255
For all of the undeniable conveniences the Internet has brought us, it's becoming an increasingly dangerous place to be.

Both individual hackers and entire government agencies are now able to hack into your computer or smartphone from across the globe and steal everything from your browsing history to your credit card numbers, and they're often able to do so without your knowledge.

A Virtual


255
A new security vulnerability has been discovered in the latest version of Apple's macOS Mojave that could allow a malicious application to access data stored in restricted folders which are otherwise not accessible to every app.

Discovered by application developer Jeff Johnson on February 8, the vulnerability is unpatched at the time of writing and impacts all version of macOS Mojave,
255
Welcome back!

Adobe has today released its monthly security updates to address a total of 75 security vulnerabilities across its various products, 71 of which resides in Adobe Acrobat and Reader alone.

February 2019 patch Tuesday updates address several critical and important vulnerabilities in Adobe Acrobat Reader DC, Adobe Coldfusion, Creative Cloud Desktop Application, and Adobe Flash
254
The developers behind the privacy-minded Zcash cryptocurrency have recently discovered and patched a highly dangerous vulnerability in the most secretive way that could have allowed an attacker to coin an infinite number of Zcash (ZEC).

Yes, infinite… like a never-ending source of money.

Launched in October 2016, Zcash is a privacy-oriented cryptocurrency that claims to be more anonymous


254
With so many data breaches happening almost every week, it has become difficult for users to know if their credentials are already in possession of hackers or being circulated freely across the Internet.

Thankfully, Google has a solution.

Today, February 5, on Safer Internet Day, Google launches a new service that has been designed to alert users when they use an exact combination of


254
You've always been warned not to share remote access to your computer with any untrusted people for many reasons—it's basic cyber security advice, and common sense, right?

But what if I say, you should not even trust anyone who invites or offers you full remote access to their computers?

Security researchers at cybersecurity firm Check Point have discovered more than two dozen


254
Many of you might have this question in your mind:

"Is it illegal to test a website for vulnerability without permission from the owner?"

Or… "Is it illegal to disclose a vulnerability publicly?"

Well, the answer is YES, it’s illegal most of the times and doing so could backfire even when you have good intentions.

Last year, Hungarian police arrested a 20-year-old ethical hacker accused of


253
The United States Department of Justice has announced espionage charges against a former US Air Force intelligence officer with the highest level of top-secret clearance for providing the Iranian government classified defense information after she defected to Iran in 2013.

Monica Elfriede Witt, 39, was a former U.S. Air Force Intelligence Specialist and Special Agent of the Air Force Office
253
Ever sent a message on Facebook Messenger then immediately regretted it, or an embarrassing text to your boss in the heat of the moment at late night, or maybe accidentally sent messages or photos to a wrong group chat?

Of course, you have. We have all been through drunk texts and embarrassing photos many times that we later regret sending but are forced to live with our mistakes.

Good news,


253
Microsoft has issued its second Patch Tuesday for this year to address a total of 77 CVE-listed security vulnerabilities in its Windows operating systems and other products, 20 of which are rated critical, 54 important and 3 moderate in severity.

February security update addresses flaws in Adobe Flash Player, Internet Explorer, Edge, Windows, MS Office, and Office Services and Web Apps,
253
How do you check if a website asking for your credentials is fake or legit to log in?

By checking if the URL is correct?

By checking if the website address is not a homograph?

By checking if the site is using HTTPS?

Or using software or browser extensions that detect phishing domains?

Well, if you, like most Internet users, are also relying on above basic security practices to spot if that
253
A 20-year-old college student who stole cryptocurrency worth more than $5 million by hijacking victims' phone numbers has pleaded guilty and accepted a sentence of 10 years in prison.

Ortiz was arrested last year on charges of siphoning millions of dollars in cryptocurrency from around 40 victims using a method commonly known as "SIM swapping," which typically involves fraudulently porting of


253
Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification.

