The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity. The July 2019 security updates include patches for various supported versions of Windows operating systems and other Microsoft products, including Internet Explorer, Edge, Office, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Exchange Server. Details of 6 security vulnerabilities, all rated important, were made public before a patch was released, none of which were found being exploited in the wild. However, two new privilege escalation vulnerabilities, one affects all supported versions of the Windows operating system, and the other affects Windows 7 and Server 2008, have been reported as being actively exploited in the wild. Both actively exploited vulnerabilities lead to elevation of privilege, one (CVE-2019-1132)

Lodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base. Lodash is a JavaScript library that contains tools to simplify programming with strings, numbers, arrays, functions, and objects, helping programmers write and maintain their JavaScript code more efficiently. Liran Tal, a developer advocate at open-source security platform Snyk, recently published details and proof-of-concept exploit of a high-severity prototype pollution security vulnerability that affects all versions of lodash, including the latest version 4.17.11. The vulnerability, assigned as CVE-2019-10744 , potentially affects a large number of frontend projects due to the popularity of lodash that is being downloaded at a rate of more than 80 million times per month. Prototype pollution is a vulnerability t

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Enterprises should expect to see more cyberattacks launched against them. The data that they now gather and store have made their infrastructures key targets for hackers. Customer data and intellectual property can be sold in the black market for profit, and sensitive information can also be used by hackers to extort them. Enterprises are now aggressively shifting their workloads to the cloud which, while it has many benefits, expands their defensive perimeter and exposes them to further risks as well. As such, organizations are now widely investing in various security solutions in order to comprehensively protect their networks. Gartner expects security spending to exceed $124 billion this year. Solutions such as firewalls and threat prevention tools have increasingly become essential for enterprises. Leading firewall provider Palo Alto Networks , for example, provides companies with various measures to protect their infrastructures. It's currently being used by tens

Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices. The security model of modern mobile operating systems, like Android and iOS, is primarily based on permissions that explicitly define which sensitive services, device capabilities, or user information an app can access, allowing users decide what apps can access. However, new findings by a team of researchers at the International Computer Science Institute in California revealed that mobile app developers are using shady techniques to harvest users' data even after they deny permissions. In their talk " 50 Ways to Pour Your Data " [ PDF ] at PrivacyCon hosted by the Federal Trade Commission last Thursday, researchers presented their findings that outline how more than 1,300 Android apps are collecting users' precise geolocation data and phone identifiers even when they've explicitly denied the required permi

More and more, organizations take the route of outsourcing incident response to Managed Security Service Providers. This trend is distinct regardless of the organization's cyber maturity level and can be found across a wide range of cyber maturity, from small companies with no dedicated security team to enterprises with a fully equipped SOC. The hands of the incident response service providers are extremely busy, and the need from their side to scale while maintaining top quality has never been greater. To address this need, Cynet offers IR service providers to collect data, analyze, investigate and remediate threats on their customers' environments with Cynet 360 platform for free, introducing unmatched speed and reliability into their operations. Any incident responder can now simply sign up to Cynet and immediately get free access to the platform. "Cynet tackles the incident response play at its most fundamental core – speed," said Eyal Gruner, co-fo

Security researchers at Microsoft have released details of a new widespread campaign distributing an infamous piece of fileless malware that was primarily being found targeting European and Brazilian users earlier this year. Dubbed Astaroth , the malware trojan has been making the rounds since at least 2017 and designed to steal users' sensitive information like their credentials, keystrokes, and other data, without dropping any executable file on the disk or installing any software on the victim's machine. Initially discovered by researchers at Cybereason in February this year, Astaroath lived off the land by running the payload directly into the memory of a targeted computer or by leveraging legitimate system tools, such as WMIC, Certutil, Bitsadmin, and Regsvr32, to run the malicious code. While reviewing the Windows telemetry data, Andrea Lelli, a researcher at Microsoft Defender ATP Research Team, recently spotted a sudden unusual spike in the usage of Managemen

If you use Zoom video conferencing software on your Mac computer—then beware—any website you're visiting in your web browser can turn on your device camera without your permission. Ironically, even if you had ever installed the Zoom client on your device and simply uninstalled it, a remote attacker can still activate your webcam. Zoom is one of the most popular cloud-based meeting platforms that provide video, audio, and screen sharing options to users, allowing them to host webinars, teach online courses, conduct online training, or join virtual meetings online. In a Medium post published today, cybersecurity researcher Jonathan Leitschuh disclosed details of an unpatched critical security vulnerability (CVE-2019-13450) in the Zoom client app for Apple Mac computers, which if combined with a separate flaw, could allow attackers to execute arbitrary code on the targeted systems remotely. Jonathan responsibly reported the security vulnerability to the affected company ov