Cyber Security News

The purpose of application security is simple – making apps secure to use. Different applications are created for various purposes 4 Tips to Improve Your Application Security on Latest Hacking News . from Latest Hacking News https://ift.tt/37kkzQz

Insider threats, considered too rare to be a real threat, have been steadily on the rise for a few years How To Deal With Insider Threat In The Age Of Covid-19? on Latest Hacking News . from Latest Hacking News https://ift.tt/33t62Rn

  For the third time, the Belgian research team's experts demonstrated by hacking Tesla's key fob, how anyone could easily access the car and steal it in no time. The new demonstration attack on Tesla reveals the existing vulnerabilities that Tesla still faces. It also shows security vulnerabilities in Tesla's "Keyless Entry System," one of the industry's most expensive electric vehicles. Experts at COIC (Computer Security and Industrial Cryptography) found significant security vulnerabilities in Tesla X's key fob technology. It is a small tech that allows a person to unlock a car automatically by pressing a button or just passing by.  Ph.D. student Lennert Wouters, a member of the research team, previously demonstrated two hacks on the Tesla Model S, which also had keyless technology. The attack allowed Lennert to unlock the car and start it. Tesla is famous for selling the best 'state-of-the-art' electronic vehicles available in the market. Th...

Computer-aided dispatch systems (CAD) are most commonly used in law enforcement, emergency medical services, as well as for other public How to Protect Your Dispatch Software From Online Threats on Latest Hacking News . from Latest Hacking News https://ift.tt/3mwX5Oc

The days of CDs and tapes are long gone. We live in an age where one can find everything that How to Download High Quality Music to Your PC on Latest Hacking News . from Latest Hacking News https://ift.tt/3o4Ke6s

Having the right gaming equipment can help to transform your gaming experience and allow you to achieve the best results. Gaming Tech 101: What Every Beginner Gamer Needs on Latest Hacking News . from Latest Hacking News https://ift.tt/3lnAi6a

The IoT giant Advantech has become the latest victim of a severe cyber attack. Reportedly, Advantech has fallen prey to Advantech Suffered Conti Ransomware Attack – Hackers Demand 750 BTC Ransom on Latest Hacking News . from Latest Hacking News https://ift.tt/2JbdpWR

Another day, another ransomware attack has surfaced online. This time, it’s the French corporate giant Endemol Shine Group. Reportedly, the DoppelPaymer Ransomware Hits Masterchef, Big Brother Producer on Latest Hacking News . from Latest Hacking News https://ift.tt/37mZhS8

Basecamp has recently disclosed a critical vulnerability that could allow remote code execution attacks. Fortunately, Basecamp has already deployed a Critical Vulnerability In Basecamp Could Allow Remote Code Execution Attacks on Latest Hacking News . from Latest Hacking News https://ift.tt/2JkRqMG

There is an imposter among us, quite literally - the popular gaming app has attracted many flukes and malware carrying apps made to look like the legit gaming application or mod. These malicious apps can range from harmlessly annoying to quite dangerous. Players looking for Among Us should be cautious as to use only trustworthy sources to install the app from and look into mods and their legitimacy before using them. These "fake" apps range from mock among us intending to swindle off from the game's success to mods, which attracts young players in the lure of hacks but actually drops malware in the system or steal data from the device. A report from TechRadar says that currently there are 60 fake imposter apps of Among Us including apps that can i) install adware or bloatware or ii) apps that deploy malware and iii) steal financial data.  Why Among Us?  Among Us, a multiplayer PC and mobile game suddenly became popular in 2020. Though it was released in 2018, did ...

The company Group-IB, which specializes in the disclosure of IT crimes, listed the countries from which cyber attacks are most often committed. This list includes China, Iran, North Korea, and Russia Hacker attacks are most often carried out from China, Iran, North Korea and Russia, according to the report Hi Tech Crime Trends 2020 of the company Group-IB. The Asia-Pacific region was the most attacked in the second half of 2019 and the first half of 2020. Groups of hackers associated with the security services are mainly concentrated in China, where they counted 23, in Iran — 8 groups, in North Korea and Russia — 4 groups, in India-3 groups, in Pakistan and the Gaza Strip-2 groups. Another one is in Vietnam, Turkey and South Korea. At the same time, their main area of interest is the Asia - Pacific region, as well as Europe. According to a report, Russia and the United States were less likely to be attacked. So, 15 campaigns were conducted in the United States and 9 in Russia. They...

