You are here

THN

Subscribe to THN feed THN
The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts.
Updated: 42 min 2 sec ago

New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep

8 hours 49 min ago
Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep. Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently.

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

12 hours 39 min ago
The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over SSH, Telnet, and Rlogin network protocols. Almost 20 months after releasing the last version of

Google Will Prompt European Android Users to Select Preferred Default Browser

13 hours 30 min ago
Google announced some major changes for its Android mobile operating system in October after the European Commission hit the company with a record $5 billion antitrust fine for pre-installing its own apps and services on third-party Android phones. The European Commission accused Google of forcing Android phone manufacturers to "illegally" tie its proprietary apps and services—specifically,

Android Q — Google Adds New Mobile Security and Privacy Features

Tue, 19/03/2019 - 15:19
Google has recently released the first beta version of Android Q, the next upcoming version of Google's popular mobile operating system, with a lot of new privacy improvements and other security enhancements. Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more support for passive authentication like face

Ransomware Attack Forces Aluminum Manufacturer to Shutdown Systems Worldwide

Tue, 19/03/2019 - 14:05
Photo by Terje Pedersen / NTB scanpix One of the world's largest producers of aluminum has been forced to shut down several of its plants across Europe and the U.S. after an "extensive cyber attack" hit its operations, leaving companies' IT systems unusable. According to a press release shared by Aluminum giant Norsk Hydro today, the company has temporarily shut down several plants and

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Tue, 19/03/2019 - 07:27
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Red Hat, Debian, and also comes bundled within some distributions and software as a default library

Mirai Variant Adds Dozen New Exploits to Target Enterprise IoT Devices

Tue, 19/03/2019 - 04:55
Security researchers have uncovered a new variant of the infamous Mirai Internet of Things botnet, this time targeting embedded devices intended for use within business environments in an attempt to gain control over larger bandwidth to carry out devastating DDoS attacks. Although the original creators of Mirai botnet have already been arrested and jailed, variants of the infamous IoT malware

Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web

Sun, 17/03/2019 - 14:15
A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records originating from 6 other sites for sale on the dark web. The Hacker News today received a new email from the Pakistani hacker, who goes by online alias Gnosticplayers and previously claimed to have hacked dozens of

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

Fri, 15/03/2019 - 05:00
Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, which, unfortunately, leaves millions of its users vulnerable to cyber attacks. The critical

Telegram Gained 3 Million New Users During WhatsApp, Facebook Outage

Thu, 14/03/2019 - 07:50
WhatsApp, Facebook, and Instagram faced a widespread outage yesterday with users from around the world reporting issues with sending messages on WhatsApp and Messenger, posting feeds on Facebook and accessing other features on the three Facebook-owned platforms. While the outage was quite troubling both for the social media giant and its millions of users, guess who benefits the most out of

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

Thu, 14/03/2019 - 06:41
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website. Simon Scannell, a researcher at RIPS Technologies GmbH, who previously reported multiple critical vulnerabilities in WordPress, has once

Zero-Day Flaws in Counter-Strike 1.6 Let Malicious Servers Hack Gamers' PCs

Thu, 14/03/2019 - 04:10
If you are a Counter-Strike gamer, then beware, because 39% of all existing Counter-Strike 1.6 game servers available online are malicious that have been set-up to remotely hack gamers' computers. A team of cybersecurity researchers at Dr. Web has disclosed that an attacker has been using malicious gaming servers to silently compromise computers of Counter-Strike gamers worldwide by

Firefox Send — Free Encrypted File Transfer Service Now Available For All

Wed, 13/03/2019 - 05:40
Mozilla has made it easy for you to share large files securely and privately with whomever you want, eliminating the need to depend upon less secure free third-party services or file upload tools that burn a hole in your pocket. Mozilla has finally launched its free, end-to-end encrypted file-transfer service, called Firefox Send, to the public, allowing users to securely share large files like

Microsoft Releases Patches for 64 Flaws — Two Under Active Attack

Tue, 12/03/2019 - 15:39
It's time for another batch of "Patch Tuesday" updates from Microsoft. Microsoft today released its March 2019 software updates to address a total of 64 CVE-listed security vulnerabilities in its Windows operating systems and other products, 17 of which are rated critical, 45 important, one moderate and one low in severity. The update addresses flaws in Windows, Internet Explorer, Edge, MS

Adobe Releases Patches for Critical Flaws in Photoshop CC and Digital Edition

Tue, 12/03/2019 - 13:22
Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update. The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions. Upon successful exploitation, both critical vulnerabilities could

Cynet is offering unhappy competitors' customers a refund for the time remaining on existing contracts

Tue, 12/03/2019 - 10:12
Cynet goes head-to-head with CrowdStrike, DarkTrace, Cylance, Carbon Black & Symantec, offering their unhappy customers a refund for the time remaining on their existing contracts. Cynet, the automated threat discovery and mitigation platform was built to address the advanced threats that AV and Firewalls cannot stop. Today, Cynet announced that any organization currently deploying an

Windows 10 Now Automatically Uninstalls Updates That Cause Problems

Tue, 12/03/2019 - 06:07
Do you always think twice before installing Windows updates worrying that it could crash your system or leave it non-working the day after Patch Tuesdays? Don't worry. Microsoft has addressed this issue by adding a safety measure that would from now onwards automatically uninstall buggy software updates installed on your system if Windows 10 detects a startup failure, which could be due to

F5 Networks Acquires NGINX For $670 Million

Tue, 12/03/2019 - 04:17
One of the most important software companies NGINX, which is also behind the very popular open-source web server of the same name, is being acquired by its rival, F5 Networks, in a deal valued at about $670 million. While NGINX is not a name that you have ever heard of, the reality is that you use NGINX every day when you post a photo, watch streaming video, purchase goods online, or log

BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

Mon, 11/03/2019 - 12:46
A cybersecurity researcher who last month warned of a creative phishing campaign has now shared details of a new but similar attack campaign with The Hacker News that has specifically been designed to target mobile users. Just like the previous campaign, the new phishing attack is also based on the idea that a malicious web page could mimic look and feel of the browser window to trick even the

AWS Certification Training Courses – Get 2019 Bundle @ 96% OFF

Mon, 11/03/2019 - 08:13
With countless web apps and online services launching every day, there is an increasing demand for cloud developers. This exciting niche is due to grow rapidly over the next few years, and the paycheck should follow suit. If you want to build a career in this lucrative niche, it pays to know AWS (Amazon Web Services). <!-- adsense --> With the AWS Certified Architect Developer Bundle 2019,

Pages