Follow The Hacker News, filter it, and define how you want to receive the news (via Email, RSS, Telegram, WhatsApp etc.) https://follow.it/thehackernews Sun, 19 Sep 2021 22:04:15 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherI-oe22oJzvw A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft" marks the first instance where a threat actor has been found abusing WSL to install subsequent]]> Fri, 17 Sep 2021 13:03:29 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherI-oe22oJzvw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepW4A2GWb02ZA A targeted phishing campaign aimed at the aviation industry for two years may be spearheaded by a threat actor operating out of Nigeria, highlighting how attackers can carry out small-scale cyber offensives for extended periods of time while staying under the radar. Cisco Talos dubbed the malware attacks "Operation Layover," building on previous research from the Microsoft Security Intelligence]]> Fri, 17 Sep 2021 10:00:30 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepW4A2GWb02ZA https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqLrwr_KiDfCQ Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks. The issue — tracked as CVE-2021-41077 — concerns unauthorized access and plunder of secret environment data associated with a public open-source project during the]]> Thu, 16 Sep 2021 15:38:16 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqLrwr_KiDfCQ https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherKdspMEw9WWw New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices. The flaw — dubbed "Seventh Inferno" (CVSS score: 9.8) — is part of a trio of security weaknesses, called Demon's Cries (CVSS score: 9.8) and Draconian Fear (CVSS score: 7.8)]]> Thu, 16 Sep 2021 15:21:13 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherKdspMEw9WWw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherbYlwjIioVtQ Microsoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. "These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon]]> Thu, 16 Sep 2021 15:20:25 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherbYlwjIioVtQ https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepXVzqp94CUzg Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email. The change is expected to be rolled out in the coming weeks. "Except for auto-generated passwords that are nearly impossible to remember, we largely create our own]]> Thu, 16 Sep 2021 09:03:09 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepXVzqp94CUzg https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhermpuDkjUZBQw Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems. The list of flaws, collectively called OMIGOD by researchers from Wiz, affect a little-known software agent called Open Management Infrastructure]]> Wed, 15 Sep 2021 20:36:41 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhermpuDkjUZBQw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherl407c0KFZkg In the classic children's movie 'The Princess Bride,' one of the characters utters the phrase, "You keep using that word. I do not think it means what you think it means." It's freely used as a response to someone's misuse or misunderstanding of a word or phrase. "Response Automation" is another one of those phrases that have different meanings to different people. It's bantered around by the]]> Wed, 15 Sep 2021 13:16:20 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherl407c0KFZkg https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqRWTg00tyoVw The U.S. Department of Justice (DoJ) on Tuesday disclosed it fined three intelligence community and military personnel $1.68 million in penalties for their role as cyber-mercenaries working on behalf of a U.A.E.-based cybersecurity company. The trio in question — Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40 — are accused of "knowingly and willfully combine, conspire, confederate, and]]> Wed, 15 Sep 2021 13:03:55 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqRWTg00tyoVw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheplKdELtLlIbw A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively exploited zero-day in its MSHTML Platform that came to light last week.  Of the 66 flaws, three are rated]]> Wed, 15 Sep 2021 07:00:22 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheplKdELtLlIbw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepCSRcBMWX7zw Users searching for TeamViewer remote desktop software on search engines like Google are being redirected to malicious links that drop ZLoader malware onto their systems while simultaneously embracing a stealthier infection chain that allows it to linger on infected devices and evade detection by security solutions. "The malware is downloaded from a Google advertisement published through Google]]> Tue, 14 Sep 2021 15:43:34 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepCSRcBMWX7zw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheoIRNfA30WXCQ Cybersecurity researchers on Tuesday disclosed details about a high-severity flaw in the HP OMEN driver software that impacts millions of gaming computers worldwide, leaving them open to an array of attacks. Tracked as CVE-2021-3437 (CVSS score: 7.8), the vulnerabilities could allow threat actors to escalate privileges to kernel mode without requiring administrator permissions, allowing them to]]> Tue, 14 Sep 2021 13:13:23 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheoIRNfA30WXCQ https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherh-nsBy8vHrA Every once in a while, an industry term will get overused by marketing to the point of becoming a cliche. "Zero Trust" may have reached this threshold. In some ways, we understand why this is happening. Security perimeters have become obsolete as people use mobile devices and cloud applications to work from anywhere. Zero Trust deployment — moving all your apps and data to the cloud and assuming]]> Tue, 14 Sep 2021 12:26:36 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherh-nsBy8vHrA https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherWcfbVlEaiKw Apple has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 to fix two actively exploited vulnerabilities, one of which defeated extra security protections built into the operating system. The list of two flaws is as follows - CVE-2021-30858 (WebKit) - A use after free issue that could result in arbitrary code execution when processing maliciously crafted web]]> Tue, 14 Sep 2021 07:26:33 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lherWcfbVlEaiKw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhertWHYLUUzRmw Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild. Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Indexed DB API respectively, with the internet giant credited anonymous]]> Tue, 14 Sep 2021 06:08:50 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhertWHYLUUzRmw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepiqLLj4FC8BQ Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetration testing tool — codenamed "Vermilion Strike" — marks one of the rare Linux ports, which has been]]> Mon, 13 Sep 2021 16:19:22 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lhepiqLLj4FC8BQ https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqNMYPF1tS7aw A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent.  The flaw, tracked as CVE-2021-23406, has a severity rating of 8.1 on the CVSS vulnerability scoring system and affects]]> Mon, 13 Sep 2021 15:48:50 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqNMYPF1tS7aw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lher11g3r2dK4ng A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in a Spectre-style speculative execution attack. Dubbed "Spook.js" by academics from the University of Michigan, University of Adelaide, Georgia Institute of Technology, and Tel Aviv]]> Mon, 13 Sep 2021 11:25:17 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lher11g3r2dK4ng https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheob9BXMEPv_jw Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service (DDoS) attack by a new botnet called Mēris. The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests per second (RPS), dwarfing a recent botnet-powered attack that came to light last month, bombarding ]]> Sat, 11 Sep 2021 13:18:02 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheob9BXMEPv_jw https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqim_J3oGdDpQ WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. The feature, which will go live to all of its two billion users in the coming weeks, is expected to only work on the primary]]> Sat, 11 Sep 2021 10:22:21 +0200 https://api.follow.it/track-rss-story-click/v3/Yn58gL1lheqim_J3oGdDpQ