In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX which are otherwise
252
Just because an app is available on Google Play Store doesn't mean that it is a legitimate app. Despite so many efforts by Google, some fake and malicious apps do sneak in and land millions of unaware users on the hunting ground of scammers and hackers.

Cybersecurity firm Trend Micro uncovered at least 29 devious photo apps that managed to make its way onto Google Play Store and have been


252
Using an Android device?

Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps.

Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of


252
Google has launched a new encryption algorithm that has been built specifically to run on mobile phones and smart IoT devices that don't have the specialized hardware to use current encryption methods to encrypt locally stored data efficiently.

Encryption has already become an integral part of our everyday digital activities.

However, it has long been known that encryption is expensive, as


251
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system.

Dubbed "Dirty_Sock" and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the
251
Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge.

The Facetime bug (CVE-2019-6223) was discovered by 14-year-old Grant Thompson of Catalina Foothills High School while he was


251
A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users.

The malware, described as a "Clipper," masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging


251
QuadrigaCX, the largest bitcoin exchange in Canada, has claimed to have lost CAD 190 million (nearly USD 145 million) worth of cryptocurrency after the exchange lost access to its cold (offline) storage wallets.

Reason? Unfortunately, the only person with access to the company’s offline wallet, founder of the cryptocurrency exchange, is dead.

Following the sudden death of Gerry Cotten,


251
It's 2019, and just opening an innocent looking office document file on your system can still allow hackers to compromise your computer.

No, I'm not talking about yet another vulnerability in Microsoft Office, but in two other most popular alternatives—LibreOffice and Apache OpenOffice—free, open source office software used by millions of Windows, MacOS and Linux users.

Security researcher


250
Smart devices definitely make our lives easier, faster, and more efficient, but unfortunately, an insecure smart device can also ruin your day, or sometime could even turn into the worst nightmare of your life.

If you are an electric scooter rider, you should be concerned about yourself.

In a report shared with The Hacker News in advance, researchers from mobile security firm Zimperium said


250
A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web.

Last week, The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online.
<!
250
What could be more frightening than a service informing you that all your data is gone—every file and every backup servers are entirely wiped out?

The worst nightmare of its kind. Right?

But that's precisely what just happened this week with VFEmail.net, a US-based secure email provider that lost all data and backup files for its users after unknown hackers destroyed its entire U.S.
250
Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts.

Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the malware has specifically been designed to target Mac users and is believed to be based on


250
A malicious Windows EXE file can even infect your Mac computer as well.

Yes, you heard me right — a .exe malware on macOS.

Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac computers by deploying malicious EXE files that normally run only on Windows computers.

Researchers


200

Australian Parliament computer network compromised, new phishing attack using Google Translate, and Apple patches FaceTime bug as well as two zero-days Google says were exploited in the wild on episode 216 of our daily cybersecurity podcast.



Latest Hacking News Podcast #216 on Latest Hacking News.

200

Interview with Karl Sigler, Security Research Manager for Trustwave SpiderLabs, on the recently disclosed vulnerability impacting Lifesize video products. Today’s



Latest Hacking News Podcast #217: Karl Sigler of Trustwave on Lifesize Vulnerability on Latest Hacking News.

200
CorrectHorseBatteryStaple once again more secure and memorable than ff3sd21n

HashCat, an open source password recovery tool, can now crack an eight-character Windows NTLM password hash in less time than it will take to watch Avengers: Endgame.…

200
We're not convinced 'people who want to harm kids will follow the kid, not the watch' is a great comeback

Kids' smartwatch-pusher Enox, whose Safe-KID-One watch was pulled by the European Commission, has hit back against the bad PR – with some rather unusual arguments.…

199

Two separate vulnerabilities ran the risk of compromising the security of devices developed by Cujo AI. The smart hardware, Cujo Firewall,



CUJO Firewall Vulnerabilities Exposed on Latest Hacking News.

Welcome, DisDroidians

Plikli is an open source content management system that lets you easily create your own user-powered website.

Latest Comments
Statistics