Lucene search
K

20785 matches found

The Hacker News
The Hacker News
added 2021/04/07 3:28 p.m.8 views

Android to Support Rust Programming Language to Prevent Memory Flaws

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project AOSP with Rust for the past 18 months...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 3:28 p.m.44 views

Android to Support Rust Programming Language to Prevent Memory Flaws

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project AOSP with Rust for the past 18 months...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 10:36 a.m.125 views

WhatsApp-based wormable Android malware spotted on the Google Play Store

Cybersecurity researchers have discovered yet another piece of wormable Android malware—but this time downloadable directly from the official Google Play Store—that's capable of propagating via WhatsApp messages. Disguised as a rogue Netflix app under the name of "FlixOnline," the malware comes...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 10:36 a.m.5 views

WhatsApp-based wormable Android malware spotted on the Google Play Store

Cybersecurity researchers have discovered yet another piece of wormable Android malware—but this time downloadable directly from the official Google Play Store—that's capable of propagating via WhatsApp messages. Disguised as a rogue Netflix app under the name of "FlixOnline," the malware comes...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 10:2 a.m.37 views

11 Useful Security Tips for Securing Your AWS Environment

Want to take advantage of excellent cloud services? Amazon Web Services may be the perfect solution, but don't forget about AWS security. Whether you want to use AWS for a few things or everything, you need to protect access to it. Then you can make sure your business can run smoothly. Read on to...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 10:2 a.m.3 views

11 Useful Security Tips for Securing Your AWS Environment

Want to take advantage of excellent cloud services? Amazon Web Services may be the perfect solution, but don't forget about AWS security. Whether you want to use AWS for a few things or everything, you need to protect access to it. Then you can make sure your business can run smoothly. Read on to...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 8:3 a.m.3 views

Critical Auth Bypass Bug Found in VMware Data Center Security Product

A critical vulnerability in the VMware Carbon Black Cloud Workload appliance could be exploited to bypass authentication and take control of vulnerable systems. Tracked as CVE-2021-21982, the flaw is rated 9.1 out of a maximum of 10 in the CVSS scoring system and affects all versions of the produ...

9.1CVSS7.6AI score0.01358EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 8:3 a.m.117 views

Critical Auth Bypass Bug Found in VMware Data Center Security Product

A critical vulnerability in the VMware Carbon Black Cloud Workload appliance could be exploited to bypass authentication and take control of vulnerable systems. Tracked as CVE-2021-21982, the flaw is rated 9.1 out of a maximum of 10 in the CVSS scoring system and affects all versions of the produ...

9.1CVSS1.1AI score0.78435EPSS
Exploits12
The Hacker News
The Hacker News
added 2021/04/07 7:16 a.m.4 views

Pre-Installed Malware Dropper Found On German Gigaset Android Phones

In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app. "The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui,...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 7:16 a.m.27 views

Pre-Installed Malware Dropper Found On German Gigaset Android Phones

In what appears to be a fresh twist in Android malware, users of Gigaset mobile devices are encountering unwanted apps that are being downloaded and installed through a pre-installed system update app. "The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui,...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 5:38 a.m.33 views

Experts uncover a new Banking Trojan targeting Latin American users

Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government. Dubbed "Janeleiro" by Slovak cybersecurity firm ESET, the...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/07 5:38 a.m.5 views

Experts uncover a new Banking Trojan targeting Latin American users

Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government. Dubbed "Janeleiro" by Slovak cybersecurity firm ESET, the...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/06 1:43 p.m.5 views

Watch Out! Mission Critical SAP Applications Are Under Active Attack

Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common securit...

10CVSS8AI score0.94719EPSS
Exploits6
The Hacker News
The Hacker News
added 2021/04/06 1:43 p.m.261 views

Watch Out! Mission Critical SAP Applications Are Under Active Attack

Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common securit...

