The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

If you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability. Maintainers of the vBulletin project recently announced an important patch update but didn't reveal any information on the underlying security vulnerability, identified as CVE-2020-12720 . Written in PHP programming language, vBulletin is a widely used Internet forum software that powers over 100,000 websites on the Internet, including forums for some Fortune 500 and many other top companies. Considering that the popular forum software is also one of the favorite targets for hackers, holding back details of the flaw could, of course, help many websites apply patches before hackers can exploit them to compromise sites, servers, and their user databases. However, just like previous times, researchers and hackers have already started reverse-engineering the software patch to locate and understan

A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports. Collectively dubbed 'ThunderSpy,' the vulnerabilities can be exploited in 9 realistic evil-maid attack scenarios, primarily to steal data or read/write all of the system memory of a locked or sleeping computer—even when drives are protected with full disk encryption. In a nutshell, if you think someone with a few minutes of physical access to your computer—regardless of the location—can cause any form of significant harm to you, you're at risk for an evil maid attack. According to Björn Ruytenberg of the Eindhoven University of Technology, the ThunderSpy attack "may require opening a target laptop's case with a screwdriver, [but] it leaves no trace of intrusion and can be pulled off in just a few minutes." In other words, the flaw is not li

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties. Though the hosting company has not yet publicly released a statement, it did has started warning affected customers of the scope of the breach via an email. According to the breach notification email that affected customers [ 1 , 2 ] received, the data leak happened due to negligence where DigitalOcean 'unintentionally' left an internal document accessible to the Internet without requiring any password. "This document contained your email address and/or account name (the name you gave your account at sign-up) as well as some data about your account that may have included Droplet count, bandwidth usage, some support or sales communications notes, and the amount you paid during 2018," the company said in the warning email as shown below. Upon discovery, a qui

An advanced group of Chinese hackers has recently been spotted to be behind a sustained cyber espionage campaign targeting government entities in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar, and Brunei—which went undetected for at least five years and is still an ongoing threat. The group, named 'Naikon APT,' once known as one of the most active APTs in Asia until 2015, carried out a string of cyberattacks in the Asia-Pacific (APAC) region in search of geopolitical intelligence. According to the latest investigation report Check Point researchers shared with The Hacker News, the Naikon APT group had not gone silent for the last 5 years, as initially suspected; instead, it was using a new backdoor, called " Aria-body ," to operate stealthily. "Given the characteristics of the victims and capabilities presented by the group, it is evident that the group's purpose is to gather intelligence and spy on the countries whose governments it

More than six years after Facebook launched its ambitious Free Basics program to bring the Internet to the masses, the social network is back at it again with a new zero-rating initiative called Discover . The service, available as a mobile web and Android app, allows users to browse the Internet using free daily data caps. Facebook Discover is currently being tested in Peru in partnership with local telecom companies such as Bitel, Claro, Entel, and Movistar. Unlike the regular rich-content browsing, Facebook's latest connectivity project only provides low-bandwidth text-only based browsing, meaning other forms of data-intensive content such as audio and video are not supported. Another key differentiator is that it treats all websites equally, whereas users of Free Basics are limited to a handful of sites that are submitted by developers and meet technical criteria set by Facebook. The move, ultimately, drew criticism for violating principles of net neutrality ,

The Coronavirus crisis introduces critical operational challenges to business continuity, placing high stress on organizations' management. As a result, CIOs and CISOs face a double challenge on the cyber risk front – apart from the new risks that the mass transfer of employees working remotely brings, capturing the management mindshare for further investments in security becomes harder than ever. The Definitive Corona Cyber Security for Management PPT template provides security executives with an easy and intuitive tool to present management their existing security posture and translate it to tangible business risk, as well as making the case on how to address gaps if such exist. From the CISO perspective, it's hard to understand what there is to explain – working remotely equals a mass increase in remote credential theft attempts. Monitoring for malicious remote connection to critical resources becomes extremely hard, if not impossible. Employees working from p

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform. The security advisory—about which The Hacker News learned from Dimitri van de Giessen , an ethical hacker and system engineer—is scheduled to be available publicly later today on the Citrix website . Citrix ShareFile is an enterprise-level file sharing solution for businesses using which employees can securely exchange proprietary and sensitive business data with each other. The software offers an on-premises secure cloud environment for data storage with auditing capabilities and regulatory compliance controls. For example, a company can remotely lock or wipe data from potentially compromised mobile devices, or they're when lost or stolen. The newly identified security issues ( CTX-CVE-2020-7473 ) specifically affect customer-managed o

If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities. The smartphone maker has begun rolling out an update to its Mi Browser/Mi Browser Pro (v12.1.4) and Mint Browser (v3.4.3) after concerns were raised over its practice of transmitting web browsing histories and device metadata to the company servers. The new privacy setting now allows Mi Browser users to disable aggregated data collection feature while in Incognito Mode, but it bears noting that it's not enabled by default. The option can be accessed by tapping the settings icon in the browser > Incognito mode settings > and then disable 'Enhanced incognito mode,' as shown in an attached screenshot below. Mint Browser and Mi Browser Pro have been downloaded more than 15 million times from Google Play to date. The devel