The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Yes, your smartphone is spying on you. But, the real question is, should you care? We have published thousands of articles on The Hacker News, warning how any mobile app can turn your smartphone into a bugging device—' Facebook is listening to your conversations', ' Stealing Passwords Using SmartPhone Sensors', 'Your Headphones Can Spy On You' and 'Android Malware Found Spying Military Personnel' to name a few. All these stories have different objectives and targets but have one thing in common, i.e., apps running in the background covertly abuse ' permissions ' without notifying users. Installing a single malicious app unknowingly could allow remote attackers to covertly record audio, video, and taking photos in the background. But, not anymore! In a boost to user privacy, the next version of Google's mobile operating system, Android P, will apparently block apps idling in the background from accessing your smartphone's camera a

Only a single character can crash your iPhone and block access to the Messaging app in iOS as well as popular apps like WhatsApp, Facebook Messenger, Outlook for iOS, and Gmail. First spotted by Italian Blog Mobile World, a potentially new severe bug affects not only iPhones but also a wide range of Apple devices, including iPads, Macs and even Watch OS devices running the latest versions of their operating software. Like previous 'text bomb' bug, the new flaw can easily be exploited by anyone, requiring users to send only a single character from Telugu—a native Indian language spoken by about 70 million people in the country. Once the recipient receives a simple message containing the symbol or typed that symbol into the text editor, the character immediately instigates crashes on iPhones, iPads, Macs, Apple Watches and Apple TVs running Apple's iOS Springboard. Apps that receive the text bomb tries to load the character, but fails and refuses to function prope

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Bitmessage developers have warned of a critical 'remotely executable' zero-day vulnerability in the PyBitmessage application that was being exploited in the wild. Bitmessage is a Peer-to-Peer (P2P) communications protocol used to send encrypted messages to users. Since it is decentralized and trustless communications, one need-not inherently trust any entities like root certificate authorities. Those who unaware, PyBitmessage is the official client for Bitmessage messaging service. According to Bitmessage developers, a critical zero-day remote code execution vulnerability, described as a message encoding flaw, affects PyBitmessage version 0.6.2 for Linux, Mac, and Windows and has been exploited against some of their users. "The exploit is triggered by a malicious message if you are the recipient (including joined chans). The attacker ran an automated script but also opened, or tried to open, a remote reverse shell," Bitmessage core developer Peter Šurda ex

A serious vulnerability has been discovered in Microsoft-owned most popular free web messaging and voice calling service Skype that could potentially allow attackers to gain full control of the host machine by granting system-level privileges to a local, unprivileged user. The worst part is that this vulnerability will not be patched by Microsoft anytime soon. It's not because the flaw is unpatchable, but because fixing the vulnerability requires a significant software rewrite, which indicates that the company will need to issue an all-new version of Skype rather than just a patch. The vulnerability has been discovered and reported to Microsoft by security researcher Stefan Kanthak and resides in Skype's update installer, which is susceptible to Dynamic Link Libraries (DLL) hijacking. According to the researcher, a potential attacker could exploit the "functionality of the Windows DLL loader where the process loading the DLL searches for the DLL to be loaded fi

Microsoft's Patch Tuesday for this month falls the day before the most romantic day of the year. Yes, it's Valentine's, and the tech giant has released its monthly security update for February 2018, addressing a total of 50 CVE-listed vulnerabilities in its Windows operating system, Microsoft Office, web browsers and other products. Fourteen of the security updates are listed as critical, 34 are rated as important, and 2 of them are rated as moderate in severity. The critical update patches serious security flaws in Edge browser and Outlook client, an RCE in Windows' StructuredQuery component, and several memory corruption bugs in the scripting engines used by Edge and Internet Explorer. Critical Microsoft Outlook Vulnerability One of the most severe bugs includes a memory corruption vulnerability ( CVE-2018-0852 ) in Microsoft Outlook, which can be exploited to achieve remote code execution on the targeted machines. In order to trigger the vulnerability

A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash. The Telegram vulnerability was uncovered by security researcher Alexey Firsh from Kaspersky Lab last October and affects only the Windows client of Telegram messaging software. The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software onto their PCs that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine, according to a blogpost on Securelist. Here's How Telegram Vulnerability Works The vulnerability resides in the way Telegram Windows client handles the RLO (right-to-left override) Unicode character (U+202E), which is used for coding languages that are written from right to left, li