Drupal, the fourth popular most popular CMS behind the websites today, has released emergency fixes for some critical flaws. Exploiting Drupal Release Emergency Fixes For Critical Code Execution Flaws on Latest Hacking News . from Latest Hacking News https://ift.tt/39lcrlm

  A security researcher from Google has been banned from Call of Duty: Modern warfare for attempting to reverse engineer its networking code while studying the security to hunt memory corruption vulnerabilities.    Almost a week later, after getting his account suspended by Call of Duty's developer, Activision Blizzard, Google Project Zero's Williamson, who carried out the research in his personal capacity, published a blog post telling that the research he conducted required him to reverse engineer the networking code in COD'e executable ( For reviewing the code for memory corruption vulnerabilities). However, as the executable was heavily obfuscated, IDA failed to examine it, forcing him to as he said in the blog, "dump the unobfuscated code from the memory of a running game process."    It was at that point when the developers of the game suspected him as a cheater and consequently, his activities were flagged for being suspicious in nature. To ensure he...

South Korea fines social networking giant Facebook for 6.7 billion Won (around $6 million) for sharing user data without their consent. According to PIPC (Personal Information Protection Commission), Facebook has a total userbase of around 18 million users in South Korea. It says FB shared user data of 3.3 million users to third-party companies without user consent. The incident happened from May 2012 to June 2018. Also, PIPC says that it will charge a criminal complaint against the company for violating "personal information laws."  The shared information includes user names, academic background, work profile, relationship status, and home addresses. The users logged into other third-party apps using their FB credentials but without giving any permission to access personal information. Nonetheless, FB shared its data with the third-party apps the users were using.  The issue came to notice when a FB user shared their data with a service while logging in with the FB acco...

  There is no denying the fact that cyberattacks against health bodies, vaccine scientists and drug makers have risen to an extreme length during the Coronavirus pandemic as state-backed and criminal hacking groups scramble to acquire the most recent research conducted as well as the data about the outbreak. Yet another example has come across in the recent times, as a British drug maker company races to deploy its vaccine for the Corona virus and a couple of suspected North Korean hackers attempted to break into its systems.  According to sources, the hacking endeavored to focus on a "broad set of people" including staff working on the COVID research. The Reuters report that, by posing like recruiters on the networking site LinkedIn and WhatsApp the hackers approached the staff of AstraZeneca with fake job offers and later sent documents which appeared to be job descriptions that were bound with malevolent code intended to access a victim's computer.  The sour...

A researcher discovered a serious vulnerability in an Xbox subdomain that exposed email addresses behind Xbox accounts. It only required Xbox Subdomain Vulnerability Exposed Users’ Email Addresses on Latest Hacking News . from Latest Hacking News https://ift.tt/3lb3Wvy

Home Depot has recently agreed to a multistate settlement over a 2014 data breach. The Georgia-based firm suffered a major Home Depot 2014 Data Breach Update: $17.5 Million Multistate Settlement Reached on Latest Hacking News . from Latest Hacking News https://ift.tt/33iepz9

While the appearance of malicious apps on the Android Play Store is nothing new, seeing a dubious app from a Google Removed Two Baidu Android Apps Collecting Users’ Sensitive Data From Play Store – One Restored Recently on Latest Hacking News . from Latest Hacking News https://ift.tt/33i5T39

Every email, photo, or post you send/publish, every webpage you visit, and every link you click, leave a trail. The 5 Ways Big Companies Are Spying on You Online on Latest Hacking News . from Latest Hacking News https://ift.tt/36cBcy7

Dark Sky was one of the most popular Application Programming Interface (API) related to weather services available on the play 6 Aspects to Consider While Choosing a Substitute for Dark Sky API for Weather on Latest Hacking News . from Latest Hacking News https://ift.tt/2V98KXE

