The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

If you are using LibreOffice, you need to update it once again. LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. LibreOffice is one of the most popular and open source alternatives to Microsoft Office suite and is available for Windows, Linux and macOS systems. One of the two vulnerabilities, tracked as CVE-2019-9848 , that LibreOffice attempted to patch just last month was a code execution flaw that affected LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice. This flaw allows an attacker to craft a malicious document that can silently execute arbitrary python commands without displaying any warning to a targeted user. Apparently, the patch for this vulnerability was insufficient, as The Hacker News also reported late last month , which allowed two separate secu

In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers' credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation. The media has also reported several recent crimes surrounding credit card skimmers, including: Gas pump skimmer found at a 7-Eleven in Pinellas County Credit card skimmer found at West Palm Beach gas station Credit Card Skimmer Found at Gas Station in Sunnyvale Several Gas Pump Credit Card Skimmers Found at Bay Area Stations Gas pump credit card skimmers found at Boerne stations Credit card skimmers target Anthem Circle K For those unaware, Bluetooth credit card skimmer is a tiny sneaky device designed to stealthily capture payment card information, like credit card holder's card number, expiration date and the full name, which nearby thieves then retrieve wirelessly over a Bluetooth connection. Since these devices have been des

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

In this digital era, the success of almost every marketing, advertising, and analytics company drives through tracking users across the Internet to identify them and learn their interests to provide targeted ads. Most of these solutions rely on 3rd-party cookies, a cookie set on a domain other than the one you are browsing, which allows companies including Google and Facebook to fingerprint you in order to track your every move across multiple sites. However, if you're using Kaspersky Antivirus, a vulnerability in the security software had exposed a unique identifier associated with you to every website you visited in the past 4 years, which might have allowed those sites and other third-party services to track you across the web even if you have blocked or erased third-party cookies timely. The vulnerability, identified as CVE-2019-8286 and discovered by independent security researcher Ronald Eikenberg, resides in the way a URL scanning module integrated into the antivir

Over a billion Bluetooth-enabled devices, including smartphones, laptops, smart IoT devices, and industrial devices, have been found vulnerable to a high severity vulnerability that could allow attackers to spy on data transmitted between the two devices. The vulnerability, assigned as CVE-2019-9506 , resides in the way 'encryption key negotiation protocol' lets two Bluetooth BR/EDR devices choose an entropy value for encryption keys while pairing to secure their connection. Referred to as the Key Negotiation of Bluetooth ( KNOB ) attack, the vulnerability could allow remote attackers in close proximity to targeted devices to intercept, monitor, or manipulate encrypted Bluetooth traffic between two paired devices. The Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate, also known as "Bluetooth Classic") is a wireless technology standard that has typically been designed for relatively short-range, continuous wireless connection such as streaming audio to headsets

Various implementations of HTTP/2 , the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft's IIS, and NGINX. Launched in May 2015, HTTP/2 has been designed for better security and improved online experience by speeding up page loads. Today, over hundreds of millions of websites, or some 40 percent of all the sites on the Internet, are running using HTTP/2 protocol. A total of eight high-severity HTTP/2 vulnerabilities , seven discovered by Jonathan Looney of Netflix and one by Piotr Sikora of Google, exist due to resource exhaustion when handling malicious input, allowing a client to overload server's queue management code. The vulnerabilities can be exploited to launch Denial of Service (DoS) attacks against millions of online services and websites that are running on a web server with the vulnerable implementation of HTTP/2 , knocking

If you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to the recently patched ' BlueKeep ' RDP vulnerability. Discovered by Microsoft's security team itself, all four vulnerabilities, CVE-2019-1181 , CVE-2019-1182 , CVE-2019-1222 , and CVE-2019-1226 , can be exploited by unauthenticated, remote attackers to take control of an affected computer system without requiring any user interaction. Just like BlueKeep RDP flaw , all four newly discovered vulnerabilities are also wormable and could be exploited by potential malware to propagate itself from one vulnerable computer to another automatically. "An attacker can get code execution at the system level by sending a specially crafted pre-authentication RDP packet to an affected RD

Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162 , by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. The vulnerability resides in the way MSCTF clients and server communicate with each other, allowing even a low privileged or a sandboxed application to read and write data to a higher privileged application. MSCTF is a module in Text Services Framework (TSF) of the Windows operating system that manages things like input methods, keyboard layouts, text processing, and speech recognition. In a nutshell, when you log in to your Windows machine, it starts a CTF monitor service that works as a central manager to handle communications between all c

After a few popular Android Trojans like  Anubis ,  Red Alert 2.0 ,  GM bot , and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses. Dubbed " Cerberus ," the new remote access Trojan allows remote attackers to take total control over the infected Android devices and also comes with banking Trojan capabilities like the use of overlay attacks, SMS control, and contact list harvesting. According to the author of this malware, who is surprisingly social on Twitter and mocks security researchers and antivirus industry openly, Cerberus has been coded from scratch and doesn't re-use any code from other existing banking Trojans. The author also claimed to be using the Trojan for private operations for at least two years before renting it out for anyone interested from the past two months at $2000 for 1 month usage, $7000 for 6 months and

