Lucene search
K

20793 matches found

The Hacker News
The Hacker News
added 2021/01/18 6:42 a.m.66 views

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security

Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called "ContentFilterExclusionList," it included a list of as many as 50 Apple apps like iCloud, Maps, Music,...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/18 6:42 a.m.7 views

Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security

Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called "ContentFilterExclusionList," it included a list of as many as 50 Apple apps like iCloud, Maps, Music,...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 12:28 p.m.4 views

WhatsApp Delays Controversial 'Data-Sharing' Privacy Policy Update By 3 Months

WhatsApp said on Friday that it wouldn't enforce its recently announced controversial data sharing policy update until May 15. Originally set to go into effect next month on February 8, the three-month delay comes following "a lot of misinformation" about a revision to its privacy policy that...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 12:28 p.m.66 views

WhatsApp Delays Controversial 'Data-Sharing' Privacy Policy Update By 3 Months

WhatsApp said on Friday that it wouldn't enforce its recently announced controversial data sharing policy update until May 15. Originally set to go into effect next month on February 8, the three-month delay comes following "a lot of misinformation" about a revision to its privacy policy that...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 7:30 a.m.56 views

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers

The U.S. National Security Agency NSA on Friday said DNS over HTTPS DoH — if configured appropriately in enterprise environments — can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used by threat actors. "DNS over Hypertext Transfer Protocol over Transpo...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 7:30 a.m.3 views

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers

The U.S. National Security Agency NSA on Friday said DNS over HTTPS DoH — if configured appropriately in enterprise environments — can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used by threat actors. "DNS over Hypertext Transfer Protocol over Transpo...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 5:35 a.m.4 views

Joker's Stash, The Largest Carding Marketplace, Announces Shutdown

Joker's Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021. In a message board post on a Russian-language underground cybercrime forum, the operator of the site — who goes by the name...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/16 5:35 a.m.80 views

Joker's Stash, The Largest Carding Marketplace, Announces Shutdown

Joker's Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021. In a message board post on a Russian-language underground cybercrime forum, the operator of the site — who goes by the name...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/15 11:31 a.m.71 views

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti or APT41, Positive Technologies dated the first...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/15 11:31 a.m.11 views

Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks

Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti or APT41, Positive Technologies dated the first...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/14 9:10 a.m.59 views

Experts Uncover Malware Attacks Against Colombian Government and Companies

Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubb...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/14 9:10 a.m.7 views

Experts Uncover Malware Attacks Against Colombian Government and Companies

Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubb...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 10:7 a.m.5 views

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips

Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker's newly announced 11th generation Core vPro business-class processors. The hardware-based security enhancements are baked into Intel's vPro platform via its Hardware Shield and Threat Detection Technology TDT...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 10:7 a.m.129 views

Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips

Intel and Cybereason have partnered to build anti-ransomware defenses into the chipmaker's newly announced 11th generation Core vPro business-class processors. The hardware-based security enhancements are baked into Intel's vPro platform via its Hardware Shield and Threat Detection Technology TDT...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 8:37 a.m.5 views

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team

Ensuring the cybersecurity of your internal environment when you have a small security team is challenging. If you want to maintain the highest security level with a small team, your strategy has to be 'do more with less,' and with the right technology, you can leverage your team and protect your...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 8:37 a.m.31 views

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team

Ensuring the cybersecurity of your internal environment when you have a small security team is challenging. If you want to maintain the highest security level with a small team, your strategy has to be 'do more with less,' and with the right technology, you can leverage your team and protect your...