With the advancement of innovations in technology, the automotive industry has started to develop AI (Artificial intelligence) based vehicles. Have Why are self-driving cars not offered to us at level 5 by deep learning? on Latest Hacking News . from Latest Hacking News https://ift.tt/3q9guaa

A software downgrade is a process of moving from a more recent software version to an older one. Not many 5 Common Reasons Why People Downgrade Software on Latest Hacking News . from Latest Hacking News https://ift.tt/2JgzlPZ

Looking for an extra marketing strategy that will let your business reach top high positions? Then it is time for Push Notification Marketing – How to Make Your Strategy Fly? on Latest Hacking News . from Latest Hacking News https://ift.tt/39lxYdy

2020 has been an event-full year for cybersecurity, to say the least COVID-19 completely shifted the paradigm for the 184 Billion dollar industry, with ramifications felt throughout the year and possibly next year. So, what new threats can be expected in cybersecurity for the year 2021? We assessed future threats trends that you'll need to be careful of:  Social Engineering Attacks: Verizon’s Data Breach Investigations Report for 2020 says that social engineering is a top attack vector and this trend will probably continue for 2021 but in a better and sophisticated way. For example, attackers scamming people by asking their detail like email, card numbers, etc for free Covid testing kits.  Cybercriminals will be focusing on Remote Workers and Network Attacks:   Social Distancing can slow down virus but not hackers. In 2021, it's highly probable that attackers will focus on WFH (Work From Home) employees and people using minimal security defenses. Phishing, i...

Ecommerce has been on a steady growth for years now and there are currently between 12 and 24 million eCommerce 6 Security Tips for Ecommerce Websites on Latest Hacking News . from Latest Hacking News https://ift.tt/2V7UsGL

Popular web hosting control platform cPanel had a major security bug. Specifically, the vulnerability affected the cPanel two-factor authentication feature Vulnerability In cPanel Two-factor Authentication Could Allow Brute-force Attacks on Latest Hacking News . from Latest Hacking News https://ift.tt/3q4CJOL

  A data breach attack recently hit Sophos, a Uk based cybersecurity company. The company currently has notified its customers regarding the data attack via mail, which the company suffered last week. The leaked information includes user names, emails, and contact numbers. According to Sophos, only a small number of customers were affected by the data breach. The spokesperson says that a "small subset" of customers was affected; however, not providing any further details.  Earlier this week, the company was informed of an access permission problem in a tool. The tool contains customers' information who contact Sophos support. The company said this in an email sent to its customers.  The company says that it came to know about the issue through an expert and had fixed the misconfiguration as soon as it was reported. According to Sophos, customer privacy and safety is their topmost priority. It is currently contacting all impacted customers.  Besides this, the c...

  In the city of Lagos, three Nigerian nationals suspected of participation in an organized cybercrime group behind malware distribution, phishing attacks, and a massive business email compromise (BEC) ring responsible for scams globally, have been arrested under “Operation Falcon” carried out jointly by international police organization with Nigeria Police Force and Singapore-based cybersecurity firm Group-IB, according to the reports by Interpol.    In a Business Email Compromise (BEC) attack, the threat actor hacks and spoofs email to impersonate an organization’s CEO, vendors, or senior executives to trick employees and customers by gaining their trust; which later is exploited as the attackers encourage actions relating to funds transfer to criminal’s account or transferring confidential data, in some cases.    The cybercriminals behind the operations performed a number of their phishing campaigns in disguise; masked as product inquiries, Coronavirus a...

  With 400 Million monthly active users (a 30% increase from last year), Pinterest is gaining foot among millennials and Gen Z. And their secret of success is their creative interface and their constant new features that attract Gen Z to the platform for future growth, learning, and inspiration. And thus, the photo-sharing social app is aired to be testing online events where users can sign up for Zoom classes by creators.  The organization confirmed that the feature is undergoing tests with selected users but didn't comment further either on the confirmation or the launch.  The creators can organize lessons through Pinterest’s class boards, manage class materials, notes, and other resources, and connect through a group chat option. The classes would work through communities- similar to pinboards, if a user wants to join a class, they'll have to click on a sign (a book) to join and they will be mailed with the class detail and zoom link. The communities will be a spa...

