The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Europol announced the shut down of two prolific dark web marketplaces— Wall Street Market and Silkkitie (also known as Valhalla)—in simultaneous global operations against underground websites for trading drugs, stolen credit card numbers, malicious software, and other illegal goods. Police in western Germany has also arrested three men who were allegedly running Wall Street Market, the world's second largest dark marketplace with more than a million users and 5,400 vendors. Besides this, the operation involving Europol , Dutch police and the FBI also led to the arrests of two major suppliers of narcotics via the Wall Street Market site in Los Angeles, the United States. According to the Europol, the police officers seized the computers used to run the illegal market place, along with more than €550 000 (£472,000 or $621,000) in cash, more than €1 Million in Bitcoin and Monero cryptocurrencies, expensive cars, and other evidence. In a press release published today, Eu

If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers . Dell SupportAssist , formerly known as Dell System Detect , checks the health of your computer system's hardware and software. The utility has been designed to interact with the Dell Support website and automatically detect Service Tag or Express Service Code of your Dell product, scan the existing device drivers and install missing or available driver updates, as well as perform hardware diagnostic tests. If you are wondering how it works, Dell SupportAssist in the background runs a web server locally on the user system, either on port 8884, 8883, 8886, or port 8885, and accepts various commands as URL parameters to perform some-predefined tasks on the computer, like collecting

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Google is giving you more control over how long you want the tech company to hold on to your location history and web activity data. Google has introduced a new, easier, privacy-focused auto-delete feature for your Google account that will allow you to automatically delete your Location History and Web and App Activity data after a set period of time. Google's Location History feature, if enabled, allows the company to track locations that you have visited, while Web and App Activity tracks websites you have visited and apps you have used. Until now, Google allowed you to either altogether disable the Location History and Web and App Activity feature or manually delete all or part of that data, providing no controls for regular deletion so that users can manage their data efficiently. However, an AP investigation last year revealed that even if you turn off the Location History feature in all your accounts, Google services on Android and iPhone devices continue to trac

WikiLeaks founder Julian Assange has been sentenced to 50 weeks—for almost a year—in prison by a London court for breaching his bail conditions in 2012 and taking refuge in the Ecuadorian embassy for nearly 7 years. The 47-year-old Assange was arrested last month by London's Metropolitan Police Service after the Ecuadorian government suddenly withdrew his political asylum . Within hours of his arrest, Assange was convicted at Westminster Magistrates' Court of skipping bail in June 2012 after an extradition order to Sweden over claims of sexual assault and rape allegations made by two women. Although Sweden dropped its preliminary investigation into the rape accusation against Julian Assange in 2017, Assange chose not to leave the Ecuadorian Embassy due to fears of extradition to the United States. In the Southwark Crown Court today Judge Deborah Taylor gave Assange a sentence close to the maximum of a year in custody, saying it was hard to "envisage a more ser

In recent years, we have seen how hackers prey on those too lazy or ignorant to install security patches, which, if applied on time, would have prevented some devastating cyber attacks and data breaches that happened in major organisations. The United States Department of Homeland Security (DHS) has ordered government agencies to more swiftly plug the critical security vulnerabilities found on their networks within 15 calendar days since the initial detection, a reduction from 30 days. DHS's Cybersecurity and Infrastructure Security Agency (CISA) this week issued a new Binding Operational Directive (BOD) 19-02 instructing federal agencies and departments to address "critical" rated vulnerabilities within 15 days and "high" severity flaws within 30 days of initial detection. The countdown to patch a security vulnerability will start when it was initially detected during CISA's weekly Cyber Hygiene vulnerability scanning, rather than it was the firs

Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware. As suspected, a recently-disclosed critical vulnerability in the widely used Oracle WebLogic Server has now been spotted actively being exploited to distribute a never-before-seen ransomware variant, which researchers dubbed " Sodinokibi ." Last weekend, The Hacker News learned about a critical deserialization remote code execution vulnerability in Oracle WebLogic Server that could allow attackers to remotely run arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorization. To address this vulnerability (CVE-2019-2725), which affected all versions of the Oracle WebLogic software and was given a severity score of 9.8 out of 10, Oracle rolled out an out-of-band security update on

A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft Outlook, Apple Mail with GPGTools, iOS Mail, GpgOL, KMail, Evolution, MailMate, Airmail, K-9 Mail, Roundcube and Mailpile. When you send a digitally signed email, it offers end-to-end authenticity and integrity of messages, ensuring recipients that the email has actually come from you. However, researchers tested 25 widely-used email clients for Windows, Linux, macOS, iOS, Android and Web and found that at least 14 of them were vulnerable to multiple types of practical attacks under five below-mentioned categories, making spoofed signatures indistinguishable from a valid one even by an attentive user. The research was conducted by a team of researchers from Ruhr University Bochum and