You are here

THN

Subscribe to THN feed THN
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
Updated: 26 min 21 sec ago

Targeted Ransomware Attacks Hit Several Spanish Companies

Mon, 04/11/2019 - 17:32
Everis, one of the largest IT consulting companies in Spain, suffered a targeted ransomware attack on Monday, forcing the company to shut down all its computer systems until the issue gets resolved completely. Ransomware is a computer virus that encrypts files on an infected system until a ransom is paid. According to several local media, Everis informed its employees about the devastating

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

Sun, 03/11/2019 - 11:31
If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow

First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild

Sun, 03/11/2019 - 09:34
Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining. In May this year, Microsoft released a patch for a highly-critical remote code execution flaw, dubbed BlueKeep, in its Windows Remote Desktop Services

New Chrome 0-day Bug Under Active Attacks – Update Your Browser Now!

Fri, 01/11/2019 - 07:51
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are

Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

Thu, 31/10/2019 - 12:26
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center

Leading Web Domain Name Registrars Disclose Data Breach

Thu, 31/10/2019 - 08:40
Another day, another massive data breach—this time affecting a leading web technology company, as well as both of its subsidiaries, from where millions of customers around the world have purchased domain names for their websites. The world's top domain registrars Web.com, Network Solutions, and Register.com disclosed a security breach that may have resulted in the theft of customers' account

Two Hackers Who Extorted Money From Uber and LinkedIn Plead Guilty

Thu, 31/10/2019 - 06:08
Two grey hat hackers have pleaded guilty to blackmailing Uber, LinkedIn, and other U.S. corporations for money in exchange for promises to delete data of millions of customers they had stolen in late 2016. In a San Jose courthouse in California on Wednesday, Brandon Charles Glover (26) of Florida and Vasile Mereacre (23) of Toronto admitted they accessed and downloaded confidential corporate

5 Places Where Hackers Are Stealthily Stealing Your Data In 2019

Thu, 31/10/2019 - 05:53
Skyrocketing data breaches bring incalculable losses to organizations and can cost cybersecurity executives their jobs. Here we examine the top five places in 2019 where cybercriminals are stealing corporate and government data without ever getting noticed and then learn how to avoid falling victim to unscrupulous attackers. 1. Misconfigured Cloud Storage 48% of all corporate data is

Hackers Target Indian Nuclear Power Plant – Everything We Know So Far

Wed, 30/10/2019 - 17:48
A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant. Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage widely suggesting a piece of malware has compromised "mission-critical systems" at the Kudankulam

Facebook Sues Israeli NSO Spyware Firm For Hacking WhatsApp Users

Tue, 29/10/2019 - 19:16
Finally, for the very first time, an encrypted messaging service provider is taking legal action against a private entity that has carried out malicious attacks against its users. Facebook filed a lawsuit against Israeli mobile surveillance firm NSO Group on Tuesday, alleging that the company was actively involved in hacking users of its end-to-end encrypted WhatsApp messaging service.

Mysterious malware that re-installs itself infected over 45,000 Android Phones

Tue, 29/10/2019 - 16:03
Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices. Dubbed Xhelper, the malware has already infected more than 45,000 Android devices in just the last six months and is continuing to spread by

The Pirate Bay was recently down for over a week due to a DDoS attack

Tue, 29/10/2019 - 11:27
It seems like the prolonged downtime and technical difficulties faced by The Pirate Bay over the past several weeks were due to a series of distributed denial of service (DDoS) attacks against the widely-popular torrent website by malicious actors. For those unaware, The Pirate Bay was down for more than a week with most visitors displayed a Cloudflare error mentioning that a "bad gateway" is

How MSPs can become Managed Detection and Response (MDR) Providers

Tue, 29/10/2019 - 08:38
Managed detection and response (MDR) is one of the fastest-growing segments in the cybersecurity market. ESG research from April 2019 reveals that 27% of organizations are actively pursuing an MDR project, while another 11% plan to pursue an MDR project in the future. Cynet now enables service providers to add MDR to their portfolio and gain an important competitive advantage over

Russian Hackers Targeting Anti-Doping Agencies Ahead of 2020 Tokyo Olympics

Tue, 29/10/2019 - 05:24
As Japan gears up for the upcoming 2020 Summer Olympics in Tokyo for the next year, the country needs to brace itself for sophisticated cyberattacks, especially from state-sponsored hackers. Microsoft has issued a short notice, warning about a new wave of highly targeted cyberattacks by a group of Russian state-sponsored hackers attempting to hack over a dozen anti-doping authorities and

UniCredit Bank Suffers 'Data Incident' Exposing 3 Million Italian Customer Records

Mon, 28/10/2019 - 15:15
UniCredit, an Italian global banking and financial services company, announced today that it suffered a security incident that leaked some personal information belonging to at least 3 million of its domestic customers. Officially founded in 1870, UniCredit is Italy's biggest banking and financial services and one of the leading European commercial banks with more than 8,500 branches across 17

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

Sat, 26/10/2019 - 17:53
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely. The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could

Unsecured Adobe Server Exposes Data for 7.5 Million Creative Cloud Users

Sat, 26/10/2019 - 06:10
The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records' database belonging to the company's popular Creative Cloud service. With an estimated 15 million subscribers, Adobe Creative Cloud or Adobe CC is a subscription service that gives users access to the company's full suite of popular creative software for

Verizon, AT&T, Sprint and T-Mobile to replace SMS with RCS Messaging in 2020

Fri, 25/10/2019 - 09:35
Mobile carriers in the United States will finally offer a universal cross-carrier communication standard for the next-generation RCS messaging service that is meant to replace SMS and has the potential to change the way consumers interact with brands for years to come. All major United States mobile phone carriers, including AT&T, Verizon, T-Mobile, and Sprint, have joined forces to launch a

42 Adware Apps with 8 Million Downloads Traced Back to Vietnamese Student

Thu, 24/10/2019 - 11:13
First of all, if you have any of the below-listed apps installed on your Android device, you are advised to uninstall it immediately. Cybersecurity researchers have identified 42 apps on the Google Play Store with a total of more than 8 million downloads, which were initially distributed as legitimate applications but later updated to maliciously display full-screen advertisements to their

How to Avoid the Top Three Causes of Data Breaches in 2019

Thu, 24/10/2019 - 07:18
What's the price of unprotected IT infrastructure? Cybercrime Magazine says that global damages will surpass $6 billion as soon as 2021. Here we'll go through some of the most frequent and emerging causes of data breaches in 2019 and see how to address them in a timely manner. Misconfigured Cloud Storage It's hard to find a day without a security incident involving unprotected AWS S3

Pages