The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

If you are running Windows 10 on your PC, then there are chances that your computer contains a pre-installed 3rd-party password manager app that lets attackers steal all your credentials remotely. Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager that silently installs new "suggested apps" without asking for users' permission. According to a blog post published Friday on Chromium Blog, Google Project Zero researcher Tavis Ormandy said he found a pre-installed famous password manager, called "Keeper," on his freshly installed Windows 10 system which he downloaded directly from the Microsoft Developer Network. Ormandy was not the only one who noticed the Keeper Password Manager. Some Reddit users complained about the hidden password manager about six months ago, one of which reported Keeper being installed on a virtual machine created with Windows 10 Pro. Critical Flaw In Keeper Pas

Security researchers have uncovered another nasty piece of malware designed specifically to target industrial control systems (ICS) with a potential to cause health and life-threatening accidents. Dubbed Triton, also known as Trisis, the ICS malware has been designed to target Triconex Safety Instrumented System (SIS) controllers made by Schneider Electric—an autonomous control system that independently monitors the performance of critical systems and takes immediate actions automatically, if a dangerous state is detected. Researchers from the Mandiant division of security firm FireEye published a report on Thursday, suggesting state-sponsored attackers used the Triton malware to cause physical damage to an organization. Neither the targeted organization name has been disclosed by the researchers nor they have linked the attack to any known nation-state hacking group. According to separate research conducted by ICS cybersecurity firm Dragos, which calls this malware "

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Net neutrality is DEAD —3 out of 5 federal regulators voted Thursday to hand control of the future of the Internet to cable and telecommunication companies, giving them powers to speed up service for websites they favor or slow down others. As proposed this summer, the US Federal Communications Commission (FCC) has rolled back Net Neutrality rules that require Internet Service Providers (ISPs) to treat all services and websites on the Internet equally and prohibit them from blocking sites or charging for higher-quality service. This action repeals the FCC's 2015 Open Internet Order decision taken during the Obama administration. What is Net Neutrality and Why Is It Important? Net Neutrality is simply Internet Freedom—Free, Fast and Open Internet for all. In other words, Net Neutrality is the principle that governs ISPs to give consumers access to all and every content on an equal basis, treating all Internet traffic equally. Today, if there's something that ma

Security researchers have publicly disclosed an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit after trying to get the device manufacturer to patch this easy-to-exploit flaw over the past few months. The problem is with a core component of the Genie DVR system that's shipped free of cost with DirecTV and can be easily exploited by hackers to gain root access and take full control of the device, placing millions of people who've signed up to DirecTV service at risk. The vulnerability actually resides in WVBR0-25 —a Linux-powered wireless video bridge manufactured by Linksys that AT&T provides to its new customers. DirecTV Wireless Video Bridge WVBR0-25 allows the main Genie DVR to communicate over the air with customers' Genie client boxes (up to 8) that are plugged into their TVs around the home. Trend Micro researcher Ricky Lawshae, who is also a DirecTV customer, decided to take a closer look at the device and found that Linksy

The U.S. federal officials have arrested three hackers who have pleaded guilty to computer-crimes charges for creating and distributing Mirai botnet that crippled some of the world's biggest and most popular websites by launching the massive DDoS attacks last year. According to the federal court documents unsealed Tuesday, Paras Jha (21-year-old from New Jersey), Josiah White (20-year-old Washington) and Dalton Norman (21-year-old from Louisiana) were indicted by an Alaska court last week on multiple charges for their role in massive cyber attacks conducted using Mirai botnet. Mirai is a piece of nasty IoT malware that scans for insecure routers, cameras, DVRs, and other Internet of Things devices which are still using their default passwords and then add them into a botnet network, which is then used to launch DDoS attacks on websites and Internet infrastructure. According to his plea agreement, Jha " conspired to conduct DDoS attacks against websites and web ho