The Pyeongchang Winter Olympics taking place in South Korea was disrupted over the weekend following a malware attack before and during the opening ceremony on Friday. The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of televisions and internet at the main press center, leaving attendees unable to print their tickets for events or get venue information. The Pyeongchang Winter Olympics organizing committee confirmed Sunday that a cyber attack hit its network helping run the event during the opening ceremony, which was fully restored on 8 am local time on Saturday—that's full 12 hours after the attack began. Multiple cybersecurity firms published reports on Monday, suggesting that the cause of the disruption was "destructive" wiper malware that had been spread throughout the Winter Games' official network using stolen credentials. Dubbed

There was a time when hackers simply defaced websites to get attention, then they started hijacking them to spread banking trojan and ransomware, and now the trend has shifted towards injecting scripts into sites to mine cryptocurrencies. Thousands of government websites around the world have been found infected with a specific script that secretly forces visitors' computers to mine cryptocurrency for attackers. The cryptocurrency mining script injection found on over 4,000 websites, including those belonging to UK's National Health Service (NHS), the Student Loan Company, and data protection watchdog Information Commissioner's Office (ICO), Queensland legislation, as well as the US government's court system. Users who visited the hacked websites immediately had their computers' processing power hijacked, also known as cryptojacking, to mine cryptocurrency without their knowledge, potentially generating profits for the unknown hacker or group of hackers.

Two days ago when infosec bods claimed to have uncovered what's believed to be the first case of a SCADA network (a water utility) infected with cryptocurrency-mining malware, a batch of journalists accused other authors of making fear-mongering headlines, taunting that the next headline could be about cryptocurrency-miner detected in a nuclear plant. It seems that now they have to run a story themselves with such headlines on their website because Russian Interfax News Agency yesterday reported that several scientists at Russia's top nuclear research facility had been arrested for mining cryptocurrency with "office computing resources." The suspects work as engineers at the Russian Federation Nuclear Center facility—also known as the All-Russian Research Institute of Experimental Physics—which works on developing nuclear weapons. The center is located in Sarov, Sarov is still a restricted area with high security. It is also the birthplace of the Soviet Uni

WordPress administrators are once again in trouble. WordPress version 4.9.3 was released earlier this week with patches for a total 34 vulnerabilities, but unfortunately, the new version broke the automatic update mechanism for millions of WordPress websites. WordPress team has now issued a new maintenance update, WordPress 4.9.4 , to patch this severe bug, which WordPress admins have to install manually. According to security site WordFence , when WordPress CMS tries to determine whether the site needs to install an updated version, if available, a PHP error interrupts the auto-update process. If not updated manually to the latest 4.9.4 version, the bug would leave your website on WordPress 4.9.3 forever, leaving it vulnerable to future security issues. Here's what WordPress lead developer Dion Hulse explained about the bug: "#43103-core aimed to reduce the number of API calls which get made when the auto-update cron task is run. Unfortunately, due to human e

Cybercriminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect. A new strain of malware has now been discovered that relies on a unique technique to steal payment card information from point-of-sale (PoS) systems. Since the new POS malware relies upon User Datagram Protocol (UDP) DNS traffic for the exfiltration of credit card information, security researchers at Forcepoint Labs, who have uncovered the malware, dubbed it UDPoS . Yes, UDPoS uses Domain Name System (DNS) queries to exfiltrate stolen data, instead of HTTP that has been used by most POS malware in the past. This malware is also thought to be first of its kind. Besides using 'unusual' DNS requests to exfiltrate data, the UDPoS malware disguises itself as an update from LogMeIn —a legitimate remote desktop control service used to manage computers and other systems remo

Since most of us rely upon the Internet for day-to-day activities, hacking and spying have become a prime concern today, and so have online security and privacy. The governments across the world have been found to be conducting mass surveillance and then there are hackers and cybercriminals who are always looking for ways to steal your sensitive and personal data from the ill-equipped networks, websites, and PCs. Even most online services and websites today collect your personal data, including search histories, location data, and buying habits, and makes millions by sharing them with advertisers and marketers. In short, we have no or very little online privacy. This is why schools, colleges, hospitals and other small and big businesses are moving towards adopting a solution that allows them to store and access their personal data securely. The solution: Virtual Private Network. Virtual Private Network, or VPN, serves as an encrypted tunnel that secures your computer's Int