The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Next time when someone sends you a photo of a cute cat or a hot chick on WhatsApp or Telegram then be careful before you click on the image to view — it might hack your account within seconds. A new security vulnerability has recently been patched by two popular end-to-end encrypted messaging services — WhatsApp and Telegram — that could have allowed hackers to completely take over user account just by having a user simply click on a picture. The hack only affected the browser-based versions of WhatsApp and Telegram, so users relying on the mobile apps are not vulnerable to the attack. According to Checkpoint security researchers, the vulnerability resided in the way both messaging services process images and multimedia files without verifying that they might have hidden malicious code inside. For exploiting the flaw, all an attacker needed to do was sending the malicious code hidden within an innocent-looking image. Once the victim clicked on the picture, the attacker coul

In a large-scale Twitter hack, thousands of Twitter accounts from media outlets to celebrities, including the European Parliament, Forbes, BlockChain, Amnesty International, UNICEF, Nike Spain and numerous other individuals and organizations, were compromised early Wednesday. The compromised Twitter accounts is pushing a disturbing spam message written in Turkish comparing the Dutch to the Nazis, with Swastikas and a " #NaziHollanda " or " #Nazialmanya " (Nazi Germany) hashtag, and changed some of the victims' profile pictures to an image of the Turkish flag and Ottoman Empire coat of arms. In addition to the message, the hackers are also posting a link to a YouTube video and the Twitter account Sebo . According to the latest reports, this weird Twitter activity on numerous high-profile accounts is the result of a vulnerability in the third-party app called Twitter Counter. Twitter Counter is a social media analytics service that helps Twitter users to

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms

After last month's postponement, Microsoft's Patch Tuesday is back with a massive release of fixes that includes patches for security vulnerabilities in Windows and associated software disclosed and exploited since January's patch release. Meanwhile, Adobe has also pushed out security updates for its products, releasing patches for at least seven security vulnerabilities in its Flash Player software. Microsoft patched a total of 140 separate security vulnerabilities across 18 security bulletins, nine of them critical as they allow remote code execution on the affected computer. Microsoft Finally Patches Publicly Disclosed Windows Flaws Among the "critical" security updates include a flaw in the SMB (server message block) network file sharing protocol, which had publicly disclosed exploit code since last month. The original patch released last year for this flaw was incomplete. The flaw is a memory corruption issue that could allow remote code execu

With the rise in the mobile market, Adware has become one of the most prevalent mobile threats in the world. Adware has traditionally been used to aggressively push ads like banners or pop-ups on mobile screens to make money. The troublesome part is that Adware is now becoming trojanized and more sophisticated, as it aggressively collects personal data from the mobile device it's installed on, including name, birth date, location, serial number, contacts, and browser data without users' consent. However, the risk is a bit higher on Android than other platforms because of the extra permissions that apps enjoy. Although Google has stepped up its efforts to remove potentially harmful apps from its Play Store in the past years and added more stringent malware checks for new apps, Adware app eventually finds its way into its mobile app marketplace to target millions of Android users. In its recent efforts to make its Play Store ecosystem safe, Google has recently discover

Imagine a pocket-sized hard drive capable of storing the entire list of 35 Million Songs? This isn't yet practical, but IBM has just taken a big step towards improving computing technology: IBM researchers just discovered a way to store data on a single atom. Data storage is undergoing dramatic evolution, recently researchers successfully stored digital data — an entire operating system, a movie, an Amazon gift card, a study and a computer virus — in strands of DNA. The IBM Research results announced Wednesday that the researchers have developed the world's smallest magnet using a single atom and they packed it with one bit of digital data. Currently, hard drives use about 100,000 atoms to store a single bit of information — a 1 or 0 — using traditional methods. So, this breakthrough could allow people to store 1,000 times more information in the same amount of space in the future applications. Scientists Store 1 Bit of data on a single Atom, whereas modern hard dri