You are here

THN

Subscribe to THN feed THN
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
Updated: 25 min 44 sec ago

7 Courses That Will Help You Start a Lucrative Career in Information Security

Sun, 17/11/2019 - 08:00
As the world becomes more interconnected by the day, more and more companies of all sizes and industries are finding themselves under attack by fearless cybercriminals who can access their entire server farms from across the globe with only a few lines of code. And it's not just private corporations that are suffering. A wide range of government agencies are also constantly under attack, and

New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices

Sat, 16/11/2019 - 08:46
The recent controversies surrounding the WhatsApp hacking haven't yet settled, and the world's most popular messaging platform is in choppy waters once again. The Hacker News has learned that WhatsApp has recently patched yet another critical vulnerability that could have allowed attackers to remotely compromise targeted devices and potentially steal secured chat messages and files stored on

Two Arrested for Stealing $550,000 in Cryptocurrency Using Sim Swapping

Fri, 15/11/2019 - 07:32
It appears that at least the United States has started taking the threat of Sim Swapping attacks very seriously. Starting with the country's first-ever conviction for 'SIM Swapping' this February, U.S. Department of Justice has since then announced charges against several individuals for involving in the scheme to siphon millions of dollars in cryptocurrency from victims. In the latest

New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

Thu, 14/11/2019 - 12:22
Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware. Though the new malware campaigns are not customized for each organization, the threat actors appear to be more

Qualcomm Chip Flaws Let Hackers Steal Private Data From Android Devices

Thu, 14/11/2019 - 09:38
Hundreds of millions of devices, especially Android smartphones and tablets, using Qualcomm chipsets, are vulnerable to a new set of potentially serious vulnerabilities. According to a report cybersecurity firm CheckPoint shared with The Hacker News, the flaws could allow attackers to steal sensitive data stored in a secure area that is otherwise supposed to be the most protected part of a

Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage

Thu, 14/11/2019 - 07:07
What could be even worse than getting hacked? It's the "failure to detect intrusions" that always results in huge losses to the organizations. Utah-based technology company InfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 2014 until March 2016. What's ironic is that the company detected the breach only after it

4 Best Free Online Security Tools for SMEs in 2020

Thu, 14/11/2019 - 05:00
Cyberattacks on small and midsized companies in 2019 cost $200,000 per company on average, mercilessly putting many of them out of business, says CNBC in its analysis of a recent Accenture report. In light of the global cybersecurity skills shortage, the number is set to soar in 2020. Solely in the UK, over 50,000 British SMEs could collapse next year following a cyberattack. This article

New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs

Wed, 13/11/2019 - 13:46
Zombieload is back. This time a new variant (v2) of the data-leaking side-channel vulnerability also affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants (RIDL and Fallout). Initially discovered in May this year, ZombieLoad is one of the three novel types of microarchitectural data

The Comprehensive Compliance Guide (Get Assessment Templates)

Wed, 13/11/2019 - 08:01
Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific vertical, while others are industry-agnostic. Some bare explicit consequences for failing to comply

Researchers Discover TPM-Fail Vulnerabilities Affecting Billions of Devices

Wed, 13/11/2019 - 07:29
A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect

Is Facebook Secretly Accessing Your iPhone's Camera? Some Users Claimed

Tue, 12/11/2019 - 16:25
It appears that Facebook at the center of yet another issue involving privacy. Reportedly, multiple iPhone users have come forward on social media complaining that the Facebook app secretly activates their smartphone's camera in the background while they scroll through their Facebook feeds or looking at the photos on the social network. As shown in the Twitter videos below, when users click

Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame

Mon, 11/11/2019 - 13:27
ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News. With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile

Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Thu, 07/11/2019 - 12:58
Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network. In case you don't own one of these, Amazon's Ring Video Doorbell is a smart wireless home

Gartner Says the Future of Network Security Lies with SASE

Thu, 07/11/2019 - 10:09
Cloud services and networking are driving the concept of digital businesses, yet traditional networking and cybersecurity architectures are far from meeting the demands of the digital business. Gartner's "The Future of Network Security Is in the Cloud" report spells out the potential for the transformation of networking and security in the cloud, built upon a new networking and security model

Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers

Thu, 07/11/2019 - 09:58
Do you always uncomfortable trusting companies with your data? If so, you're not alone. While companies do much to protect themselves from external threats, insiders always pose the highest risk to a company's data. Unfortunately, when we say companies can't eliminate insider threat completely, cybersecurity firms, who are meant to protect others, are not an exception. Cybersecurity firm

Two Former Twitter Employees Caught Spying On Users For Saudi Arabia

Thu, 07/11/2019 - 09:58
Two former employees of Twitter have been charged with spying on thousands of Twitter user accounts on behalf of the Saudi Arabian government, likely with the purpose of unmasking the identity of dissidents. According to an indictment filed on November 5 and unsealed just yesterday, one of the charged Twitter employees, American citizen Ahmad Abouammo, left the company in May 2015 and the

Facebook Reveals New Data Leak Incident Involving Groups' Members

Wed, 06/11/2019 - 08:16
Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorizedly access this information were primarily social media management and video streaming apps that

Explained: How New 'Delegated Credentials' Boosts TLS Protocol Security

Wed, 06/11/2019 - 07:08
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates without sacrificing the reliability of secure connections. In short, the new TLS protocol extension aims

PPT Template: Build Your 2020 Security Plan

Tue, 05/11/2019 - 09:02
The end of the year is coming, and it's time for security decision-makers to make plans for 2020 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive2020 Security Plan PPT Template is built to simplify this task, providing security decision-makers with an

Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light

Tue, 05/11/2019 - 08:11
A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed 'Light Commands,' the hack relies on a vulnerability in MEMS microphones embedded in widely-used popular voice-controllable systems that unintentionally

Pages