The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Cloud services have become increasingly important to many companies' daily operations, and the rapid adoption of web apps has allowed businesses to continue operating with limited productivity hiccups, even as global coronavirus restrictions have forced much of the world to work from home. But at the same time, even major corporations have fallen prey to hackers. How can you maintain the integrity of your IT resources and data while still taking advantage of the benefits of software as a service (SaaS)? While cybersecurity is a broad and complicated topic, let's consider a hypothetical SaaS scenario and examine some of the risks. Imagine that one of your employees is writing a sensitive report. It could have financial or medical data in it. It could have information on a revolutionary new design. Whatever it is, the report needs to be kept confidential. What would happen if your employee writes the report in Google Docs? Let's assume that this decision wasn&

As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on. In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700 malicious gems — packages written in Ruby programming language — that supply chain attackers were caught recently distributing through the RubyGems repository. The malicious campaign leveraged the typosquatting technique where attackers uploaded intentionally misspelled legitimate packages in hopes that unwitting developers will mistype the name and unintentionally install the malicious library instead. ReversingLabs said the typosquatted packages in question were uploaded to RubyGems between February 16 and February 25, and that most of them have been designed to secretly steal funds by r

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Revolutionary ideas in science, technology, engineering, and mathematics don't occur every day. But when those "eureka" moments happen, we need to provide a forum to explore those ideas, judge them on their merits, and distinguish the extraordinary from the merely good. Once a year, Nokia Bell Labs makes that forum a reality, where robust proposals that have the potential to revolutionize the future of human experience are presented and debated. If you think your idea could be one of them, the Nokia Bell Labs Prize is for you. Solving challenges that connect humans, systems, things, infrastructure, or processes, the 2020 Nokia Bell Labs Prize is an opportunity for innovators around the world to collaborate with world-renowned Nokia Bell Labs researchers and transform their ideas into prototypes of the future. What kind of ideas are we talking about? Big, bold, and bordering on audacious, they should have far-reaching, humanity-changing implications. Previous

The United States agencies today released a joint advisory warning the world about the 'significant cyber threat' posed by North Korean state-sponsored hackers to the global banking and financial institutions. Besides a summary of recent cyberattacks attributed to North Korean hackers, the advisory—issued by U.S. Departments of State, the Treasury, and Homeland Security, and the FBI—also contains a comprehensive guide intends to help the international community, industries, and other governments defend against North Korea's illicit activities. "In particular, the United States is deeply concerned about North Korea's malicious cyber activities, which the U.S. government refers to as HIDDEN COBRA. The DPRK has the capability to conduct disruptive or destructive cyber activities affecting U.S. critical infrastructure," the advisory says . "The DPRK also uses cyber capabilities to steal from financial institutions, and has demonstrated a pattern of d

Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies. The 49 browser add-ons, potentially the work of Russian threat actors, were identified  (find the list here) by researchers from MyCrypto and PhishFort. "Essentially, the extensions are phishing for secrets — mnemonic phrases , private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts." Although the offending extensions were removed within 24 hours after they were reported to Google, MyCrypto's analysis showed that they began to appear on the Web Store as early as February 2020, before ramping up in subsequent months. In addition, all the extensions functioned a

It's April 2020 Patch Tuesday , and during these challenging times of coronavirus pandemic, this month's patch management process would not go easy for many organizations where most of the resources are working remotely. Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 new security vulnerabilities, 17 of which are critical and 96 rated important in severity. Patches for 4 Zero-Days Exploited In the Wild Most importantly, two of the security flaws have been reported as being publicly known at the time of release, and the 3 are being actively exploited in the wild by hackers. One of the publicly disclosed flaws, which was also exploited as zero-day, resides in the Adobe Font Manager Library used by Windows, the existence of which Microsoft revealed last month within an early security warning for its millions of users. Tracked as CVE-2020-10

Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed ' SafeBIOS Events & Indicators of Attack ' (IoA), the new endpoint security software is a behavior-based threat detection system that alerts users when BIOS settings of their computers undergo some unusual changes. BIOS (Basic Input Output System) is a small but highly-privileged program that handles critical operations and starts your computer before handing it over to your operating system. Protecting the BIOS program is crucial because: Changes to the system BIOS settings could allow malicious software to run during the boot process, Once a hacker takes over the BIOS, he can stealthily control the targeted computer and gain access to the data stored on it, Malware in BIOS remains persistent and doesn't get away even when you format or