continuing to support remote and hybrid work, they no longer have the visibility and control they once had inside their perimeter. Attackers are  exploiting this weakness  and profiting. Here are three reasons they're able to do so: Visibility and control have changed.  Most organizations now have employees working from anywhere. These employees expect seamless access to

Computerized Prison doors hacked with vulnerabilities used by Stuxnet worm Security holes in the computer systems of federal prisons in the United States can effectively allow hackers to trigger a jailbreak by remote control. The discovery of the Stuxnet worm has alerted governments around the world about the possibility of industrial control systems being targeted by hackers. A team of researchers with John Strauchs, Tiffany Rad and Teague Newman presented their findings at a recent security conference. They said the project wasn't really all that difficult -- it just took a little time, some equipment bought online and a basement workspace. The idea for the research came about from work that Strauchs had done previously. " I designed a maximum security prison security system. That is, I did the engineering quite a few years ago and literally on Christmas Eve, the warden of that prison after it was occupied, called me and told me all the doors had popped open, including

Security researchers revealed that series of " Watering Hole " has been conducted exploiting a IE8 zero-day vulnerability to target U.S. Government experts working on nuclear weapons research. The news is not surprising but it is very concerning, the principal targets of the attacks are various groups of research such as the components of U.S. Department of Labor and the U.S. Department of Energy, the news has been confirmed by principal security firms and by Microsoft corporate. The flaw has been used in a series of "watering hole" attacks, let's remind that "Watering Hole" is a technique of attack realized compromising legitimate websites using a " drive-by " exploit. The attackers restrict their audience to a individuals interested to specific content proposed by targeted website, in this way when the victim visits the page a backdoor Trojan is installed on his computer. The website compromised to exploit the IE8 zero-day is the Dep

Microsoft on Tuesday released security update (KB 4010250) to patch flaws in Adobe Flash Player for its customers using Internet Explorer on Windows 8.1 and later, as well as Edge for Windows 10, but two already disclosed flaws remain unpatched. Just last week, Microsoft announced that its February patches would be delayed until March due to a last minute issue, a move that led to Google publishing details of an unpatched Windows bug . However, the software giant emailed a handful of big business to alert them to the incoming patches on Monday, advising them to update their systems as soon as possible. The security patches are now available to all Windows customers over Windows Update, and " No other security updates are scheduled for release until the next scheduled monthly update release on March 14, 2017 ," Microsoft says. Bulletin MS17-005 for Adobe Flash Player addresses remote code execution (RCE) vulnerabilities for some currently supported Windows systems.

Today Vodafone Iceland was hacked by the Turkish group of hackers Maxn3y (@AgentCoOfficial) who in the past has stolen data from airports' systems, electronic giants and fast food company. The hackers announced via Twitter  that he has successfully compromised Vodafone Iceland server and defaced the official website ( Vodafone . is ), including various other sub-domains including the company mobile site. The hackers disclosed a compressed 61.7MB rar file which is locked with password TURKISH and that contains a collection of files including one titled users.sql that appears to contain the 77,000 user accounts.  The file includes user names, social security numbers, encrypted passwords as many other encrypted information. The portal CyberWarNews posted the list of files disclosed and provided information on their content. Following the complete list of files leaked: v2.sql Multimedia database, nothing critical, 400K of user tracking and logging with user agents, refers etc.

The use of AI in cybersecurity is growing rapidly and is having a significant impact on threat detection, incident response, fraud detection, and vulnerability management. According to a report by Juniper Research, the use of AI for fraud detection and prevention is expected to save businesses $11 billion annually by 2023. But how to integrate AI into business cybersecurity infrastructure without being exposed to hackers? In terms of detecting and responding to security threats in a more efficient and effective manner, AI has been helping businesses in lots of ways.  Firstly, it can analyze large amounts of data and identify patterns or anomalies much faster and with greater accuracy than humans. AI detects and responds to security threats in real-time, reducing the time it takes to identify and remediate security incidents. The algorithms can learn from past incidents and adapt to new threats as they emerge. With it, cybersecurity systems can become smarter and more effective ove

The U.S. Department of Homeland Security (DHS) has today issued an "emergency directive" to all federal agencies ordering IT staff to audit DNS records for their respective website domains, or other agency-managed domains, within next 10 business days. The emergency security alert came in the wake of a series of recent incidents involving DNS hijacking , which security researchers with "moderate confidence" believe originated from Iran. Domain Name System (DNS) is a key function of the Internet that works as an Internet's directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com). What is DNS Hijacking Attack? DNS hijacking involves changing DNS settings of a domain, redirecting victims to an entirely different attacker-controlled server with a fake version of the websites they are trying to visit, often with an objective to steal users' data. "The attacker alter

For years, the Capture the Flag platform has been a common and very popular part of the hacker convention scene. Teams come from all over the world to show their skill and technique in various competitions. The CTF365 team took that interest, passion and excitement and went to a new level in their platform. That original capture the flag environment is now available to anyone from the safety and comfort of their own home. Not only is the original and fun capture the flag platform available, but the CTF365 team is bringing in red verses blue competitions, as well as an entire exploitable virtual world! While still in alpha, the development team is working tirelessly to bring a brand new approach to an original favorite to the hacker and information security community. What is CTF365? CTF365 is a revolution in the world of capture the flag, simulated attacks and Information security as a whole. Capture the flag is always a fan favorite at hacker conventions, online and

9 Top Patch Management Practices for Businesses Security I've spent most of the past decade in information security, with a pretty big focus on incident response. It never ceases to amaze me how many security incidents (pronounced hacks) customers suffer as a result of unpatched systems. Patch management is not an art form; it's an underappreciated and often ignored part of what should be daily care and feeding of your infrastructure. Here are the nine best patch management practices I've learned over the years: 1. Automate your patching If your patch management strategy depends upon manual effort, you're doing it wrong. Only the smallest businesses can handle patching by hand. You need a system that can deploy patches to all your systems; workstations and servers. 2. In-depth reporting Automating doesn't mean ignoring. You should be able to see the state of your patch management at any point in time and know exactly which systems are in need of attention. 3. Tes

In its 2011 IT security predictions, Panda Security is predicting that a further rising tide of malware, along with an online cyberwar plus cyberprotests, will be the order of the day as the year progresses. According to Luis Corrons, Panda's technical director, during 2010 we have seen a significant growth in the amount of malware, a constant theme over the last few years. "This year, more than 20 million new strains have been created, more than in 2009. At present, Panda's collective intelligence database stores a total of over 60 million classified threats. The actual rate of growth year-on-year however, appears to have peaked: some years ago it was over 100%. In 2010 it was 50%. We will have to wait and see what happens in 2011", he said in a security blog. Corrons added that, also during 2010, with Stuxnet and the WikiLeaks cables suggesting the involvement of the Chinese government in the cyberattacks on Google and other targets, a turning point in the hist

With just about everything delivered from the cloud these days, employees can now collaborate and access what they need from anywhere and on any device. While this newfound flexibility has changed the way we think about productivity, it has also created new cybersecurity challenges for organizations. Historically, enterprise data was stored inside data centers and guarded by perimeter-based security tools. But with users using endpoints and networks your IT teams don't manage, this approach has become antiquated. To combat this new reality, organizations have turned to tactics such as relying on device management and antivirus software, as well as single sign-on and multi-factor authentication. Some vendors have even begun to claim these measures as a form of  Zero Trust , a popular idea where organizations should not trust any entity and provide access to its applications and data until its risk levels are verified. In this blog, I will break down what is and what isn't Zero Trust