The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

A severe programming error has been discovered in Apple's latest macOS High Sierra 10.13 that exposes passwords of encrypted Apple File System (APFS) volumes in plain text. Reported by Matheus Mariano, a Brazilian software developer, the vulnerability affects encrypted volumes using APFS wherein the password hint section is showing the actual password in the plain text. Yes, you got that right—your Mac mistakenly reveals the actual password instead of the password hint. In September, Apple released macOS High Sierra 10.13 with APFS (Apple File System) as the default file system for solid-state drives (SSDs) and other all-flash storage devices, promising strong encryption and better performance. Mariano discovered the security issue while he was using the Disk Utility in macOS High Sierra to add a new encrypted APFS volume to a container. When adding a new volume, he was asked to set a password and, optionally, write a hint for it. So, whenever the new volume is mounted, m

It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily. Security researchers from multiple security firms, including Arbor Networks and FireEye , independently discovered a series of malware campaigns primarily targeting aerospace, defence contractors and manufacturing sectors in various countries, including the United States, Thailand, South Korea and India. What's common? All these attack campaigns, conducted by various hacking groups, eventually install same information and password stealer malware—dubbed FormBook —on the targeted systems. FormBook is nothing but a " malware-as-as-service ," which is an affordable piece of data-stealing and form-grabbing malware that has been

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

A Greek court has approved the U.S. extradition of a 38-year-old Russian national accused of laundering more than $4 billion in bitcoin for culprits involved in hacking attacks, tax fraud and drug trafficking with the help of the now-defunct BTC-e exchange. Alexander Vinnik , an alleged operator of BTC-e—a digital currency exchange service that has been in operation since 2011 but seized by the authorities right after Vinnik's arrest in a beachside village in northern Greece in late July 2016 at the request of US law enforcement authorities. Since his arrest, Moscow has also requested Vinnik be returned home, as it has previously done with other Russian nationals wanted by the United States. However, the Greek court ruled Wednesday (4 October) to extradite Vinnik to the U.S., where he will face trial on the charges with the operation of an unlicensed money service business, money laundering, conspiracy to commit money laundering, and engaging in unlawful monetary transact

The Apache Tomcat team has recently patched several security vulnerabilities in Apache Tomcat, one of which could allow an unauthorised attacker to execute malicious code on affected servers remotely. Apache Tomcat, developed by the Apache Software Foundation (ASF), is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language, and WebSocket, and provides a "pure Java" HTTP web server environment for Java concept to run in. Unlike Apache Struts2 vulnerabilities , which have recently been exploited to breach the systems of American credit reporting agency Equifax , Apache Tomcat flaws are less likely to be exploited. The critical Remote Code Execution (RCE) vulnerability (CVE-2017-12617) discovered in Apache Tomcat is due to insufficient validation of user-supplied input by the affected software. Only systems with HTTP PUTs enabled (via setting the "read-only" initi

Spain's National Court ruled on Tuesday to extradite a 36-year-old Russian computer programmer, accused by American authorities of malicious hacking offences, to the United States, according to a court document. Peter Yuryevich Levashov , also known as Peter Severa, was arrested in April this year when he was travelling with his family to Barcelona, Spain from his home in Russia—a country without an extradition treaty with the United States—for his role in a huge computer botnet. However, since Levashov has previously worked with for Vladimir Putin's United Russia Party for ten years, he fears that the US authorities would torture him for information about his political work if sent there to face the charges against him. " If I go to the U.S., I will die in a year. They want to get information of a military nature and about the United Russia party ," RIA news agency quoted Levashov as saying. " I will be tortured, within a year I will be killed, or I wil