5 Places Where Hackers Are Stealthily Stealing Your Data In 2019

https://thehackernews.com/2019/10/hacking-data-breach-protection.html

Leading Web Domain Name Registrars Disclose Data Breach Incidents Affecting Millions of their Customers.

1️⃣ Web[.]com
2️⃣ Network Solutions
3️⃣ Register[.]com

Details ➤ https://thehackernews.com/2019/10/domain-name-registrars-hacked.html

🔥💬👆

Chinese hackers compromise Telecom servers with a new “MessageTap” malware that spies on SMS messages sent/received by high-ranking individuals with specific phone numbers, IMSI or messages containing certain keywords.

Read details ➤ https://thehackernews.com/2019/10/sms-spying-malware.html

🔥 Watch out! It’s finally happening. Cybersecurity researchers have spotted first cyberattack that’s 'mass-exploiting' BlueKeep RDP flaw in the wild. However, fortunately, this attack isn’t wormable and typically an immature attempt, but still exploits vulnerable systems connected to the Internet to install cryptocurrency malware.

Find more details on THN ➤ https://thehackernews.com/2019/11/bluekeep-rdp-vulnerability.html

⚡ Watch Out IT Admins!

PoC exploits for two new "unpatched RCE flaws" in rConfig network configuration management tool have been disclosed publicly, allowing unauthenticated remote hackers to compromise targeted servers and subsequent network devices.

https://thehackernews.com/2019/11/rConfig-network-vulnerability.html

In case you missed them, 🙂 here are some interesting cybersecurity stories from last week.

https://www.linkedin.com/pulse/newsletter-last-weeks-top-cyber-security-stories-mohit-kumar

This is interesting...

Hackers can covertly inject inaudible commands into voice controlled devices—Google Home, Alexa, Apple Siri—by shining a laser at them from several meters away.

Read ➤ https://thehackernews.com/2019/11/hacking-voice-assistant-laser.html

✅ OK Google, open the garage door
✅ Hey Siri, unlock my car

Two former Twitter employees have been caught helping Saudi Arabia spy on dissidents and critics by selling out their personal information.

Read more: https://thehackernews.com/2019/11/twitter-spying-saudi-arabia.html

Tech giants announce support for "Delegated Credentials for TLS," a new protocol designed for security that offers websites a reliable way to deploy TLS certificates with a validity of a short period, i.e., up to 7 days.

In this article we have covered:

✅ Over of the current TLS infrastructure
✅ Why we need Delegated Credentials for TLS?
✅ What is Delegated Credentials for TLS?
✅ How does it boost TLS protocol security?

Read more: https://thehackernews.com/2019/11/delegated-credentials-for-tls.html

Facebook’s Latest Privacy Mishap:

Social media company today revealed that a bug in its system unknowingly allowed 100 app developers to ‘improperly access’ data on members in certain Facebook groups.

Read more: https://thehackernews.com/2019/11/facebook-groups-data-leak.html

A security vulnerability in Amazon's Smart Ring Video Doorbell 🔔 Pro devices could have let remote attackers steal your Wi-Fi password.

Learn how ➤ https://thehackernews.com/2019/11/ring-doorbell-wifi-password.html

Is Facebook Secretly Accessing Your iPhone's Camera?

 

Some users claimed.

 

However, it appears more like a UI bug, instead of a privacy issue.

 

Read this and watch demo ➤ https://thehackernews.com/2019/11/facebook-ios-camera.html  

💀 ZombieLoad v2: Return of the Leaking Dead.

A new variant of the data-leaking side-channel attack affects most recent Intel CPUs (including the latest Cascade Lake) that are resistant against Meltdown, Foreshadow and other MDS attacks.

Details ➤ https://thehackernews.com/2019/11/zombieload-cpu-vulnerability.html

⚠️ TPM-Fail(ed)

New potentially serious CPU vulnerabilities could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based #Intel TPMs.

Read more: https://thehackernews.com/2019/11/tpm-encryption-keys-hacking.html

➡️ CVE-2019-11090
➡️ CVE-2019-16863

Utah-based technology company detected 2-year-long massive #databreach only after the hacker 'accidentally' maxed out compromised servers' file storage capacity.

Read more ➤ https://thehackernews.com/2019/11/hacking-file-storage.html

🚨 New WhatsApp RCE (CVE-2019-11931)

Facebook quietly patched another critical flaw in WhatsApp that could have allowed attackers to hack targeted devices remotely and install #spyware on them — just by sending MP4 media file.

Details: ➤ https://t.co/eiAp2b5ci2

Louisiana State Government hit by ransomware attack, forcing the authorities to take several state agency servers offline—including government websites, email systems, and other internal applications.

Read more: https://thehackernews.com/2019/11/louisiana-ransomware-attack.html

WATCH OUT!

A flaw in pre-installed Android Camera apps could let rogue apps take photos, record video, eavesdrop on conversations — without requiring permissions and even when the phone is locked, the screen is OFF, or the app is closed.

Details ➤ https://thehackernews.com/2019/11/android-camera-hacking.html

😬 Oh c'mon!

Someone hacked official site of Monero cryptocurrency project and quietly replaced legitimate Linux + Windows binaries available for download with malicious versions designed to steal funds 💰 from the users' wallets.

Read more: https://thehackernews.com/2019/11/hacking-monero-cryptocurrency.html

T-Mobile Suffers Yet Another Data Breach... This Time Affecting Its Prepaid Wireless Customers.

Details ➤ https://thehackernews.com/2019/11/t-mobile-prepaid-data-breach.html

Change Your Account PIN/Passcode Now.