  Scammers have now begun taking advantage of the Minecraft sandbox video clip game’s wild accomplishment by building Google Play applications. These applications surface to be Minecraft modpacks, but in its place supply abusive ads, as per researchers. Because Minecraft was designed in Java, it was easy for third-party developers to create compatible applications or these “modpacks” to enhance and customize the gaming experience for players.  The reason why the game is so popular is basically the fact it builds certain skills within the players which have also been touted by parents and educators as beneficial (especially for kids). Since July, Kaspersky researchers have found more than 20 of these apps and determined that they have been downloaded on more than a million Android devices.  Among those 15,000 Minecraft mods lurk at least 20 that Kaspersky researchers were able to identify as malicious. Google Play has removed all but five of the malicious titles, Ka...

A serious vulnerability existed in the Tesla Model X key fob that could allow anyone to break into the car. Researcher Hacked Tesla Model X Demonstrating Keyless Entry System Vulnerability on Latest Hacking News . from Latest Hacking News https://ift.tt/33gHYAY

Google spotted and reported a high-severity flaw affecting GitHub around three months ago. However, GitHub patched the vulnerability only recently. GitHub Patched A Vulnerability Months After Google’s Report on Latest Hacking News . from Latest Hacking News https://ift.tt/39lXFuq

Anton Kardanov, head of the information security sector at AT Consulting, warned that motion recognition systems can be used by cybercriminals to steal the personal data of users during video conferences. According to him, a special algorithm can read the movement of hands over the keyboard if they fall into the field of view of the camera, which poses risks to the user's privacy. “The Artificial intelligence (AI) algorithm with high precision can restore the typed text if the video shows the movement of the arms and shoulders," said Mr. Kardanov. It is reported that the program first removes the background and turns the image into gray tones, and then focuses on the hands — as a result, the algorithm leaves only the contours of the hands and shoulders and monitors their movements. They are used to restore the text typed on the keyboard. Thus, an attacker can recognize passwords, passport data, Bank card numbers, and other information that the user types on the keyboard du...

  Chinese state-sponsored threat actors have been observed exploiting the Zerologon vulnerability in a global campaign targeting businesses from multiple industries in Japan and 17 other regions across the world including the United States and Europe. The attacked industries include engineering, automotive, managed service providers, and pharmaceutical.  According to the information gathered by Symantec’s Broadcom division, these attacks have been attributed to the Cicada group also known as APT10, Cloud Hopper, or Stone Panda.    The attackers are known for their sophistication, in certain cases, they were recorded to have hidden their suspicious acts effectively and remained undetected while operating for around a complete year. Previously, the state-backed actors have stolen data from militaries, businesses, and intelligence, and seemingly, Japanese subsidiaries are their newly found target.    The links between the attacks and Cicada have been dr...

Twitter has recently launched the “Fleets” feature similar to WhatsApp status or Facebook stories. However, it may not work the Bug in Twitter Fleets Where Posts Remain Visible on Latest Hacking News . from Latest Hacking News https://ift.tt/2J4mFMd

TikTok has recently addressed a serious security vulnerability in its platform. Specifically, a cross site scripting flaw (XSS) affected the High-Severity XSS Flaw In TikTok Could Allow Account Takeover on Latest Hacking News . from Latest Hacking News https://ift.tt/39al0PL

On 19 November, E-Hacking News conducted an interesting interview with Sepio Systems . The company provides its customers with the highest level of visibility, policy enforcement, and Rogue Device Mitigation capabilities. The guest speaker for the interview was Mr. Bentsi Ben-Atar, CMO, and Co-Founder, Sepio Systems.  Founded in 2016 by veterans from the Israeli Intelligence Community, Sepio HAC-1 is the first platform that provides visibility, control, and mitigation to zero trusts, insider threat, BYOD, IT, OT, and IoT security programs. Sepio Systems is a strategic partner of Munich Re, the world’s largest reinsurance company, and Merlin Cyber, a leading cybersecurity federal solution provider.  1. Can you please introduce yourself to our readers?       Bentsi Ben-Atar: I am one of the co-founders of Sepio Systems, the company was founded by a group of founders that have been working together for almost 30 years now. We have a strong background in...