WAF (Web Application Firewall) has been the first line of defence when it comes to application security for a while now. Many organizations have adopted WAF in one form or the other and most cases, compliance has been the driver for adoption. But unfortunately, when it comes to the efficacy of WAF in thwarting attacks, it has not lived up to the expectations. In most organizations, WAF has always remained in log mode with a little process to monitor and react, rendering the solution ineffective. The major challenge with effective deployment of WAF is: Applications are unique, and there is no silver bullet set of rules that will protect them all, Most WAF's do not try to understand the risk profile of the application; they end up providing common out of box vanilla rules that seldom works. Each application has its own intricacies and the out of the box rules that many WAF vendors provide create a lot of FPs (False Positives) or FNs (False Negatives), For proper implement

Epic Games, the creator of the popular 'Fortnite' video game, is facing a class-action lawsuit from gamers over hacked Fortnite accounts, accusing the company of failing to maintain adequate security measures and notify users of the security breach in a timely manner. The lawsuit, filed by 'Franklin D. Azar and Associates' in the United States District Court in North Carolina on behalf of over 100 affected users, claims that "affected Fortnite users have suffered an ascertainable loss in that they have had fraudulent charges made to their credit or debit cards." According to the lawsuit, Epic Games acknowledged a vulnerability in its system that allowed hackers to unauthorizedly access players' account and purchase in-game currency using their saved credit or debit cards. Apparently, the law firm is trying to connect two separate reports—first, a responsible vulnerability disclosure in Fortnite system and second, multiple password reuse and phish

If you're using Chrome on Android, you can now sign-in to your Google account and some of the other Google services by simply using your fingerprint, instead of typing in your password every time. Google is rolling out a new feature, called " local user verification ," that allows you to log in to both native applications and web services by registering your fingerprint or any other method you've set up to unlock your Android device, including pins, pattern or password. The newly introduced mechanism, which has also been named "verify it's you," takes advantage of Android's built-in FIDO2 certified security key feature that Google rolled out earlier this year to all devices running Android version 7.0 Nougat or later. Besides FIDO2 protocol, the feature also relies on W3C WebAuthn (Web Authentication API) and FIDO Client to Authenticator Protocol (CTAP), which are designed to provide simpler and more secure authentication mechanism that sit

With the migration of governments and enterprises towards controller-based architectures, the role of a core network engineer has become more important than ever. Today, majority of interconnected wide area networks (WANs) and local area networks (LANs) in the world run on Cisco routers and other Cisco networking equipment, and therefore most organizations need network engineers to maintain and program these networks. So, if you are looking forward to making career advancement in networking, then Cisco's CCNA and CCNP certifications are one of the most highly reputed entry-level networking certifications in the industry. While CCNA, or Cisco Certified Network Associate, is for entry-level network engineers to maximize their foundational networking knowledge, CCNP or Cisco Certified Network Professional is intended for professionals to implement, maintain and plan Cisco's wide range of high-end network solution products. But how long have you wanted to take CCNA and

The threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage until victims pay a ransom. Yes, you heard me right. Security researcher Eyal Itkin discovered several security vulnerabilities in the firmware of Canon cameras that can be exploited over both USB and WiFi, allowing attackers to compromise and take over the camera and its features. According to a security advisory  released  by Canon, the reported security flaws affect Canon EOS-series digital SLR and mirrorless cameras, PowerShot SX740 HS, PowerShot SX70 HS, and PowerShot G5X Mark II. "Imagine how would you respond if attackers inject ransomware into both your computer and the c

If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you're probably screwed. A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to gain most privileged permission on the system and hide malware in a way that remains undetected over time, sometimes for years. For sophisticated attackers, maintaining persistence after compromising a system is one of the most important tasks, and to achieve this, existing hardware vulnerabilities sometimes play an important role. One such component is a device driver, commonly known as a driver or hardware driver, a software program that controls a particular type of hardware device, helping it to communicate with the computer's operating system properly. Since device drivers sit between the hardware and the operating system itself and in

Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday. One of the most attractive updates is… Apple has enormously increased the maximum reward for its bug bounty program from $200,000 to $1 million—that's by far the biggest bug bounty offered by any major tech company for reporting vulnerabilities in its products. The $1 million payouts will be rewarded for a severe deadly exploit—a zero-click kernel code execution vulnerability that enables complete, persistent control of a device's kernel. Less severe exploits will qualify for smaller payouts. What's more? From now onwards, Apple's bug bounty program is not just applicable for finding security vulnerabilities in the iOS mobile operating system, but also covers all of its operating systems, including macOS , watchOS, tvOS, iPadOS, and iCloud. Since its inception around three years ago, Apple