Search results for security | Breaking Cybersecurity News | The Hacker News

Following heightened worries that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it's taking steps to "strengthen data security." The admission that some China-based employees can access information from U.S. users came in a letter sent to nine senators, which further noted that the procedure requires the individuals to clear numerous internal security protocols. The contents of the letter, first  reported  by The New York Times, shares more details about TikTok's plans to address data security concerns through a multi-pronged initiative codenamed "Project Texas." "Employees outside the U.S., including China-based employees, can have access to TikTok U.S. user data subject to a series of robust cybersecurity controls and authorization approval protocols overseen by our U.S.-based security team," TikTok CEO Shou Zi Chew wrote in the m

The threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage until victims pay a ransom. Yes, you heard me right. Security researcher Eyal Itkin discovered several security vulnerabilities in the firmware of Canon cameras that can be exploited over both USB and WiFi, allowing attackers to compromise and take over the camera and its features. According to a security advisory  released  by Canon, the reported security flaws affect Canon EOS-series digital SLR and mirrorless cameras, PowerShot SX740 HS, PowerShot SX70 HS, and PowerShot G5X Mark II. "Imagine how would you respond if attackers inject ransomware into both your computer and the c

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Docker Hub, one of the largest cloud-based library of Docker container images, has suffered a data breach after an unknown attacker gained access to the company's single Hub database. Docker Hub is an online repository service where users and partners can create, test, store and distribute Docker container images, both publicly and privately. The breach reportedly exposed sensitive information for nearly 190,000 Hub users (that's less than 5 percent of total users), including usernames and hashed passwords for a small percentage of the affected users, as well as Github and Bitbucket tokens for Docker repositories. Docker Hub started notifying affected users via emails informing them about the security incident and asking them to change their passwords for Docker Hub, as well as any online account using the same password. "On Thursday, April 25th, 2019, we discovered unauthorized access to a single Hub database storing a subset of non-financial user data. Upon

IT Security is the name of the game and no matter how big or small the size of your organization, you will always invest enough on securing certain aspects of your IT network. In many organizations, it starts with monitoring your network for vulnerabilities that may enter the network to access potentially sensitive information in the form of security attacks . For example, you may have firewalls as your first line of defense, followed by vulnerability management, intrusion detection and prevention systems, managing your network configurations and so on.  These are crucial because: Your routers can be easily breached without proper configuration and restrictions.  If a firewall isn't configured correctly, a hacker can easily spot a port that is accidentally left open and can gain access to the network.  Rogue access points, botnet malware and social engineering can make your wireless a porthole into your LAN. Why Logs? The very purpose of IT security is to be

Script kiddies and online criminals around the world have reportedly started exploiting NSA hacking tools leaked last weekend to compromise hundreds of thousands of vulnerable Windows computers exposed on the Internet. Last week, the mysterious hacking group known as Shadow Brokers leaked a set of Windows hacking tools targeting Windows XP, Windows Server 2003, Windows 7 and 8, and Windows 2012, allegedly belonged to the NSA's Equation Group. What's Worse? Microsoft quickly downplayed the security risks by releasing patches for all exploited vulnerabilities , but there are still risks in the wild with unsupported systems as well as with those who haven't yet installed the patches. Multiple security researchers have performed mass Internet scans over the past few days and found tens of thousands of Windows computers worldwide infected with DoublePulsar , a suspected NSA spying implant, as a result of a free tool released on GitHub for anyone to use. Security r

Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a  Magecart campaign  targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake WordPress plugins it contains some deceptive information at the top of the file to give it a veneer of legitimacy," security researcher Ben Martin  said . "In this case, comments claim the code to be 'WordPress Cache Addons.'" Malicious plugins typically find their way to WordPress sites via either a  compromised admin user  or the  exploitation of security flaws  in another plugin already installed on the site. Post installation, the plugin replicates itself to the  mu-plugins  (or must-use plugins) directory so that it's automatically enabled and conceals its presence from the admin panel. "Since the only way to re