Another study has suggested how unsmart it would be to use smart devices without adequate cybersecurity measures. Researchers have devised LidarPhone Attack Transforms Smart Vacuum Cleaners Into Spying Tools on Latest Hacking News . from Latest Hacking News https://ift.tt/3nRknyJ

As more instant messaging apps surface online with end-to-end encryption, Google has also realized its importance. Hence, Google is planning Google To Add End-to-End Encryption To Android Messages App on Latest Hacking News . from Latest Hacking News https://ift.tt/3kYIfP8

Electronic signatures make it simpler for members of record administration, workers of human resources, and executives in a number of How to Sign a PDF Online? on Latest Hacking News . from Latest Hacking News https://ift.tt/3lY3ORj

Amidst all the businesses suffering cybersecurity incidents, a football club has now joined the trail. Reportedly, Manchester United has disclosed Football Club Manchester United Confirms Cyber Attack on Latest Hacking News . from Latest Hacking News https://ift.tt/35VAxkl

Facebook has recently fixed a serious bug in their Messenger app that could allow spying on other users. Specifically, exploiting Facebook Messenger Bug Could Allow Spying On Users Via Audio on Latest Hacking News . from Latest Hacking News https://ift.tt/3fsDBb1

By Brian Tant On October 29, 2020 a confidential source said that an RYUK attack against US-based hospitals and clinics Imminent Threat for US Hospitals and Clinics, RYUK Ransomware Alert (AA20-302A) on Latest Hacking News . from Latest Hacking News https://ift.tt/2J5pcpg

Running a company or an organization is not easy. That is why getting any tool that can ease your job A Step-by-Step Guide to Help You Manage Your Employees on Latest Hacking News . from Latest Hacking News https://ift.tt/2HwFHds

Is it really possible? Can someone hack my phone without touching it? Yes, a hacker can spy on a phone How Can Someone Can Hack Your Phone Without Touching It?   on Latest Hacking News . from Latest Hacking News https://ift.tt/2J5q0dM

The COVID19 pandemic has driven us indoors and is forcing us to stay within the confines of our homes. Hanging Make the Most of Social Gaming in This Pandemic with Trivia Board Games on Latest Hacking News . from Latest Hacking News https://ift.tt/2USdIb3

Security is one of the crucial elements of web application development. However, businesses often do not pay as much attention 7 Ways to Improve Your Web Application Security Against Cybercrime in 2020 on Latest Hacking News . from Latest Hacking News https://ift.tt/3fueeFF

Microsoft is the leading name in the PC game. When it comes to tabs and detachables, however, they don’t match Windows 10X – What Should You Know About It? on Latest Hacking News . from Latest Hacking News https://ift.tt/2ISZlBb

Data recovery has a long history with computers, ever since the invention of mechanical computers. Even though data recovery companies Why Data Recovery Services Are Still In Demand Nowadays on Latest Hacking News . from Latest Hacking News https://ift.tt/2J0JkZq

The name might be cute but don’t let it fool you. Smishing is a hacking attack that has mastered the The Link Between Text Messaging and Effective Hacking on Latest Hacking News . from Latest Hacking News https://ift.tt/339mypj

One more Android app risked the security and privacy of users. This time, it the GO SMS Pro, a messaging Android App GO SMS Pro Exposed Users’ Private Messages Publicly on Latest Hacking News . from Latest Hacking News https://ift.tt/399FQ1B

Recently, researchers presented their study about the PLATYPUS attack that could steal data from the Intel CPUs. Now, another team VoltPillager Attack Can Manipulate Intel CPUs’ Secure SGX Enclaves on Latest Hacking News . from Latest Hacking News https://ift.tt/399eclG

Cisco has recently addressed serious vulnerabilities affecting its Webex video conferencing app. Exploiting the bugs could allow unsolicited users to Cisco Webex Vulnerabilities Could Expose Meetings To Ghost Users on Latest Hacking News . from Latest Hacking News https://ift.tt/3nPrdoA

 The much popular messaging application earlier announced that they will be rolling out a new 'Disappearing Messages' feature, where sent messages disappear after seven days around this month. Now, this particular feature is available for Indian users to avail on their smartphones. The new feature is launched for Android, iPhone, KaiOS, Web, and Desktop supporting WhatsApp and made available to all 2 Billion of their users.  There are still some key points you should know about the feature. Though the feature is for both individual and group chats, only admins can turn on the disappearing feature in groups otherwise your messages won't disappear even though your feature is 'ON'. The feature needs to be switched on for individual chats and if the disappearing message is forwarded to a user with the disappearing message off, then the texts won't go from their chat after seven days. One should also be wary before turning on the disappearing message feature as...

