Tuesday, May 21, 2019
The Hacker News

US Tech Giants Google, Intel, Qualcomm, Broadcom Break Up With Huawei

Google has reportedly suspended all businesses with the world's second-biggest smartphone maker, Huawei, and revoked its Android license effective immediately—a move that will have a drastic impact on Huawei devices across the globe. Revoking Android license means Huawei future smartphones...
The Hacker News

Report Reveals TeamViewer Was Breached By Chinese Hackers In 2016

The German software company behind TeamViewer, one of the most popular software in the world that allows users to access and share their desktops remotely, was reportedly compromised in 2016, the German newspaper Der Spiegel revealed today. TeamViewer is popular...
The Hacker News

Hacker Breaks Into Stack Overflow Q&A Site, No Evidence of Data Breach

Stack Overflow, one of the largest question and answer site for programmers, revealed today that an unknown hacker(s) managed to gain unauthorized access to its production systems on May 11, 2019. Founded by Jeff Atwood and Joel Spolsky in 2008,...
The Hacker News

‘GozNym’ Banking Malware Gang Dismantled by International Law Enforcement

In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major cybercrime network behind GozNym banking malware that is responsible for stealing nearly $100 million from over 41,000 victims across the...
The Hacker News

Bluetooth Flaw Found in Google Titan Security Keys; Get Free Replacement

A team of security researchers at Microsoft discovered a potentially serious vulnerability in the Bluetooth-supported version of Google's Titan Security Keys that could not be patched with a software update. However, users do not need to worry as Google has...
The Hacker News

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices. After the discovery of Spectre and Meltdown processor vulnerabilities earlier last...
The Hacker News

Microsoft Releases Patches For A Critical ‘Wormable Flaw’ and 78 Other Issues

It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can...
The Hacker News

Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder

Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse. None of...
The Hacker News

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

Researchers have discovered a severe vulnerability in Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed Thrangrycat or 😾😾😾, the vulnerability, discovered by...
The Hacker News

Cryptocurrency Hacks Still Growing — What Does That Mean for the Industry?

Though once synonymous with underground networks and black hat hackers, bitcoin and other cryptocurrencies have gone mainstream over the past two years. In 2017, we saw the skyrocket of bitcoin to an all-time high of close to $20,000 followed by...
The Hacker News

Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones

Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call. Discovered, weaponized and then sold by...
The Hacker News

U.S. Charges 9 ‘SIM Swapping’ Attackers For Stealing $2.5 Million

The U.S. Department of Justice today announced charges against nine individuals, 6 of which are members of a hacking group called "The Community" and other 3 are former employees of mobile phone providers who allegedly helped them steal roughly...
The Hacker News

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data

The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild. Hidden Cobra,...
The Hacker News

U.S. Charges Chinese Hacker For 2015 Anthem Data Breach

The United States Justice Department today announced charges against a Chinese hacker and his hacking team member for their alleged role in the 2015 massive data breach at health insurance giant Anthem and three other unnamed American companies. Fujie Wang...
The Hacker News

Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites

Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain, www.magento-analyticscom, for...
The Hacker News

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

A bug bounty hunter has discovered and publicly disclosed details of an unpatched browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Developed by Alibaba-owned UCWeb, UC Browser is one of...
The Hacker News

Google Chrome to Introduce Improved Cookie Controls Against Online Tracking

At the company's I/O 2019 developer conference, Google has announced its plan to introduce two new privacy and security-oriented features in the upcoming versions of its Chrome web browser. In an attempt to allow users to block online tracking, Google...
The Hacker News

Baltimore City Shuts Down Most of Its Servers After Ransomware Attack

For the second time in just over a year, the city of Baltimore has been hit by a ransomware attack, affecting its computer network and forcing officials to shut down a majority of its computer servers as a precaution. Ransomware...
The Hacker News

Binance Hacked — Hackers Stole Over $40 Million Worth Of Bitcoin

Binance, one of the largest cryptocurrency exchanges in the world, confirmed today that the company lost nearly $41 million in Bitcoin in what appears to be its largest hack to date. In a statement, Binance's CEO Changpeng Zhao said the...
The Hacker News

Cynet’s Free Incident Response Tool — Stop Active Attacks With Greater Visibility

The saying that there are two types of organizations, those that have gotten breached and those who have but just don't know it yet, has never been more relevant, making the sound incident response a required capability in any...

Rats leave the sinking ship as hackers’ forum gets hacked

The OGUsers forum, which trades in hijacked social accounts, has been hacked, its hard drives wiped, and its user database published online.
The Register

iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2

Cheapskate fandroids get a pass on this one, though Your iPhone can be uniquely fingerprinted by apps and websites in a way that you can never clear. Not by deleting cookies, not by clearing your cache, not even by...
Bruce Schneier

How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all...

DDoS Attacks on the Rise After Long Period of Decline

DDoS Attacks on the Rise After Long Period of DeclineThe number of DDoS attacks increased by 84% in the first quarter of 2019 compared to Q4 2018, according to new research from Kaspersky Lab. The global cybersecurity company’s findings, detailed...
SecurityWeek

Awareness Training Firm KnowBe4 Acquires Awareness Measurement Firm CLTRe

Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. read more