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available information sources and open-source exploitation tools to target US Government agency networks," the cybersecurity agency said. Over the past 12 months, the victims were identified through sources such as Shodan , the Common Vulnerabilities and Exposure ( CVE ) database, and the National Vulnerabilities Database (NVD), exploiting the public release of a vulnerability to pick vulnerable targets and further their motives. By compromising legitimate websites and leveraging spear-phishing emails with malicious links pointing to attacker-owned sites in order to gain initial access, the Chinese

Homeland Security have eye on Journalists The Department of Homeland Security has declared its intention to gather personal data on journalists or others who might use " traditional and/or social media in real time to keep their audience situationally aware and informed ". Well, it'll be interesting to see the reaction of Obama's adoring White House press corps when they discover their activities are being tracked by the Department of Homeland Security. Under the National Operations Center (NOC)'s Media Monitoring Initiative that came out of DHS headquarters in November, Washington has the written permission to retain data on users of social media and online networking platforms. Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances. The department says

A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users' private keys. The seven attacks span three different threat models,  according  to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong, who reported the issues to Threema on October 3, 2022. The weaknesses have since been addressed as part of  updates  released by the company on November 29, 2022. Threema is an encrypted messaging app that's used by more than 11 million users as of October 2022. "Security and privacy are deeply ingrained in Threema's DNA," the company  claims  on its website. Officially used by the Swiss Government and the Swiss Army, it's also advertised as a secure alternative alongside other services such as Signal, Meta-owned WhatsApp, and Telegram. While Threema has been sub

Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one set of credentials. From a security standpoint, SSO is the gold standard. It ensures access without forcing users to remember multiple passwords and can be further secured with MFA. Furthermore, an estimated 61% of attacks stem from stolen credentials. By removing usernames and passwords, the attack surface is reduced as well. SSO helps companies meet strict compliance regulations by not only enabling businesses to secure their accounts, but by helping them demonstrate that they've taken the necessary steps to meet regulatory requirements. While SSO is an important step in securing SaaS apps and their data, having just SSOs in place to secure the SaaS stack in its entirety is not enough. SSO alone won't prevent a threat actor from accessing a SaaS app. It also won't protect SaaS apps that are onboarded without the IT team's knowledg

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device. A team of nine security researchers from the University of California Santa Barbara created a special static binary tool called BootStomp that automatically detects security vulnerabilities in bootloaders. Since bootloaders are usually closed source and hard to reverse-engineer, performing analysis on them is difficult, especially because hardware dependencies hinder dynamic analysis. Therefore, the researchers created BootStomp, which "uses a novel combination of static analysis techniques and underconstrained symbolic execution to build a multi-tag taint analysis capable of identifying bootloader vulnerabilities." The tool helped the researchers discover six previously-unknown critical security bugs across bootloaders from HiSilicon (Huawe

Google is bringing a host of new features to its Android 4.2 Jelly Bean operating system designed to increase productivity, creativity and peace of mind and some very promising security improvements including: client side malware protection, Security Enhanced Linux, and always-on VPN . Most important Security Improvements in Android 4.2 is that it now includes a service based on Bouncer that works with all apps, not just those on Google Play. For example, it can check the apps you download on the Amazon App Store, or from 3rd Party sites. Whenever user will install any app from a different source than the official market, and will scan it for any malicious code that may prove potentially harmful for your device. Other than this, Users can now control how much data apps can access and share. This is made even more secure by something called VPN lockdown that can limit the amount of information sent over a connection that may not be secure or that is shared rather than priv

