New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps - Remember Strandhogg?

A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information.

Late last year, at the time of its public dis feedproxy.google.com/~r/TheHac

New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data - Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data.

"ComRAT v4 was first seen in 2017 and known still to feedproxy.google.com/~r/TheHac

New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug - The hacking team behind the "unc0ver" jailbreaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version.

Calling it the first zero-day jailbreak to be released since iOS 8, unc0ver's lead developer Pwn20wnd said "ev feedproxy.google.com/~r/TheHac

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19 - The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work.

There are several trends taking place as a consequence of the outbreak, which has only continued to heighten t feedproxy.google.com/~r/TheHac

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia - Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia.

Bitdefender said the intelligence-gathering operations were conducted by Chafer APT (also known as APT39 or Remix Kitten), a threat actor known fo feedproxy.google.com/~r/TheHac

[Guide] Finding Best Security Outsourcing Alternative for Your Organization - As cyberattacks continue to proliferate in volume and increase in sophistication, many organizations acknowledge that some part of their breach protection must be outsourced, introducing a million-dollar question of what type of service to choose form.

Today, Cynet releases the Security Outsourcing feedproxy.google.com/~r/TheHac

New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks - Israeli cybersecurity researchers have disclosed details about a new flaw impacting DNS protocol that can be exploited to launch amplified, large-scale distributed denial-of-service (DDoS) attacks to takedown targeted websites.

Called NXNSAttack, the flaw hinges on the DNS delegation mechanism to f feedproxy.google.com/~r/TheHac

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records - The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums.

In an official statement released on Tuesday feedproxy.google.com/~r/TheHac

Brazil's Biggest Cosmetic Brand Natura Exposes Personal Details of Its Users - Brazil's biggest cosmetics company Natura accidentally left hundreds of gigabytes of its customers' personal and payment-related information publicly accessible online to anyone without authentication.

SafetyDetective researcher Anurag Sen last month discovered two unprotected Amazon-hosted servers feedproxy.google.com/~r/TheHac

British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers' Data - British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers.

In an official statement released today, EasyJet confirmed that of the 9 m feedproxy.google.com/~r/TheHac

New Bluetooth Vulnerability Exposes Billions of Devices to Hackers - Academics from École Polytechnique Fédérale de Lausanne (EPFL) disclosed a security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device, exposing over a billion of modern devices to hackers.

The attacks, dubbed Bluetooth Impersonation AttackS or BIA feedproxy.google.com/~r/TheHac

HTTP Status Codes Command This Malware How to Control Hacked Systems - A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.

The cyberespionage malware—traced to Turla APT with "medium-to-low level of confidence" feedproxy.google.com/~r/TheHac

Effective Business Continuity Plans Require CISOs to Rethink WAN Connectivity - As more businesses leverage remote, mobile, and temporary workforces, the elements of business continuity planning are evolving and requiring that IT professionals look deep into the nuts and bolts of connectivity.

CISOs and their team members are facing new challenges each and every day, many of w feedproxy.google.com/~r/TheHac

Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable - Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol?

Though Microsoft had patched the vulnerability (CVE-2019-0887) as part of its July 2019 Patch Tuesday feedproxy.google.com/~r/TheHac

Researcher Spots New Malware Claimed to be 'Tailored for Air‑Gapped Networks' - A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks.

Dubbed 'Ramsay, feedproxy.google.com/~r/TheHac

U.S Defence Warns of 3 New Malware Used by North Korean Hackers - Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers.

Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malwa feedproxy.google.com/~r/TheHac

Over 4000 Android Apps Expose Users' Data via Misconfigured Firebase Databases - More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data.

The investigation, led by Bob Diachenko f feedproxy.google.com/~r/TheHac

Cynet Offers IR Specialists Grants up to $1500 for each IR Engagement - In the past, the autonomous breach protection company Cynet announced that it is making Cynet 360 threat detection and response platform available at no charge for IR (incident response) service providers and consultants.

Today Cynet takes another step and announces a $500 grant for Incident Respon feedproxy.google.com/~r/TheHac

An Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch Now - If you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability.

Maintainers of the vBulletin project recently announced an important patch update but didn't reveal any information feedproxy.google.com/~r/TheHac

7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years - A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports.

Collectively dubbed 'ThunderSpy,' the vulnerabilities can be exploited in 9 realistic feedproxy.google.com/~r/TheHac

Show more
mhc.social

Lokale Instanz der MHC SoftWare GmbH