Capital One Data Breach Affects 106 Million Customers; Hacker Arrested

Another week, another massive data breach. Capital One, the fifth-largest U.S. credit-card issuer and banking institution, has recently suffered a data breach exposing the personal information of more than 100 million credit card applicants in the United States and 6 million in Canada. The data...

Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs

A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page @hyp3rlinx, the vulnerability was reported ...

FBI Seizes 15 DDoS-For-Hire Websites, 3 Operators Charged

The FBI just saved the Christmas. The U.S. Justice Department announced earlier today that the FBI has seized domains of 15 "DDoS-for-hire" websites and charged three individuals running some of these services. DDoS-for-hire, or "Booter" or "Stresser," services rent out access to a network of...

Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach

British and Dutch data protection regulators Tuesday hit the ride-sharing company Uber with a total fine of $1,170,892 1.1 million for failing to protect its customers' personal information during a 2016 cyber attack involving millions of users. Late last year, Uber unveiled that the company had...

WhatsApp Flaw Lets Users Modify Group Chats to Spread Fake News

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations. Discovered by security researchers at...

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily...

Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware

Two of the zero-day Windows flaws rectified by Microsoft as part of its Patch Tuesday update earlier this week were weaponized by an Israel-based company called Candiru in a series of "precision attacks" to hack more than 100 journalists, academics, activists, and political dissidents globally. T...

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems CMS. The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for...

Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!

Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website. Why the urgency? Mozilla earlier today released Firefox...

Android's Built-in Security Key Now Works With iOS Devices For Secure Login

In April this year, a software update from Google overnight turned all Android phones, running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification. The feature made it possible for users to confirm their identity when logging...

Google Stored G Suite Users' Passwords in Plain-Text for 14 Years

After Facebook and Twitter, Google becomes the latest technology giant to have accidentally stored its users' passwords unprotected in plaintext on its servers—meaning any Google employee who has access to the servers could have read them. In a blog post published Tuesday, Google revealed that it...

Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year

The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with. A bug in Twitter's API inadvertently exposed some users' direct messages DMs and protected tweets to unauthorized third-party app developers who weren't supposed to get...

Imperva Breach Exposes WAF Customers' Data, Including SSL Certs, API Keys

Imperva, one of the leading cybersecurity startups that helps businesses protect critical data and applications from cyberattacks, has suffered a data breach that has exposed sensitive information for some of its customers, the company revealed today. The security breach particularly affects...

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

A new variant of the Spectre Variant 1 side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerabili...

Phone-Cracking Firm Found a Way to Unlock Any iPhone Model

Remember the infamous encryption fight between Apple and the FBI for unlocking an iPhone belonging to a terrorist behind the San Bernardino mass shooting that took place two years ago? After Apple refused to help the feds access data on the locked iPhone, the FBI eventually paid over a million...

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Cybersecurity researchers have developed a proof-of-concept PoC code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning ERP system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 CVSS score: 9.8, a...

Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware

The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure and healthcare...

Fake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to Malware

In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept PoC has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method. "In this instance, the PoC is a wolf in sheep's clothing, harboring malicious intent under t...

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914 CVSS score: 9.8 - Teclib GLPI Remote Code Execution...

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a previously undocumented custom malware dubbed Drokbk that uses GitHub as a dead drop resolver to exfiltrate data from an infected computer, or to receive commands. "The use of GitHub as a virtual...

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. Dubbed ÆPIC Leak, the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner...

New Chrome Browser 0-day Under Active Attack—Update Immediately!

Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild. The company released 88.0.4324.150 for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw CVE-2021-21148 in its V8 JavaScript rendering engine...

In the Wake of the SolarWinds Hack, Here's How Businesses Should Respond

Throughout 2020, businesses, in general, have had their hands full with IT challenges. They had to rush to accommodate a sudden shift to remote work. Then they had to navigate a rapid adoption of automation technologies. And as the year came to a close, more businesses began trying to assemble th...

Google's New Tool Alerts When You Use Compromised Credentials On Any Site

With so many data breaches happening almost every week, it has become difficult for users to know if their credentials are already in possession of hackers or being circulated freely across the Internet. Thankfully, Google has a solution. Today, February 5, on Safer Internet Day, Google launches ...

FBI Shuts Down Multimillion Dollar – 3ve – Ad Fraud Operation

Google, the FBI, ad-fraud fighting company WhiteOps and a collection of cyber security companies worked together to shut down one of the largest and most sophisticated digital ad-fraud schemes that infected over 1.7 million computers to generate fake clicks used to defraud online advertisers for...

