7 New #Meltdown and #Spectre-type Transient Execution Attacks Discovered Affecting Intel, AMD, ARM Processors
Read More → https://thehackernews.com/2018/11/meltdown-spectre-vulnerabilities.html
Read More → https://thehackernews.com/2018/11/meltdown-spectre-vulnerabilities.html
Latest iPhone X, Samsung Galaxy S9, Xiaomi Mi6—all GET HACKED at Pwn2Own 2018 mobile hacking competition
https://thehackernews.com/2018/11/mobile-hacking-exploits.html
White-hat hackers earned a total $325,000 bounty for finding 18 zero-day vulnerabilities
https://thehackernews.com/2018/11/mobile-hacking-exploits.html
White-hat hackers earned a total $325,000 bounty for finding 18 zero-day vulnerabilities
Critical flaw found in one of the popular Google #AMP (Accelerated Mobile Pages) plugins for #WordPress, installed by more than 100,000+ websites.
https://thehackernews.com/2018/11/amp-plugin-for-WordPress.html
"AMP for WP" patched version 0.9.97.20 has been released – UPDATE NOW
https://thehackernews.com/2018/11/amp-plugin-for-WordPress.html
"AMP for WP" patched version 0.9.97.20 has been released – UPDATE NOW
The real identity of notorious hacker, "Tessa88," who sold LinkedIn, Dropbox, Facebook, Twitter, VKontakte (and more high-profile) databases on Dark Web forums revealed as → Maksim Vladimirovich Donakov (Максим Владимирович Донаков) from Russia.
https://thehackernews.com/2018/11/tessa88-russian-hacker.html
https://thehackernews.com/2018/11/tessa88-russian-hacker.html
🎉Great news for white-hat hacker... now get paid up to $40,000 for finding-and-reporting ways to hack Facebook, Instagram, WhatsApp, or Oculus accounts.
https://thehackernews.com/2018/11/cybersecurity-bug-bounty.html
https://thehackernews.com/2018/11/cybersecurity-bug-bounty.html
⚡How just opening a webpage in Safari could have HACKED your macOS system
Details & PoC → https://thehackernews.com/2018/11/apple-macos-zeroday.html
Syndis team (with Dropbox) reported 3 flaws in Apple #macOS, which if chained together, could have allowed sites to execute malicious code on visitors' computers
Details & PoC → https://thehackernews.com/2018/11/apple-macos-zeroday.html
Syndis team (with Dropbox) reported 3 flaws in Apple #macOS, which if chained together, could have allowed sites to execute malicious code on visitors' computers
A Security flaw in US Postal Service 📫 exposed 60 million users' personal data, including emails, account numbers, addresses & phone numbers
https://thehackernews.com/2018/11/usps-data-breach.html
🤦🏻 Even after receiving responsible disclosure from researcher, USPS left the flaw unpatched for over a year
https://thehackernews.com/2018/11/usps-data-breach.html
🤦🏻 Even after receiving responsible disclosure from researcher, USPS left the flaw unpatched for over a year
Rogue open-source developer infected the widely used NodeJS module "Event-Stream" with malicious code to steal bitcoin from wallets
https://thehackernews.com/2018/11/nodejs-event-stream-module.html
With 2,000,000 weekly downloads, Event-Stream is one of the most popular NPM packages being used by millions of web apps
https://thehackernews.com/2018/11/nodejs-event-stream-module.html
With 2,000,000 weekly downloads, Event-Stream is one of the most popular NPM packages being used by millions of web apps
FBI shuts down a massive multimillion-dollar online #Adfraud operation – dubbed "3ve" – and arrested 8 cyber criminals!
https://thehackernews.com/2018/11/3ve-ad-fraud-google.html
Hackers infected over 1.7 million computers and made millions of dollars from ads that were never actually viewed by real humans.
https://thehackernews.com/2018/11/3ve-ad-fraud-google.html
Hackers infected over 1.7 million computers and made millions of dollars from ads that were never actually viewed by real humans.
U.S. today announced charges against 2 Iranian hackers for creating & using SamSam #ransomware that extorted over $6 million from victims
https://thehackernews.com/2018/11/samsam-ransomware-iranian-hackers.html
Since both operate from Iran, they haven't yet been arrested. The FBI has added them to their list of WANTED HACKERS
https://thehackernews.com/2018/11/samsam-ransomware-iranian-hackers.html
Since both operate from Iran, they haven't yet been arrested. The FBI has added them to their list of WANTED HACKERS
👍2
Dell Resets All Customers' Passwords After Potential Security Breach
https://thehackernews.com/2018/11/dell-data-breach-hacking.html
Hackers Infiltrated #Dell's Network and Attempted to Steal Users’ Account Information, Including Passwords.
https://thehackernews.com/2018/11/dell-data-breach-hacking.html
Hackers Infiltrated #Dell's Network and Attempted to Steal Users’ Account Information, Including Passwords.
A die-hard fan of most-followed YouTuber #PewDiePie hijacked 150,000 printers worldwide to print-out flyers asking everyone to subscribe PewDiePie channel and unsubscribe T-Series, 2nd most-followed channel
https://thehackernews.com/2018/11/pewdiepie-printer-hack.html
The T-Series vs Pewdiepie war is getting ugly!
https://thehackernews.com/2018/11/pewdiepie-printer-hack.html
The T-Series vs Pewdiepie war is getting ugly!
