The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX which are otherwise designed to protect important data from prying eyes or from being tampered, even on a compromised system. Introduced with Intel's Skylake processors, SGX (Software Guard Extensions) allows developers to run selected application modules in a completely isolated secure region of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels like the operating system, kernel, BIOS, SMM, hypervisor, etc. However, a team of researchers, some of whom were behind the discovery of the Spectre-Meltdown CPU flaws , managed to bypass this protection and g

Microsoft has issued its second Patch Tuesday for this year to address a total of 77 CVE-listed security vulnerabilities in its Windows operating systems and other products, 20 of which are rated critical, 54 important and 3 moderate in severity. February security update addresses flaws in Adobe Flash Player, Internet Explorer, Edge, Windows, MS Office, and Office Services and Web Apps, ChakraCore, .NET Framework, Exchange Server, Visual Studio, Azure IoT SDK, Dynamics, Team Foundation Server, and Visual Studio Code. Four of the security vulnerabilities patched by the tech giant this month have been reported as being publicly known at the time of release, and one is being actively exploited in the wild. The vulnerability actively being exploited in the wild is rated as important and resides in the way Internet Explorer handles objects in the memory. An attacker can trick victims into landing on a specially crafted website and exploit this vulnerability, identified as CVE-201

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

A new security vulnerability has been discovered in the latest version of Apple's macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app. Discovered by application developer Jeff Johnson on February 8, the vulnerability is unpatched at the time of writing and impacts all version of macOS Mojave, including macOS Mojave 10.14.3 Supplemental update released on February 7. Certain folders in macOS Mojave have restricted access that is forbidden by default, like ~/Library/Safari, which can be accessed by only a few applications, such as Finder. However, Johnson discovered a way to bypass these restrictions in Mojave, allowing applications to access ~/Library/Safari without needing any permission from the user or the system, and read users' web browsing history. "My bypass works with the 'hardened runtime' enabled," Johnson said in a blog post published last week.

Welcome back! Adobe has today released its monthly security updates to address a total of 75 security vulnerabilities across its various products, 71 of which resides in Adobe Acrobat and Reader alone. February 2019 patch Tuesday updates address several critical and important vulnerabilities in Adobe Acrobat Reader DC, Adobe Coldfusion, Creative Cloud Desktop Application, and Adobe Flash Player for Windows, macOS, Linux, and Chrome OS. According to the advisory released today, 43 out of 71 vulnerabilities addressed by Adobe in Acrobat and Reader are rated as critical in severity, most of which could lead to arbitrary code execution in the context of the current user upon successful exploitation. The update also includes a permanent fix for a critical, publicly disclosed zero-day vulnerability (CVE 2019-7089) impacting Adobe Reader that could allow remote attackers to steal targeted Windows NTLM hash passwords just by tricking victims into opening a specially crafted PDF fi

Smart devices definitely make our lives easier, faster, and more efficient, but unfortunately, an insecure smart device can also ruin your day, or sometime could even turn into the worst nightmare of your life. If you are an electric scooter rider, you should be concerned about yourself. In a report shared with The Hacker News in advance, researchers from mobile security firm Zimperium said to have discovered an easy-to-execute but serious vulnerability in M365 Folding Electric Scooter by Xiaomi that could potentially putting riders life at risk. Xiaomi e-Scooter has a significant market share and is also being used by different brands with some modifications. Xiaomi M365 Electric Scooter comes with a mobile app that utilizes password-protected Bluetooth communication, allowing its riders to securely interact with their scooters remotely for multiple features like changing password, enabling the anti-theft system, cruise-control, eco mode, updating the scooter's firmwar

A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system. The vulnerability, identified as  CVE-2019-5736 , was discovered by open source security researchers Adam Iwaniuk and Borys Popławski and publicly disclosed by Aleksa Sarai, a senior software engineer and runC maintainer at SUSE Linux GmbH on Monday. The flaw resides in runC—a lightweight low-level command-line tool for spawning and running containers, an operating-system-level virtualization method for running multiple isolated systems on a host using a single kernel. Originally created by Docker, runC is the default container run-time for Docker, Kubernetes, ContainerD, CRI-O, and other container-dependent programs, and is widely being used by major cloud hosting and server providers. runC Containe