Terminator RAT became more sophisticated in recent APT attacks

None...

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers

A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 CVSS score: 7.5, the vulnerability has been described as a case of information disclosure that affects UR5X,...

CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on February 2 added two security flaws to its Known Exploited Vulnerabilities KEV Catalog, citing evidence of active exploitation. The first of the two vulnerabilities is CVE-2022-21587 CVSS score: 9.8, a critical issue impacting...

Magento Update Released to Fix Critical Flaws Affecting E-Commerce Sites

Adobe on Tuesday shipped security updates to remediate multiple critical vulnerabilities in its Magento e-commerce platform that could be abused by an attacker to execute arbitrary code and take control of a vulnerable system. The issues affect 2.3.7, 2.4.2-p1, 2.4.2, and earlier versions of...

Apple‌ Issues Patches to Combat Ongoing 0-Day Attacks on macOS, tvOS

Apple on Monday rolled out security updates for iOS, macOS, tvOS, watchOS, and Safari web browser to fix multiple vulnerabilities, including an actively exploited zero-day flaw in macOS Big Sur and expand patches for two previously disclosed zero-day flaws. Tracked as CVE-2021-30713, the zero-day...

OpenSSL Releases Patches for 2 High-Severity Security Vulnerabilities

The maintainers of OpenSSL have released a fix for two high-severity security flaws in its software that could be exploited to carry out denial-of-service DoS attacks and bypass certificate verification. Tracked as CVE-2021-3449 and CVE-2021-3450, both the vulnerabilities have been resolved in an...

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website. The flaw was discovered on July 9 by security researcher Sreer...

Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed "AIR-FI," the attack hing...

Hackers Target Defense Contractors' Employees By Posing as Recruiters

The United States Cybersecurity and Infrastructure Security Agency CISA has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies. Dubbed 'BLINDINGCAN,' the advanced remot...

Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a...

Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts

If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach Microsoft's customer support portal an...

Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly

Exclusive — A security researcher today publicly disclosed details and proof-of-concept exploits for two 'unpatched' zero-day vulnerabilities in Microsoft's web browsers after the company allegedly failed to respond to his responsible private disclosure. Both unpatched vulnerabilities—one of whic...

How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link

It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery CSRF vulnerability in the most popular social media platform that could have...

16-Year-Old Teen Hacked Apple Servers, Stole 90GB of Secure Files

Well, there's something quite embarrassing for Apple fans. Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible. The teenager from Melbourne, Australia, managed to break into Apple servers and downloaded some 90GB of secure...

Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution RCE vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. The high-severity flaw, tracked as CVE-2023-0669 CVSS score: 7.2, concerns a...

12-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access

A 12-year-old security vulnerability has been disclosed in a system utility called Polkit that grants attackers root privileges on Linux systems, even as a proof-of-concept PoC exploit has emerged in the wild merely hours after technical details of the bug became public. Dubbed "PwnKit" by...

Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The...

Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD

OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework. The other three vulnerabilities are privilege escalatio...

Dell Resets All Customers' Passwords After Potential Security Breach

Multinational computer technology company Dell disclosed Wednesday that its online electronics marketplace experienced a "cybersecurity incident" earlier this month when an unknown group of hackers infiltrated its internal network. On November 9, Dell detected and disrupted unauthorized activity ...

Buggy Microsoft Outlook Sending Encrypted S/MIME Emails With Plaintext Copy For Months

Beware, If you are using S/MIME protocol over Microsoft Outlook to encrypt your email communication, you need to watch out. From at least last 6 months, your messages were being sent in both encrypted and unencrypted forms, exposing all your secret and sensitive communications to potential...

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years. The effort, codenamed Operation SpecTor, also saw the...

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple intrusions orchestrated by the...

Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits

A cyber mercenary that "ostensibly sells general security and information analysis services to commercial customers" used several Windows and Adobe zero-day exploits in limited and highly-targeted attacks against European and Central American entities. The company, which Microsoft describes as a...

New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites

Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security TLS servers to redirect HTTPS traffic from a victim's web browser to a different TLS service endpoint located on another IP address to steal sensitive information. The attacks have been...

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC formerly Citrix ADC and NetScaler Gateway formerly Citrix Gateway that are being actively exploited in the wild. The flaws are listed below - CVE-2023-6548 CVSS score: 5.5 - Authenticated low privileged remote code...