10CVSS0.3AI score0.98376EPSS
Exploits23
The Hacker News
The Hacker News
added 2021/04/06 10:9 a.m.43 views

MITRE Madness: A Guide to Weathering the Upcoming Vendor Positioning Storm

April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/06 10:9 a.m.4 views

MITRE Madness: A Guide to Weathering the Upcoming Vendor Positioning Storm

April is usually a whirlwind month for the cybersecurity industry as it coincides with the release of the highly regarded and influential MITRE ATT&CK test results. The ATT&CK test measures cybersecurity platforms' abilities to detect and react to emulated, multistep attacks that can be used as a...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/06 7:47 a.m.47 views

Hackers From China Target Vietnamese Military and Government

A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. The attacks have been attributed with low confidence to the advanced persistent threat APT called Cycldek or Goblin Panda,...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/06 7:47 a.m.9 views

Hackers From China Target Vietnamese Military and Government

A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. The attacks have been attributed with low confidence to the advanced persistent threat APT called Cycldek or Goblin Panda,...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/06 7:4 a.m.44 views

Hackers Targeting professionals With 'more_eggs' Malware via LinkedIn Job Offers

A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called "moreeggs." To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/06 7:4 a.m.5 views

Hackers Targeting professionals With 'more_eggs' Malware via LinkedIn Job Offers

A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called "moreeggs." To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/05 2:21 p.m.5 views

How the Work-From-Home Shift Impacts SaaS Security

The data is in. According to IBM Security's 2020 Cost of a Data Breach Report, there is a 50% increase in cloud usage for enterprises across all industries. The number of threats targeting cloud services, predominantly collaboration services like Office 365, has increased 630%. Moreover, 75% of...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/05 2:21 p.m.49 views

How the Work-From-Home Shift Impacts SaaS Security

The data is in. According to IBM Security's 2020 Cost of a Data Breach Report, there is a 50% increase in cloud usage for enterprises across all industries. The number of threats targeting cloud services, predominantly collaboration services like Office 365, has increased 630%. Moreover, 75% of...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/04 9:55 a.m.97 views

533 Million Facebook Users' Phone Numbers and Personal Data Leaked Online

In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/04 9:55 a.m.3 views

533 Million Facebook Users' Phone Numbers and Personal Data Leaked Online

In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/03 6:49 a.m.108 views

How Cyrebro Can Unify Multiple Cybersecurity Defenses to Optimize Protection

Many enterprises rely on more than one security tool to protect their technology assets, devices, and networks. This is particularly true for organizations that use hybrid systems or a combination of cloud and local applications. Likewise, companies whose networks include a multitude of smartphon...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/03 6:49 a.m.7 views

How Cyrebro Can Unify Multiple Cybersecurity Defenses to Optimize Protection

Many enterprises rely on more than one security tool to protect their technology assets, devices, and networks. This is particularly true for organizations that use hybrid systems or a combination of cloud and local applications. Likewise, companies whose networks include a multitude of smartphon...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/03 6:41 a.m.72 views

Google limits which apps can access the list of installed apps on your device

Apps on Android have been able to infer the presence of specific apps, or even collect the full list of installed apps on the device. What's more, an app can also set to be notified when a new app is installed. Apart from all the usual concerns about misuse of such a data grab, the information ca...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/03 6:41 a.m.3 views

Google limits which apps can access the list of installed apps on your device

Apps on Android have been able to infer the presence of specific apps, or even collect the full list of installed apps on the device. What's more, an app can also set to be notified when a new app is installed. Apart from all the usual concerns about misuse of such a data grab, the information ca...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 12:34 p.m.39 views

DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

The U.S. Department of Justice DoJ on Wednesday said that an Israeli national pleaded guilty for his role as an "administrator" of a portal called DeepDotWeb DDW, a "news" website that "served as a gateway to numerous dark web marketplaces." According to the unsealed court documents, Tal Prihar,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 12:34 p.m.7 views

DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

The U.S. Department of Justice DoJ on Wednesday said that an Israeli national pleaded guilty for his role as an "administrator" of a portal called DeepDotWeb DDW, a "news" website that "served as a gateway to numerous dark web marketplaces." According to the unsealed court documents, Tal Prihar ,...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 10:15 a.m.8 views

