#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

NetSpectre — New Remote Spectre Attack Steals Data Over the Network

NetSpectre — New Remote Spectre Attack Steals Data Over the Network

Jul 27, 2018
A team of security researchers has discovered a new Spectre attack that can be launched over the network, unlike all other Spectre variants that require some form of local code execution on the target system. Dubbed " NetSpectre ," the new remote side-channel attack, which is related to Spectre variant 1, abuses speculative execution to perform bounds-check bypass and can be used to defeat address-space layout randomization on the remote system. If you're unaware, the original Spectre Variant 1 flaw (CVE-2017-5753), which was reported earlier this year along with another Spectre and Meltdown flaws , leverages speculative stores to create speculative buffer overflows in the CPU store cache. Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues and is discarded if not. This issue could
CoinVault Ransomware Authors Sentenced to 240 Hours of Community Service

CoinVault Ransomware Authors Sentenced to 240 Hours of Community Service

Jul 26, 2018
Almost three years after the arrest of two young Dutch brothers, who pleaded guilty to their involvement in creating and distributing CoinVault ransomware malware , a district court in Rotterdam today sentenced them to 240 hours of community service. In 2015, the two suspects — Melvin (25-year-old) and Dennis van den B. (21-year-old) — were arrested from Amersfoort on suspicion of involvement in CoinVault ransomware attacks. The duo was arrested by law enforcement with the help of researchers from Kaspersky Labs , who reverse-engineered the malware and found the full name of one of the suspects and their IP address left accidentally on the command and control server. CoinVault ransomware campaign that began in May 2014 was one of the most successful file-encrypting ransomware program of its time that encrypted over 14,000 Windows computers worldwide, primarily the Netherlands, the US, the UK, Germany, and France. Just like other ransomware attacks, the sole intent of CoinVau
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Titan Security Keys – Google launches its own USB-based FIDO U2F Keys

Titan Security Keys – Google launches its own USB-based FIDO U2F Keys

Jul 26, 2018
At Google Cloud Next '18 convention in San Francisco, the company has introduced Titan Security Keys —a tiny USB device, similar to Yubico's YubiKey, that offers hardware-based two-factor authentication for your online accounts with the highest level of protection against phishing attacks. These hardware-based security keys are thought to be more efficient at preventing phishing, man-in-the-middle (MITM) and other types of account-takeover attacks than 2FA via SMS, as even if your credentials are compromised, account login is impossible without that physical key. Earlier this week Google revealed that its 85,000 employees have been using physical security keys internally for months and since then none of them have fallen victim to phishing attacks. Compared with the traditional authentication protocols ( SMS messages ), Universal 2nd Factor Authentication (U2F) is extremely difficult to compromise that aims to simplify, fasten and secure two-factor authentication proc
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known

iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known

Jul 25, 2018
India-linked highly targeted mobile malware campaign, first unveiled two weeks ago , has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article , earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile device management (MDM) service to hijack and spy on a few targeted iPhone users in India. Operating since August 2015, the attackers have been found abusing MDM service to remotely install malicious versions of legitimate apps, including Telegram, WhatsApp, and PrayTime, onto targeted iPhones. These modified apps have been designed to secretly spy on iOS users, and steal their real-time location, SMS, contacts, photos and private messages from third-party chatting applications. During their ongoing investigation, Talos researchers identified a new MDM infrastructure and several malicious binaries – designed
From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

From today, Google Chrome starts marking all non-HTTPS sites 'Not Secure'

Jul 24, 2018
Starting today with the release of Chrome 68, Google Chrome prominently marks all non-HTTPS websites as 'Not Secure' in its years-long effort to make the web a more secure place for Internet users. So if you are still running an insecure HTTP (Hypertext Transfer Protocol) website, many of your visitors might already be greeted with a 'Not Secure' message on their Google Chrome browser warning them that they can't trust your website to be secure. By displaying ' Not Secure ,' Google Chrome means that your connection is not secure because there is no SSL Certificate to encrypt your connection between your computer and the website's server. So, anything sent over a non-HTTPS connection is in plain text, like your password or payment card information, allowing attackers to snoop or tamper with your data. The non-https connection has been considered dangerous particularly for web pages that transfer sensitive information—like login pages and payment
Apache Tomcat Patches Important Security Vulnerabilities

Apache Tomcat Patches Important Security Vulnerabilities

Jul 24, 2018
The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain sensitive information. Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language, and WebSocket, and provides a "pure Java" HTTP web server environment for Java concept to run in. Unlike Apache Struts2 vulnerabilities exploited to breach the systems of America credit reporting agency Equifax late last year, new Apache Tomcat vulnerabilities are less likely to be exploited in the wild. Apache Tomcat — Information Disclosure Vulnerability The more critical flaw ( CVE-2018-8037 ) of all in Apache Tomcat is an information disclosure vulnerability caused due to a bug in the tracking of connection closures which can lead to reuse of user sessions in a new connection. The vu
New Bluetooth Hack Affects Millions of Devices from Major Vendors