  Manchester United affirmed the hacking on the club and revealed systems required for the match remained secure. Have been hit by a cyber-attack on their systems however state they are not “currently aware of any breach of personal data associated with our fans and customers”.  In a statement, United stated: “Manchester United can confirm that the club has experienced a cyber-attack on our systems. The club has taken swift action to contain the attack and is currently working with expert advisers to investigate the incident and minimize the ongoing it disruption. Paul Pogba 'significant for us' says Solskjær after Deschamps comments, “Although this is a sophisticated operation by organized cybercriminals, the club has extensive protocols and procedures in place for such an event and had rehearsed for this eventuality. Our cyber defenses identified the attack and shut down affected systems to contain the damage and protect data. Club media channels, including our web...

Another day, another cryptocurrency cyber-attack has surfaced online. This time, the Liquid cryptocurrency exchange has fallen prey to a security Liquid Cryptocurrency Exchange Suffered A Security Breach on Latest Hacking News . from Latest Hacking News https://ift.tt/2HlKEFI

Earlier this month, the Japanese gaming firm Capcom suffered a cybersecurity incident reports hinted towards a ransomware attack. After two Capcom Ransomware Attack Update: Vendors Confirmed Compromise Of Data on Latest Hacking News . from Latest Hacking News https://ift.tt/3315bXO

  We recently looked into ways phishing mails are evolving, attackers getting creative by the day. But a new trend has taken up the dark web, and soon phishing campaigns for ransomware and malware will be a thing of the past. With the sources equable of a small government, malware gangs have started collaborating within themselves and have come up with "initial access brokers," what these groups do is provide ransomware and other groups with already infected systems. Compromised systems through RDP endpoints, backdoored networking devices, and malware-infected computers install ransomware into the network, this makes the ransomware attacker work as swiftly as cutting into the cake.   There are currently three types of bookers that serve ransomware :  Selling compromised RDP endpoints: These bookers carry a brute remote desktop protocol (RDP) into corporate systems, sold as "RDP Shops". Ransom groups often choose systems that are integrated well within the net...

Managed hosting provider Managed.com has temporarily taken down all its servers and web hosting systems offline including clients' websites in response to a REvil ransomware attack that compromised public-facing web hosting systems.    The threat actors behind the security incident that took place on Monday, 16th November are not known yet, however, the company said that it is involved with law enforcement agencies to investigate the matter and restore the services as securely as possible. As of now, it remains unclear if the attackers have stolen any data before the encryption of devices.    Initially, the web hosting service refrained from revealing any details about the incident and posted an update claiming 'unscheduled maintenance' as the reason for the service interruption. However, later on, the company disclosed that it had encountered a ransomware attack that affected their systems and files containing critical data.    In a status update, M...

  A company whose cold-storage capacities are extremely integral to the U.S. food-supply chain and the Coronavirus vaccine distribution affirmed an operation affecting cyberattack, as per a filing with the Securities and Exchange Commission (SEC).  Americold is by far the largest cold-storage provider in the U.S. what's more, it operates 183 temperature-controlled warehouses globally, incorporating Argentina, Australia, Canada, and New Zealand; and just got hold of a similar company in Europe.  For 'an idea of scale’, it holds the agreement for linking the ConAgra food-producing giant to supermarkets and customers.  The attack appears all the earmarks of being a ransomware episode that began on Nov. 16 and even influenced the organization's phone systems, email, inventory management, and request satisfaction, as indicated by reports on Twitter.  The filing with the SEC was brief and read that: “As a precautionary measure, the company took immediate ste...