You are here

THN

Subscribe to THN feed THN
The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts.
Updated: 16 hours 43 min ago

Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On Dark Web

Sun, 17/03/2019 - 14:15
A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records originating from 6 other sites for sale on the dark web. The Hacker News today received a new email from the Pakistani hacker, who goes by online alias Gnosticplayers and previously claimed to have hacked dozens of

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

Fri, 15/03/2019 - 05:00
Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, which, unfortunately, leaves millions of its users vulnerable to cyber attacks. The critical

Telegram Gained 3 Million New Users During WhatsApp, Facebook Outage

Thu, 14/03/2019 - 07:50
WhatsApp, Facebook, and Instagram faced a widespread outage yesterday with users from around the world reporting issues with sending messages on WhatsApp and Messenger, posting feeds on Facebook and accessing other features on the three Facebook-owned platforms. While the outage was quite troubling both for the social media giant and its millions of users, guess who benefits the most out of

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

Thu, 14/03/2019 - 06:41
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website. Simon Scannell, a researcher at RIPS Technologies GmbH, who previously reported multiple critical vulnerabilities in WordPress, has once

Zero-Day Flaws in Counter-Strike 1.6 Let Malicious Servers Hack Gamers' PCs

Thu, 14/03/2019 - 04:10
If you are a Counter-Strike gamer, then beware, because 39% of all existing Counter-Strike 1.6 game servers available online are malicious that have been set-up to remotely hack gamers' computers. A team of cybersecurity researchers at Dr. Web has disclosed that an attacker has been using malicious gaming servers to silently compromise computers of Counter-Strike gamers worldwide by

Firefox Send — Free Encrypted File Transfer Service Now Available For All

Wed, 13/03/2019 - 05:40
Mozilla has made it easy for you to share large files securely and privately with whomever you want, eliminating the need to depend upon less secure free third-party services or file upload tools that burn a hole in your pocket. Mozilla has finally launched its free, end-to-end encrypted file-transfer service, called Firefox Send, to the public, allowing users to securely share large files like

Microsoft Releases Patches for 64 Flaws — Two Under Active Attack

Tue, 12/03/2019 - 15:39
It's time for another batch of "Patch Tuesday" updates from Microsoft. Microsoft today released its March 2019 software updates to address a total of 64 CVE-listed security vulnerabilities in its Windows operating systems and other products, 17 of which are rated critical, 45 important, one moderate and one low in severity. The update addresses flaws in Windows, Internet Explorer, Edge, MS

Adobe Releases Patches for Critical Flaws in Photoshop CC and Digital Edition

Tue, 12/03/2019 - 13:22
Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update. The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions. Upon successful exploitation, both critical vulnerabilities could

Cynet is offering unhappy competitors' customers a refund for the time remaining on existing contracts

Tue, 12/03/2019 - 10:12
Cynet goes head-to-head with CrowdStrike, DarkTrace, Cylance, Carbon Black & Symantec, offering their unhappy customers a refund for the time remaining on their existing contracts. Cynet, the automated threat discovery and mitigation platform was built to address the advanced threats that AV and Firewalls cannot stop. Today, Cynet announced that any organization currently deploying an

Windows 10 Now Automatically Uninstalls Updates That Cause Problems

Tue, 12/03/2019 - 06:07
Do you always think twice before installing Windows updates worrying that it could crash your system or leave it non-working the day after Patch Tuesdays? Don't worry. Microsoft has addressed this issue by adding a safety measure that would from now onwards automatically uninstall buggy software updates installed on your system if Windows 10 detects a startup failure, which could be due to

F5 Networks Acquires NGINX For $670 Million

Tue, 12/03/2019 - 04:17
One of the most important software companies NGINX, which is also behind the very popular open-source web server of the same name, is being acquired by its rival, F5 Networks, in a deal valued at about $670 million. While NGINX is not a name that you have ever heard of, the reality is that you use NGINX every day when you post a photo, watch streaming video, purchase goods online, or log

BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

Mon, 11/03/2019 - 12:46
A cybersecurity researcher who last month warned of a creative phishing campaign has now shared details of a new but similar attack campaign with The Hacker News that has specifically been designed to target mobile users. Just like the previous campaign, the new phishing attack is also based on the idea that a malicious web page could mimic look and feel of the browser window to trick even the

AWS Certification Training Courses – Get 2019 Bundle @ 96% OFF

Mon, 11/03/2019 - 08:13
With countless web apps and online services launching every day, there is an increasing demand for cloud developers. This exciting niche is due to grow rapidly over the next few years, and the paycheck should follow suit. If you want to build a career in this lucrative niche, it pays to know AWS (Amazon Web Services). <!-- adsense --> With the AWS Certified Architect Developer Bundle 2019,

Severe Flaw Disclosed In StackStorm DevOps Automation Software

Mon, 11/03/2019 - 07:16
A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services. StackStorm, aka "IFTTT for Ops," is a powerful event-driven automation tool for integration and automation across services and tools that allows

Citrix Data Breach – Iranian Hackers Stole 6TB of Sensitive Data

Mon, 11/03/2019 - 04:52
Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by "international cyber criminals." Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its IT systems and stealing "business documents,"

New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild

Wed, 06/03/2019 - 06:52
You must update your Google Chrome immediately to the latest version of the web browsing application. Security researcher Clement Lecigne of Google's Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability, assigned as

NSA Releases GHIDRA 9.0 — Free, Powerful Reverse Engineering Tool

Wed, 06/03/2019 - 05:38
The United States' National Security Agency (NSA) today finally released GHIDRA version 9.0 for free, the agency’s home-grown classified software reverse engineering tool that agency experts have been using internally for over a decade to hunt down security bugs in software and applications. GHIDRA is a Java-based reverse engineering framework that features a graphical user interface (GUI)

Google Launches Backstory — A New Cyber Security Tool for Businesses

Tue, 05/03/2019 - 05:13
Google's one-year-old cybersecurity venture Chronicle today announced its first commercial product, called Backstory, a cloud-based enterprise-level threat analytics platform that has been designed to help companies quickly investigate incidents, pinpoint vulnerabilities and hunt for potential threats. Network infrastructures at most enterprises regularly generate enormous amounts of network

Researchers Link 'Sharpshooter' Cyber Attacks to North Korean Hackers

Mon, 04/03/2019 - 12:55
Security researchers have finally, with "high confidence," linked a previously discovered global cyber espionage campaign targeting critical infrastructure around the world to a North Korean APT hacking group. Thanks to the new evidence collected by researchers after analyzing a command-and-control (C2) server involved in the espionage campaign and seized by law enforcement. Dubbed Operation

Google Discloses Unpatched 'High-Severity' Flaw in Apple macOS Kernel

Mon, 04/03/2019 - 10:52
Cybersecurity researcher at Google's Project Zero division has publicly disclosed details and proof-of-concept exploit of a high-severity security vulnerability in macOS operating system after Apple failed to release a patch within 90 days of being notified. Discovered by Project Zero researcher Jann Horn and demonstrated by Ian Beer, the vulnerability resides in the way macOS XNU kernel

Pages