The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

In the digital age, one of the most popular sayings is—if you're not paying, then you're not the customer, you're the product. While downloading apps on their smartphones, most users may not realize how much data they collect on you. Believe me; it's way more than you can imagine. Nowadays, many app developers are following irresponsible practices that are worth understanding, and we don't have a better example than this newly-reported incident about a virtual keyboard app. A team of security researchers at the Kromtech Security Center has discovered a massive trove of personal data belonging to more than 31 million users of the popular virtual keyboard app, AI.type, accidentally leaked online for anyone to download without requiring any password. Founded in 2010, Ai.type is a customizable and personalizable on-screen keyboard for mobile phones and tablets, with more than 40 million users worldwide. Apparently, a misconfigured MongoDB database, owned by

If you receive an email that looks like it's from one of your friends, just beware! It's possible that the email has been sent by someone else in an attempt to compromise your system. A security researcher has discovered a collection of vulnerabilities in more than 30 popular email client applications that could allow anyone to send spoofed emails bypassing anti-spoofing mechanisms. Discovered by security researcher Sabri Haddouche , the set of vulnerabilities, dubbed MailSploit , affects Apple Mail (macOS, iOS, and watchOS), Mozilla Thunderbird, several Microsoft email clients, Yahoo Mail, ProtonMail, and others. Although most of these affected email client applications have implemented anti-spoofing mechanisms, such as DKIM and DMARC, MailSploit takes advantage of the way email clients and web interfaces parse "From" header. Email spoofing is an old-school technique, but it works well, allowing someone to modify email headers and send an email with the fo

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Well, " a friend in need is a friend indeed " goes a long way, but in this case, this phrase hardly makes any sense. A 27-year-old Michigan man who hacked into the government computer system of Washtenaw County Jail to alter inmate records and gain early release for his friend is now himself facing federal charges after getting caught. Konrads Voits from Ann Arbor, Michigan, pleaded guilty in federal court last week for hacking into the Washtenaw County government computer system earlier this year using malware, phishing, and social engineering tricks in an attempt to get his friend released early from jail. Prosecutors say Voits also used phone calls to prison staff claiming to be a manager at the County Jail's IT department and tricking them into downloading and running malware on their computers by visiting a phony website at "ewashtenavv.org," which mimics the Washtenaw official URL, "ewashtenaw.org." Voit then obtained the remote logi

In a coordinated International cyber operation, Europol with the help of international law enforcement agencies has taken down what it called "one of the longest-running malware families in existence" known as Andromeda. Andromeda , also known as Win32/Gamarue, is an infamous HTTP-based modular botnet that has been around for several years now, and infecting computers with it's malicious intentions ever since. The primary goal of Andromeda bot is to distribute other malware families for mass global malware attacks. The botnet has been associated with at least 80 malware families, and in the last six months, it was detected (or blocked) on an average of more than 1 million machines per month. Last year, law enforcement agencies took down the criminal infrastructure of the infamous Avalanche botnet in a similar massive international cyber operation. Avalanche botnet was used as a delivery platform to spread other malware families, including Andromeda. While in

The United States Department of Homeland Security (DHS) has recently accused Da-Jiang Innovations (DJI), one of the largest drone manufacturers, of sending sensitive information about U.S. infrastructure to China through its commercial drones and software. A copy memo from the Los Angeles office of the Immigration and Customs Enforcement bureau (ICE) has begun circulating online more recently, alleging "with moderate confidence" that DJI drones may be sending US critical infrastructure and law enforcement data back to China. However, the bureau accessed "with high confidence" that this critical data collected by the DJI systems could then be used by the Chinese government to conduct physical or cyber attacks against the U.S. critical infrastructure and its population. The memo goes on to specify the targets the Chinese Government has been attempting to spy on, which includes rail systems, water systems, hazardous material storage facilities, and constructio