New Bluetooth Hack Affects Millions of Devices from Major Vendors

Jul 24, 2018
Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the traffic they exchange. The Bluetooth hacking vulnerability, tracked as CVE-2018-5383, affects firmware or operating system software drivers from some major vendors including Apple, Broadcom, Intel, and Qualcomm, while the implication of the bug on Google, Android and Linux are still unknown. The security vulnerability is related to two Bluetooth features—Bluetooth low energy (LE) implementations of Secure Connections Pairing in operating system software, and BR/EDR implementations of Secure Simple Pairing in device firmware. How the Bluetooth Hack Works? Researchers from the Israel Institute of Technology discovered that the Bluetooth specification recommends, but does not mandate
Egyptian 'Fake News' Law Threatens Citizens with 5000-plus Followers

Egyptian 'Fake News' Law Threatens Citizens with 5000-plus Followers

Jul 23, 2018
Do you or someone you know lives in Egypt and holds an account on Facebook, Twitter, or/and other social media platforms with more than 5000 followers? If yes, your account can be censored, suspended and is subject to prosecution for promoting or spreading the fake news through social media platforms. On July 16, the Egyptian parliament approved a new law that classifies a personal social media account, blog or website with more than 5,000 followers as media outlets, allowing the state to block social media accounts and penalize journalists for publishing fake news. Social media networks are no doubt a quick and powerful way to share information and ideas, but not everything shared on Facebook or Twitter is true. Fake news is all around us, and every country is finding its own new ways to tackle this issue. Over the past the year, fake news or misinformation has emerged as a primary issue on social media platforms, seeking to influence millions of people with wrong propaga
Google launches 'Data Transfer Project' to make it easier to switch services

Google launches 'Data Transfer Project' to make it easier to switch services

Jul 23, 2018
A lot of new online services are cropping up every day, making our life a lot easier. But it is always harder for users to switch to another product or service, which they think is better because the process usually involves downloading everything from one service and then re-uploading it all again to another. Thanks to GDPR—stands for General Data Protection Regulation, a legal regulation by European Union that sets guidelines for the collection and processing of users' personal information by companies—many online services have started providing tools that allow their users to download their data in just one click. But that doesn't completely simplify and streamline the process of securely transferring your data around services. To make this easier for users, four big tech companies— Google , Facebook , Microsoft , and Twitter —have teamed up to launch a new open-source, service-to-service data portability platform, called the Data Transfer Project . What is Dat
Ecuador to Withdraw Asylum for Wikileaks Founder Julian Assange

Ecuador to Withdraw Asylum for Wikileaks Founder Julian Assange

Jul 21, 2018
After protecting WikiLeaks founder Julian Assange for almost six years, Ecuador is now planning to withdraw its political asylum, probably next week, and eject him from its London embassy—eventually would turn him over to the British authorities. Lenín Moreno, the newly-elected President of Ecuador, has arrived in London this Friday to give a speech at Global Disability Summit on 24 July 2018. However, media reports suggest the actual purpose of the President's visit is to finalize a deal with UK government to withdraw its asylum protection of Assange. According to RT editor-in-chief Margarita Simonyan and the Intercept 's Glenn Greenwald, multiple sources close to the Ecuadorian Foreign Ministry and the President's office have confirmed that Julian Assange will be handed over to Britain in the coming weeks or even days. Julian Assange, 47, has been living in Ecuador's London embassy since June 2012, when he was granted asylum by the Ecuador government after a B
Microsoft Releases PowerShell Core for Linux as a Snap Package

Microsoft Releases PowerShell Core for Linux as a Snap Package

Jul 20, 2018
Microsoft's love for Linux continues… Microsoft has released its command-line shell and scripting language PowerShell Core for Linux operating system as a Snap package, making it easier for Linux users to install Microsoft PowerShell on their system. Yes, you heard me right. Microsoft has made PowerShell Core available to the Ubuntu Snap Store as a Snap application. PowerShell Core is a cross-platform version of Windows PowerShell that is already available for Windows, macOS, and Linux OS and has been designed for sysadmins who manage assets in hybrid clouds and heterogeneous environments. Snap is a universal Linux packaging system, built by Canonical for the Ubuntu operating system, which makes an application compatible for all major Linux distributions without requiring any modification. A Snap package is basically an application compressed together with its dependencies and also includes instructions on how to run and interact with other software on various Linu
Singapore's Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen

Singapore's Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen

Jul 20, 2018
Singapore's largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. SingHealth is the largest healthcare group in Singapore with 2 tertiary hospitals, 5 national specialty , and eight polyclinics. According to an advisory released by Singapore's Ministry of Health (MOH), along with the personal data, hackers also managed to stole 'information on the outpatient dispensed medicines' of about 160,000 patients, including Singapore's Prime Minister Lee Hsien Loong, and few ministers. "On 4 July 2018, IHiS' database administrators detected unusual activity on one of SingHealth's IT databases. They acted immediately to halt the activity," MOH said. The stolen data includes the patient's name, address, gender, race, date of birth, and National Registration Identity Card (NRIC) numbers. Th
Cybersecurity Resources