Hacking Virtual Reality – Researchers demonstrate how hackers could have remotely exploited popular Bigscreen VR app to spy on your virtual world meetings and even compromise your computers completely.

[Exclusive Technical Details] https://thehackernews.com/2019/02/bigscreen-vr-hacking.html

Drupal releases software updates to patch a new CRITICAL remote code execution flaw (CVE-2019-6340) that could allow hackers to hijack websites — UPDATE your site ASAP!

https://thehackernews.com/2019/02/hacking-drupal-vulnerability.html

WARNING — Critical Code Execution Flaw in WinRAR Affects All Versions of Popular File Compression Software Released in Last 19 Years, Leaving 500 Million Users Worldwide at Risk

https://thehackernews.com/2019/02/winrar-malware-exploit.html

Update Your WinRAR to version 5.70 beta 1 Immediately.

Wohooo! Kali Linux 2019.1 Released — Latest Version of Operating System for Hackers and #Cybersecurity Professionals.

https://thehackernews.com/2019/02/kali-linux-hackers-os.html

The First 2019 version of Kali includes kernel up to version 4.19.13, various patches, and software updates like #Metasploit 5.0.

You should immediately turn this *new* setting OFF on your Facebook app for Android to prevent it from collecting your real-time location history in the background when you're not using the app.

If you haven't already, check this out → https://thehackernews.com/2019/02/facebook-location-tracking.html

New attacks against 4G, 5G LTE networks re-enable IMSI Catchers like StingRay, allowing attackers to verify targeted mobile's location, launch prior attacks like call/SMS interception

Learn about ToRPEDO, Piercer and IMSI-Cracking attacks https://thehackernews.com/2019/02/location-tracking-imsi-catchers.html

Great News ⭐ Android Gets FIDO2 Certification

https://thehackernews.com/2019/02/android-fido2-password-security.html

Billions of devices running Android version 7.0 and above are now FIDO2 Certified, allowing users to leverage quick and secure password-less authentication protocol to log into their web accounts and apps

Watch out! Hackers have started exploiting latest Drupal RCE flaw disclosed last week

https://thehackernews.com/2019/02/drupal-hacking-exploit.html

NOTE—If you haven't updated your Drupal site yet, your site may have already been compromised and merely installing latest Drupal version would not remove malware code

Researchers discover a new spam campaign in the wild that exploits latest WinRAR vulnerability to infect Windows computers with malware

https://thehackernews.com/2019/02/winrar-hacking-exploit.html

Google's Project Zero researcher publicly disclosed details and PoC for a new "high-severity" vulnerability in macOS after Apple failed to patch it within 90 days of being notified

https://thehackernews.com/2019/03/cybersecurity-macos-hacking.html

Researchers finally with high-confidence attribute "Operation Sharpshooter" global cyber-espionage campaign (still ongoing) to North Korean Lazarus #hacking group

https://thehackernews.com/2019/03/north-korea-hacking.html

...thanks to the new evidence they collected from a seized command-and-control server.

Google's cybersecurity startup Chronicle launches "Backstory" — A new threat analytics platform that allows businesses to privately store and analyse petabytes of "telemetry data," helping them quickly investigate incidents and hunt for potential threats

https://thehackernews.com/2019/03/backstory-cybersecurity-software.html

NSA Releases GHIDRA 9.0 — A Free and Powerful Reverse Engineering Tool

https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html

"GHIDRA helps analyze malicious code and can give cybersecurity professionals a better understanding of potential vulnerabilities in their networks and systems."

⚠️ Important — Update your Google Chrome immediately to patch a new high-severity 0-day RCE vulnerability (CVE-2019-5786) that hackers are actively exploiting in the wild

https://thehackernews.com/2019/03/update-google-chrome-hack.html

Patched Chrome version 72.0.3626.121 has been released for Windows, macOS, Linux

Citrix Suffers Massive Data Breach – Iranian-backed IRIDIUM Hacker Group Allegedly Stole 6TB of Sensitive Data

https://thehackernews.com/2019/03/citrix-data-breach.html

BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

https://thehackernews.com/2019/03/ios-mobile-phishing-attack.html

This new attack mimics iOS / Android native animation, browser feel and design in a very realistic manner to trick even vigilant mobile users into giving away their credentials

F5 Networks Acquires NGINX For $670 Million to Bridge NetOps and DevOps

https://thehackernews.com/2019/03/f5-networks-acquires-nginx.html

NGINX web servers power over half of the Internet and F5 helps businesses secure and manage their software and web applications... so, acquisition definitely makes sense.

Adobe Releases Security Updates to Patch Two Critical Vulnerabilities in Photoshop CC and Digital Editions

https://thehackernews.com/2019/03/adobe-software-updates.html

Exploitation of both flaws could allow an attacker to achieve arbitrary code execution on a targeted computer and take control of it.

New WordPress Vulnerability Lets Unauthenticated Remote Attackers Hack Sites

https://thehackernews.com/2019/03/hack-wordpress-websites.html

If for some reason your WordPress sites have not yet been automatically updated to the latest version 5.1.1 released yesterday, it's highly recommended to upgrade immediately.

Multiple critical 0-day RCE flaws discovered in Counter-Strike 1.6 Game client

https://thehackernews.com/2019/03/counter-strike-game-servers.html

Almost 39% of all CounterStrike gaming servers available online were found exploiting these unpatched flaws to remotely hack gamers’ computers and install botnet Trojan.