22-Year-Old Charged With Hacking Water System and Endangering Lives

A 22-year-old man from the U.S. state of Kansas has been indicted on charges that he unauthorizedly accessed a public water facility's computer system, jeopardizing the residents' safety and health in the local community. Wyatt A. Travnichek, 22, of Ellsworth County, Kansas, has been charged with...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 10:15 a.m.59 views

22-Year-Old Charged With Hacking Water System and Endangering Lives

A 22-year-old man from the U.S. state of Kansas has been indicted on charges that he unauthorizedly accessed a public water facility's computer system, jeopardizing the residents' safety and health in the local community. Wyatt A. Travnichek, 22, of Ellsworth County, Kansas, has been charged with...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 9:49 a.m.49 views

How to Vaccinate Against the Poor Password Policy Pandemic

Data breaches remain a constant threat, and no industry or organization is immune from the risks. From Fortune 500 companies to startups, password-related breaches continue to spread seemingly unchecked. As a result of the volume of data breaches and cybersecurity incidents, hackers now have acce...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 9:49 a.m.4 views

How to Vaccinate Against the Poor Password Policy Pandemic

Data breaches remain a constant threat, and no industry or organization is immune from the risks. From Fortune 500 companies to startups, password-related breaches continue to spread seemingly unchecked. As a result of the volume of data breaches and cybersecurity incidents, hackers now have acce...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 8:19 a.m.51 views

Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence

A novel technique adopted by attackers finds ways to use Microsoft's Background Intelligent Transfer Service BITS so as to deploy malicious payloads on Windows machines stealthily. In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 8:19 a.m.5 views

Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence

A novel technique adopted by attackers finds ways to use Microsoft's Background Intelligent Transfer Service BITS so as to deploy malicious payloads on Windows machines stealthily. In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 6:58 a.m.52 views

Hackers Set Up a Fake Cybersecurity Firm to Target Security Experts

A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack. In an update shared on Wednesday, Google's Threat Analysis Group said the attackers behind the operation set up...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/01 6:58 a.m.3 views

Hackers Set Up a Fake Cybersecurity Firm to Target Security Experts

A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack. In an update shared on Wednesday, Google's Threat Analysis Group said the attackers behind the operation set up...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/31 1:2 p.m.45 views

Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What's Next

You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution. But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/31 1:2 p.m.4 views

Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What's Next

You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution. But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/31 8:42 a.m.58 views

Hackers are implanting multiple backdoors at industrial targets in Japan

Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attac...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/31 8:42 a.m.5 views

Hackers are implanting multiple backdoors at industrial targets in Japan

Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attac...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/30 6:21 a.m.51 views

MobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed

Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes TB of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month. The leaked data includes sensitive personal...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/30 6:21 a.m.6 views

MobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed

Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes TB of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month. The leaked data includes sensitive personal...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/29 3:28 p.m.4 views

Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks

As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units RTUs that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service. "Successful exploitation of these vulnerabilities...

9.8CVSS8AI score0.01142EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/03/29 3:28 p.m.43 views

Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks

As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units RTUs that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service. "Successful exploitation of these vulnerabilities...

0.01142EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/03/29 11:27 a.m.176 views

New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems

Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. Discovered by Piotr Krysi...

6CVSS0.7AI score0.00577EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/03/29 11:27 a.m.7 views

New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems

Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. Discovered by Piotr Krysi...

6CVSS7.2AI score0.00577EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/03/29 11:10 a.m.35 views

How to Effectively Prevent Email Spoofing Attacks in 2021?

Email spoofing is a growing problem for an organization's security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as "the forgery of an email address header to make the message appear as if it...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/29 11:10 a.m.5 views

How to Effectively Prevent Email Spoofing Attacks in 2021?

Email spoofing is a growing problem for an organization's security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as "the forgery of an email address header to make the message appear as if it...

5.8AI score
Exploits0
Total number of security vulnerabilities20785