Archive for the ‘hacking news’ Category

BEWARE – New ‘Creative’ Phishing Attack You Really Should Pay Attention To

March 11th, 2019
A cybersecurity researcher who last month warned of a creative phishing campaign has now shared details of a new but similar attack campaign with The Hacker News that has specifically been designed to target mobile users. Just like the previous campaign, the new phishing attack is also based on the idea that a malicious web page could mimic look and feel of the browser window to trick even the

Posted in best password manager, browser security, Cyber Attack, hacking news, iOS phishing attack, password manager, phishing attack | Comments (0)

Severe Flaw Disclosed In StackStorm DevOps Automation Software

March 11th, 2019
A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services. StackStorm, aka "IFTTT for Ops," is a powerful event-driven automation tool for integration and automation across services and tools that allows

Posted in application security, cross site origin request, Cross site scripting, hacking news, StackStorm, Web Application Security, XSS vulnerability | Comments (0)

Citrix Data Breach – Iranian Hackers Stole 6TB of Sensitive Data

March 11th, 2019
Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by "international cyber criminals." Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its IT systems and stealing "business documents,"

Posted in citrix software, data breach, data security, Enterprise Security, hacking news, network hacking, password hacking | Comments (0)

NSA Releases GHIDRA 9.0 — Free, Powerful Reverse Engineering Tool

March 6th, 2019
The United States' National Security Agency (NSA) today finally released GHIDRA version 9.0 for free, the agency’s home-grown classified software reverse engineering tool that agency experts have been using internally for over a decade to hunt down security bugs in software and applications. GHIDRA is a Java-based reverse engineering framework that features a graphical user interface (GUI)

Posted in cyber security, cyber security software, Ghidra, hacking news, NSA, reverse engineering tool, Reverse-engineering, software reverse engineering | Comments (0)

Google Discloses Unpatched ‘High-Severity’ Flaw in Apple macOS Kernel

March 4th, 2019
Cybersecurity researcher at Google's Project Zero division has publicly disclosed details and proof-of-concept exploit of a high-severity security vulnerability in macOS operating system after Apple failed to release a patch within 90 days of being notified. Discovered by Project Zero researcher Jann Horn and demonstrated by Ian Beer, the vulnerability resides in the way macOS XNU kernel

Posted in Apple Mac OS X, Apple macOS Mojave, hacking macos, hacking news, MacOS, macos exploit, macos hacking, malware | Comments (0)

Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down

February 28th, 2019
Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019. Regular readers of The Hacker News already know how Coinhive's service helped cyber criminals earn hundreds of thousands of dollars by using computers of millions of people visiting hacked websites. <!-- adsense --> For a brief

Posted in coinhive, coinhive cryptocurrency miner, cryptocurrency, cryptocurrency miner, cryptocurrency mining, Cyber Criminals, hacking news, monero cryptocurrency, Monero Mining | Comments (0)

Severe Flaws in SHAREit Android App Let Hackers Steal Your Files

February 27th, 2019
Security researchers have discovered two high-severity vulnerabilities in the SHAREit Android app that could allow attackers to bypass device authentication mechanism and steal files containing sensitive from a victim's device. With over 1.5 billion users worldwide, SHAREit is a popular file sharing application for Android, iOS, Windows and Mac that has been designed to help people share

Posted in Android APK, Android File encryption, Android hacking, hacking news, how to hack android, shareit app | Comments (0)

New Flaws Re-Enable DMA Attacks On Wide Range of Modern Computers

February 27th, 2019
Security researchers have discovered a new class of security vulnerabilities that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks. Known for years, Direct memory access (DMA)-based attacks let an attacker compromise a targeted computer in a matter of

Posted in Apple macOS, DMA Attack, freebsd, hacking news, hardware hacking, Hardware Trojan, Linux hacking, Thunderbolt Port, Vulnerability, windows hacking | Comments (0)

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers

February 26th, 2019
It's not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last week. A few days ago, The Hacker News reported about a 19-year-old remote code execution vulnerability

Posted in computer virus, file archive software, hacking news, Windows Malware, WinRar, winrar exploit | Comments (0)

Hackers Actively Exploiting Latest Drupal RCE Flaw Published Last Week

February 26th, 2019
Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied patches and are still vulnerable. Last week, developers of the popular open-source content management system Drupal patched a critical remote code execution (RCE) vulnerability (CVE-2019-6340) in Drupal

Posted in cryptocurrency, cyber security, Drupal, Drupal exploit, drupal hacked, Drupal hacking, hacking news, remote code execution, website security | Comments (0)