Archive for the ‘hacking news’ Category

Source Code for CARBANAK Banking Malware Found On VirusTotal

April 23rd, 2019
Security researchers have discovered the full source code of the Carbanak malware—yes, this time it's for real. Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants. In July last year, there was a

Posted in banking malware, banking Trojan, Carbanak Banking Malware, cyber security, hacking news | Comments (0)

Hacker Breaks Into French Government’s New Secure Messaging App

April 19th, 2019
A white-hat hacker found a way to get into the French government's newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with the government identities. Dubbed "Tchap," the end-to-end encrypted, open source messaging app has been created by the French government with an aim to keep their officials,

Posted in encrypted chat, encrypted communication, end to end encrypted app, end-to-end encryption, French Government, hacking news, Private Messenger, secure messaging app, Tchap secure messenger | Comments (0)

Facebook Collected Contacts from 1.5 Million Email Accounts Without Users’ Permission

April 18th, 2019
Not a week goes without a new Facebook blunder. Remember the most recent revelation of Facebook being caught asking users new to the social network platform for their email account passwords to verify their identity? At the time, it was suspected that Facebook might be using access to users' email accounts to unauthorizedly and secretly gather a copy of their saved contacts. Now it turns

Posted in cyber security, Database Security, email database, email hacking, email security, Facebook, Facebook Data Breach, facebook data scandal, hacking news | Comments (0)

Drupal Releases Core CMS Updates to Patch Several Vulnerabilities

April 17th, 2019
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites. According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in

Posted in Cross site scripting, cybersecurity, Drupal, Drupal hacking, hacking news, JQuery, php security, remote code execution, Vulnerability, website security | Comments (0)

Researcher Hijacks a Microsoft Service Using Loophole in Azure Cloud Platform

April 17th, 2019
A cybersecurity professional today demonstrated a long-known unpatched weakness in Microsoft's Azure cloud service by exploiting it to take control over Windows Live Tiles, one of the key features Microsoft built into Windows 8 operating system. Introduced in Windows 8, the Live tiles feature was designed to display content and notifications on the Start screen, allowing users to continuously

Posted in Azure Cloud, DNS nameserver, domain name, hacking domain, hacking news, Hacking Windows 8, Rss feeds, subdomain takeover, Windows Live Tiles, windows security | Comments (0)

Over 100 Million JustDial Users’ Personal Data Found Exposed On the Internet

April 17th, 2019
An unprotected database belonging to JustDial, India's largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy "88888 88888" customer care number, The Hacker News has learned and independently verified. Founded over two decades ago, JustDial (JD) is the

Posted in API Security, cyber security, data breach, data leaked, Database Security, hacking news, Just dial, mobile api security, server security, unprotected database, website security | Comments (0)

Google Makes it Tough for Rogue App Developers Get Back on Android Play Store

April 16th, 2019
Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store. Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existing accounts, is enough for 'bad-faith' developers to trick the Play Store into distributing unsafe

Posted in Android, android apps, Android Malware, Android Security, apps security, google, Google Android, hacking news, Mobile Security, smartphone security | Comments (0)

Apache Tomcat Patches Important Remote Code Execution Flaw

April 15th, 2019
The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server. Developed by ASF, Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications such as Java Servlet,

Posted in Apache, Apache exploit, Apache Server, Apache Tomcat, cyber security, hacking news, server security, Vulnerability | Comments (0)