You are here


Subscribe to THN feed THN
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
Updated: 19 min 47 sec ago

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

Mon, 04/05/2020 - 07:44
Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert. Tracked as CVE-2020-11651 and CVE-2020-11652, the disclosed flaws could allow an adversary to execute arbitrary code on remote servers deployed in data

Critical SaltStack RCE Bug (CVSS Score 10) Affects Thousands of Data Centers

Fri, 01/05/2020 - 10:04
Two severe security flaws have been discovered in the open-source SaltStack Sat configuration framework that could allow an adversary to execute arbitrary code on remote servers deployed in data centers and cloud environments. The vulnerabilities were identified by F-Secure researchers earlier this March and disclosed on Thursday, a day after SaltStack released a patch (version 3000.2)

Targeted Phishing Attacks Successfully Hacked Top Executives At 150+ Companies

Thu, 30/04/2020 - 11:33
In the last few months, multiple groups of attackers successfully compromised corporate email accounts of at least 156 high-ranking officers at various firms based in Germany, the UK, Netherlands, Hong Kong, and Singapore. Dubbed 'PerSwaysion,' the newly spotted cyberattack campaign leveraged Microsoft file-sharing services—including Sway, SharePoint, and OneNote—to launch highly targeted

New Android Malware Steals Banking Passwords, Private Data and Keystrokes

Thu, 30/04/2020 - 09:14
A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes. Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services,

Cato SDP: Cloud-Scale and Global Remote Access Solution Review

Thu, 30/04/2020 - 07:59
The Scouts acknowledged the necessity to "Be Prepared" over 100 years (!) ago; the industry should have, as well. Yet COVID-19 took businesses – more like the entire world – by surprise. Very few were prepared for the explosion of remote access, and the challenge of instantly shifting an entire organization to work from anywhere. Cato Networks shared its increase in remote access usage post

Critical Bugs Found in 3 Popular e-Learning Plugins for WordPress Sites

Thu, 30/04/2020 - 07:10
Security researchers are sounding the alarm over newly discovered vulnerabilities in some popular online learning management system (LMS) plugins that various organizations and universities use to offer online training courses through their WordPress-based websites. According to the Check Point Research Team, the three WordPress plugins in question — LearnPress, LearnDash, and LifterLMS —

Critical Security Patches Released for Magento, Adobe Illustrator and Bridge

Tue, 28/04/2020 - 19:24
It's not 'Patch Tuesday,' but software giant Adobe today released emergency updates for three of its widely used products that patch dozens of newly discovered critical vulnerabilities. The list of affected software includes Adobe Illustrator, Adobe Bridge, and Magento e-commerce platform, containing a total of 35 vulnerabilities where each one of them is affected with multiple critical

Researchers Uncover Novel Way to De-anonymize Device IDs to Users' Biometrics

Tue, 28/04/2020 - 05:19
Researchers have uncovered a potential means to profile and track online users using a novel approach that combines device identifiers with their biometric information. The details come from a newly published research titled "Nowhere to Hide: Cross-modal Identity Leakage between Biometrics and Devices" by a group of academics from the University of Liverpool, New York University, The Chinese

How An Image Could've Let Attackers Hack Microsoft Teams Accounts

Mon, 27/04/2020 - 05:34
Microsoft has patched a worm-like vulnerability in its Teams workplace video chat and collaboration platform that could have allowed attackers to take over an organization's entire roster of Teams accounts just by sending participants a malicious link to an innocent-looking image. The flaw, impacting both desktop and web versions of the app, was discovered by cybersecurity researchers at

Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet

Fri, 24/04/2020 - 07:38
Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency. The botnet, named "VictoryGate," has been active since May 2019, with infections mainly reported in Latin America, particularly Peru accounting for 90% of the compromised

Hackers Trick 3 British Private Equity Firms Into Sending Them $1.3 Million

Thu, 23/04/2020 - 07:01
In a recent highly targeted BEC attack, hackers managed to trick three British private equity firms into wire-transferring a total of $1.3 million to the bank accounts fraudsters have access to — while the victimized executives thought they closed an investment deal with some startups. According to the cybersecurity firm Check Point, who shared its latest investigation with The Hacker News,

Zero-Day Warning: It's Possible to Hack iPhones Just by Sending Emails

Wed, 22/04/2020 - 13:14
Watch out Apple users! The default mail app pre-installed on millions of iPhone and iPad has been found vulnerable to two critical flaws that could let remote hackers secretly take complete control over Apple devices just by sending an email to targeted individuals. According to cybersecurity researchers at ZecOps, the vulnerabilities in question are out-of-bounds write and remote heap

Chinese Hackers Using New iPhone Hack to Spy On Uyghurs Muslims

Wed, 22/04/2020 - 06:27
A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang. The findings, published by digital forensics firm Volexity, reveal that the exploit — named "Insomnia" — works against iOS versions 12.3, 12.3.1, and 12.3.2 using a flaw in WebKit that was patched by

The Incident Response Challenge 2020 — Win $5,000 Prize!

Tue, 21/04/2020 - 12:15
Cybersecurity firm Cynet today announced the launch of a first of its kind challenge to enable Incident Response professionals to test their skills with 25 forensic challenges that were built by top researchers and analysts. The challenge is available on and is open to anyone willing to test his or her investigation skills, between April 21st and May

Researcher Discloses 4 Zero-Day Bugs in IBM's Enterprise Security Software

Tue, 21/04/2020 - 10:36
A cybersecurity researcher today publicly disclosed technical details and PoC for 4 unpatched zero-day vulnerabilities affecting an enterprise security software offered by IBM after the company refused to acknowledge the responsibly submitted disclosure. The affected premium product in question is IBM Data Risk Manager (IDRM) that has been designed to analyze sensitive business information

Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers

Tue, 21/04/2020 - 06:55
A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans. The details of the attacks against Xilinx 7-Series and Virtex-6 Field Programmable Gate Arrays (FPGAs) have been covered in a paper titled "The

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

Mon, 20/04/2020 - 07:58
A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to

Why SaaS opens the door to so many cyber threats (and how to make it safer)

Fri, 17/04/2020 - 08:43
Cloud services have become increasingly important to many companies' daily operations, and the rapid adoption of web apps has allowed businesses to continue operating with limited productivity hiccups, even as global coronavirus restrictions have forced much of the world to work from home. But at the same time, even major corporations have fallen prey to hackers. How can you maintain the

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

Fri, 17/04/2020 - 08:20
The United States Cybersecurity and Infrastructure Security Agency (CISA) yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution (RCE) vulnerability in Pulse Secure VPN servers—even if they have already patched it. The warning comes three months after another

Over 700 Malicious Typosquatted Libraries Found On RubyGems Repository

Thu, 16/04/2020 - 09:59
As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on. In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700