Exploits0
The Hacker News
The Hacker News
added 2021/01/13 7:34 a.m.41 views

Authorities Take Down World's Largest Illegal Dark Web Marketplace

Europol on Tuesday said it shut down DarkMarket, the world's largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.'s National Crime Agency NCA, and the U.S. Federal Bureau of Investigation FBI. At the...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 7:34 a.m.3 views

Authorities Take Down World's Largest Illegal Dark Web Marketplace

Europol on Tuesday said it shut down DarkMarket, the world's largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.'s National Crime Agency NCA, and the U.S. Federal Bureau of Investigation FBI. At the...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 5:59 a.m.4 views

Hackers Steal Mimecast Certificate Used to Securely Connect with Microsoft 365

Mimecast said on Tuesday that "a sophisticated threat actor" had compromised a digital certificate it provided to certain customers to securely connect its products to Microsoft 365 M365 Exchange. The discovery was made after the breach was notified by Microsoft, the London-based company said in ...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 5:59 a.m.217 views

Hackers Steal Mimecast Certificate Used to Securely Connect with Microsoft 365

Mimecast said on Tuesday that "a sophisticated threat actor" had compromised a digital certificate it provided to certain customers to securely connect its products to Microsoft 365 M365 Exchange. The discovery was made after the breach was notified by Microsoft, the London-based company said in ...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 5:1 a.m.5 views

Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws

For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability. The latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and...

7.8CVSS7.8AI score0.39653EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/01/13 5:1 a.m.90 views

Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws

For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability. The latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and...

8.8CVSS8.9AI score0.39653EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 2:9 p.m.27 views

Warning — 5 New Trojanized Android Apps Spying On Users In Pakistan

Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Portal, a Muslim prayer-clock app...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 2:9 p.m.4 views

Warning — 5 New Trojanized Android Apps Spying On Users In Pakistan

Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Porta l, a Muslim prayer-clock ap...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 11:7 a.m.31 views

Experts Sound Alarm On New Android Malware Sold On Hacking Forums

Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan RAT capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook,...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 11:7 a.m.4 views

Experts Sound Alarm On New Android Malware Sold On Hacking Forums

Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan RAT capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook,...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 5:29 a.m.5 views

Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor

As the investigation into the SolarWinds supply-chain attack continues, cybersecurity researchers have disclosed a third malware strain that was deployed into the build environment to inject the backdoor into the company's Orion network monitoring platform. Called "Sunspot," the malignant tool ad...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/12 5:29 a.m.45 views

Unveiled: SUNSPOT Malware Was Used to Inject SolarWinds Backdoor

As the investigation into the SolarWinds supply-chain attack continues, cybersecurity researchers have disclosed a third malware strain that was deployed into the build environment to inject the backdoor into the company's Orion network monitoring platform. Called "Sunspot," the malignant tool ad...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/11 1:22 p.m.41 views

Researchers Find Links Between Sunburst and Russian Kazuar Malware

Cybersecurity researchers, for the first time, may have found a potential connection between the backdoor used in the SolarWinds hack to a previously known malware strain. In new research published by Kaspersky researchers today, the cybersecurity firm said it discovered several features that...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/11 1:22 p.m.5 views

Researchers Find Links Between Sunburst and Russian Kazuar Malware

Cybersecurity researchers, for the first time, may have found a potential connection between the backdoor used in the SolarWinds hack to a previously known malware strain. In new research published by Kaspersky researchers today, the cybersecurity firm said it discovered several features that...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/11 7:11 a.m.45 views

Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/11 7:11 a.m.6 views

Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/08 4:56 p.m.6 views

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication 2FA device can clone it...

4.2CVSS6.1AI score0.00196EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/01/08 4:56 p.m.105 views

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication 2FA device can clone it...

4.2CVSS0.5AI score0.00196EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/01/08 9:54 a.m.37 views

ALERT: North Korean hackers targeting South Korea with RokRat Trojan

A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 aka Starcruft, Ricochet Chollima, or Reaper, Malwarebytes said it identified a malicious document last December that, whe...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/08 9:54 a.m.5 views

ALERT: North Korean hackers targeting South Korea with RokRat Trojan

A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 aka Starcruft, Ricochet Chollima, or Reaper, Malwarebytes said it identified a malicious document last December that, whe...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/07 10:23 a.m.5 views

How Does Your AD Password Policy Compare to NIST's Password Recommendations?