Along with a dream to make Internet access available to everyone across the world, Facebook founder Mark Zuckerberg is working to make the Internet a more secure place as well. Till now, a number of large technology companies have bug bounty programs to reward researchers and cyber enthusiast who contribute in the security of Internet by finding out security holes in software or web platforms, and the social networking giant Facebook is the latest one to do so. Facebook and Usenix have together implemented the Internet Defense Prize — an award recognizing superior quality research that combines a working prototype with great contributions to securing the Internet, Facebook announced Thursday at the annual USENIX Security Symposium in San Diego. Also, Facebook announced the first award under its Internet Defense Prize, and crowned a pair of German researchers for their paper , " Static Detection of Second-Order Vulnerabilities in Web Applications " — a seemingly viabl

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws –  CVE-2023-33009 and CVE-2023-33010  – are  buffer overflow vulnerabilities  and are rated 9.8 out of 10 on the CVSS scoring system. A brief description of the two issues is below - CVE-2023-33009  - A buffer overflow vulnerability in the notification function that could enable an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution. CVE-2023-33010  - A buffer overflow vulnerability in the ID processing function that could enable an unauthenticated attacker to cause a denial-of-service (DoS) condition and remote code execution. The following devices are impacted - ATP (versions ZLD V4.32 to V5.36 Patch 1, patched in ZLD V5.36 Patch 2) USG FLEX (versions ZLD V4.50 to V5.36 Patch 1, patched in ZLD V5.36 Patch 2) USG FLEX50(W) / USG20(W

A ban on the use of pen drives has not been able to safeguard cyber security as it has now been labeled as a major threat in defence forces, the Army officials said. The use of pen drives as an easy-to-carry storage device has increased in the recent past and internal reports have confirmed that over 70 percent cyber security breaches in the armed forces are due to their unauthorised use " These pen drives, which are mostly manufactured in China, have emerged as a big threat to our cyber security systems ," they said. Generally it is found that officials use pen drive to store official data for use at their personal computers but from there, it is transmitted from their IP addresses to hackers from the 'malware' present in the pen drives. About a couple of years ago, a Major posted in Andaman and Nicobar Islands was apprehended as it was found that sensitive data was being transferred from his computer.  However, it later emerged that his system had been hacked and

UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers. Officially founded in 1870, UniCredit is Italy's biggest banking and financial services and one of the leading European commercial banks with more than 8,500 branches across 17 countries. What happened? — Though UniCredit did not disclose any details on how the data incident happened, the bank did confirm that an unknown attacker has compromised a file created in 2015 containing three million records relating only to its Italian customers. What type of information was compromised? — The leaked data contains personal information of 3 million customers, including their: Names Cities Telephone numbers Email addresses What type of information was not compromised? — Unicredit confirmed that the compromised user records did not include any other perso

How do you reset the password for your Facebook account if your primary email account also gets hacked? Using SMS-based security code or maybe answering the security questions? Well, it's 2017, and we are still forced to depend on insecure and unreliable password reset schemes like email-based or SMS code verification process. But these traditional access recovery mechanisms aren't safe enough to protect our all other online accounts linked to an email account. Yahoo Mail can be used as an excellent example. Once hackers have access to your Yahoo account, they can also get into any of your other online accounts linked to the same email just by clicking the link that says, "Forgot your password?" Fortunately, Facebook has a tool that aims to fix this process, helping you recover access to all your other online accounts securely. At the Enigma Conference in Oakland, California on Monday, Facebook launched an account recovery feature for other websites

Israel is considered one of the most advanced country in cyber security, but at the same time is a privileged target for hostile governments intent in sabotage and cyber espionage on his technology. Yesterday, Cybersecurity experts revealed that a major artery in Israel's national road network located in the northern the city of Haifa suffered a cyber attack, that caused massive traffic congestion in the City. Isreal military officials are aware of cyber threats that could hit the infrastructure of the country and they afraid the possible effect of a cyber attack on a large scale. Israeli government websites suffer thousands of cyberattacks each day according Ofir Ben Avi, head of the government's website division. The Israel Electric Corp. confirmed that its servers register about 6,000 unique computer attacks every second. In June, Prime Minister Benjamin Netanyahu stated that Iran militia, Hezbollah and Hamas have targeted in numerous occasions Israel