A new ransomware malware is spreading rapidly across China that has already infected over 100,000 computers in last 4 days
https://thehackernews.com/2018/12/china-ransomware-wechat.html
https://thehackernews.com/2018/12/china-ransomware-wechat.html
Quora Gets Hacked – 100 Million Users' Data Stolen, Including Email Addresses and Hashed Passwords.
https://thehackernews.com/2018/12/quora-hack.html
Change Your Password Now.
https://thehackernews.com/2018/12/quora-hack.html
Change Your Password Now.
Microsoft is reportedly building a new Chromium-based web browser, dubbed "Project Anaheim," to replace Windows 10's built-in #Edge browser.
https://thehackernews.com/2018/12/edge-browser-anaheim-chromium.html
https://thehackernews.com/2018/12/edge-browser-anaheim-chromium.html
*Here We Go:*
SNDBOX — Researchers Release a New Artificial Intelligence-Powered Online Automated #Malware Analysis Platform ...and It's Free!
SNDBOX offers Static, Dynamic (behavioral) and Network analysis for submitted executables in an easy-to-understand format.
It uses Machine Learning algorithms to automatically develop deeper knowledge and understanding on several aspects, behavioral patterns, vectors, attributes, classification, and signatures over time.
SNDBOX is not just capable of detecting malware by monitoring their behavior, but it also converts dynamic behavioral inputs into searchable vectors, allowing users to search its vast online malware analysis database with excellent visibility
Watch Demo Video, Sample Reports at The Hacker News
https://thehackernews.com/2018/12/sndbox-malware-analysis-tool.html
SNDBOX — Researchers Release a New Artificial Intelligence-Powered Online Automated #Malware Analysis Platform ...and It's Free!
SNDBOX offers Static, Dynamic (behavioral) and Network analysis for submitted executables in an easy-to-understand format.
It uses Machine Learning algorithms to automatically develop deeper knowledge and understanding on several aspects, behavioral patterns, vectors, attributes, classification, and signatures over time.
SNDBOX is not just capable of detecting malware by monitoring their behavior, but it also converts dynamic behavioral inputs into searchable vectors, allowing users to search its vast online malware analysis database with excellent visibility
Watch Demo Video, Sample Reports at The Hacker News
https://thehackernews.com/2018/12/sndbox-malware-analysis-tool.html
New Adobe Flash zero-day exploit discovered hidden inside Microsoft Office docs, which are being used in a targeted campaign against Russian State Healthcare Institution
https://thehackernews.com/2018/12/flash-player-vulnerability.html
Tracked as CVE-2018-15982, the Flash Player vulnerability allows attackers to execute arbitrary code on a targeted system. Adobe has released patch update to fix it.
https://thehackernews.com/2018/12/flash-player-vulnerability.html
Tracked as CVE-2018-15982, the Flash Player vulnerability allows attackers to execute arbitrary code on a targeted system. Adobe has released patch update to fix it.
WARNING — On most Linux distributions, unprivileged users with UIDs greater than INT_MAX value can execute any systemctl command, thanks to a new flaw (CVE-2018-19788) found in PolicyKit, a toolkit responsible for handling authentication & permissions
https://thehackernews.com/2018/12/linux-user-privilege-policykit.html
https://thehackernews.com/2018/12/linux-user-privilege-policykit.html
Australia Passes New Anti-Encryption Bill 2018—Here's Everything You Need To Know
https://thehackernews.com/2018/12/australia-anti-encryption-bill.html
Worth to note → It doesn't allow Government to force Tech companies to Weak/crack/backdoor their encrypted services. Instead, Australia wants them to provide an alternative way to let Government sneak into your devices, whenever required.
https://thehackernews.com/2018/12/australia-anti-encryption-bill.html
Worth to note → It doesn't allow Government to force Tech companies to Weak/crack/backdoor their encrypted services. Instead, Australia wants them to provide an alternative way to let Government sneak into your devices, whenever required.
Google announces to shutdown #Google+ 4 month earlier than its actual scheduled after the company discovered a new API flaw that exposed personal information of 52.5 million users
https://thehackernews.com/2018/12/google-plus-hacking.html
Google+ will now die on April 2019 instead of August 2019.
https://thehackernews.com/2018/12/google-plus-hacking.html
Google+ will now die on April 2019 instead of August 2019.
phpMyAdmin Releases Critical Software Update to Address Several Security Vulnerabilities — Patch Your Websites Now!
https://thehackernews.com/2018/12/phpmyadmin-security-update.html
—Local file inclusion (CVE-2018-19968)
—Cross-Site Request Forgery/XSRF (CVE-2018-19969)
—Cross-site scripting (CVE-2018-19970)
https://thehackernews.com/2018/12/phpmyadmin-security-update.html
—Local file inclusion (CVE-2018-19968)
—Cross-Site Request Forgery/XSRF (CVE-2018-19969)
—Cross-site scripting (CVE-2018-19970)