End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts. They may also choose relatively weak passwords that satisfy company password policies but can be easily guessed or brute-forced. Your user...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/07 10:23 a.m.45 views

How Does Your AD Password Policy Compare to NIST's Password Recommendations?

End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts. They may also choose relatively weak passwords that satisfy company password policies but can be easily guessed or brute-forced. Your user...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/07 7:32 a.m.47 views

SolarWinds Hackers Also Accessed U.S. Justice Department's Email Server

The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer OCIO learned of...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/07 7:32 a.m.6 views

SolarWinds Hackers Also Accessed U.S. Justice Department's Email Server

The U.S. Department of Justice on Wednesday became the latest government agency in the country to admit its internal network was compromised as part of the SolarWinds supply chain attack. "On December 24, 2020, the Department of Justice's Office of the Chief Information Officer OCIO learned of...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 2:0 p.m.46 views

Hackers Using Fake Trump's Scandal Video to Spread QNode Malware

Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan RAT by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line "GOOD LOAN OFFER!!," come attached with a Java archive JAR file...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 2:0 p.m.4 views

Hackers Using Fake Trump's Scandal Video to Spread QNode Malware

Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan RAT by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line "GOOD LOAN OFFER!!," come attached with a Java archive JAR file...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 8:57 a.m.49 views

WhatsApp Will Disable Your Account If You Don't Agree Sharing Data With Facebook

"Respect for your privacy is coded into our DNA," opens WhatsApp's privacy policy. "Since we started WhatsApp, we've aspired to build our Services with a set of strong privacy principles in mind." But come February 8, 2021, this opening statement will no longer find a place in the policy. The...

Exploits0
The Hacker News
The Hacker News
added 2021/01/06 8:57 a.m.4 views

WhatsApp Will Disable Your Account If You Don't Agree Sharing Data With Facebook

"Respect for your privacy is coded into our DNA," opens WhatsApp's privacy policy. "Since we started WhatsApp, we've aspired to build our Services with a set of strong privacy principles in mind." But come February 8, 2021, this opening statement will no longer find a place in the policy. The...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 7:9 a.m.51 views

FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack

The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. "This work indicates that an Advanced Persistent Threat APT actor, likely Russian in origin, is responsible for most ...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 7:9 a.m.4 views

FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack

The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. "This work indicates that an Advanced Persistent Threat APT actor, likely Russian in origin, is responsible for most ...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/05 3:7 p.m.5 views

Warning: Cross-Platform ElectroRAT Malware Targeting Cryptocurrency Users

Cybersecurity researchers today revealed a wide-ranging scam targeting cryptocurrency users that began as early as January last year to distribute trojanized applications to install a previously undetected remote access tool on target systems. Called ElectroRAT by Intezer, the RAT is written from...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/05 3:7 p.m.54 views

Warning: Cross-Platform ElectroRAT Malware Targeting Cryptocurrency Users

Cybersecurity researchers today revealed a wide-ranging scam targeting cryptocurrency users that began as early as January last year to distribute trojanized applications to install a previously undetected remote access tool on target systems. Called ElectroRAT by Intezer, the RAT is written from...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/05 11:2 a.m.55 views

Healthcare Industry Witnessed 45% Spike in Cyber Attacks Since Nov 20

Cyberattacks targeting healthcare organizations have spiked by 45% since November 2020 as COVID-19 cases continue to increase globally. According to a new report published by Check Point Research today and shared with The Hacker News, this increase has made the sector the most targeted industry b...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/05 11:2 a.m.5 views

Healthcare Industry Witnessed 45% Spike in Cyber Attacks Since Nov 20

Cyberattacks targeting healthcare organizations have spiked by 45% since November 2020 as COVID-19 cases continue to increase globally. According to a new report published by Check Point Research today and shared with The Hacker News, this increase has made the sector the most targeted industry b...

6.2AI score
Exploits0
Total number of security vulnerabilities20793