Tuesday, September 25, 2018
The Hacker News

Operator of VirusTotal Like Malware-Scanning Service Jailed for 14 Years

A Latvian hacker behind the development and operation of counter antivirus service "Scan4You" has finally been sentenced to 14 years in prison. 37-year-old Ruslans Bondars, described as a Latvian "non-citizen" or "citizen of the former USSR who had been residing...
The Hacker News

Twitter API Flaw Exposed Users Messages to Wrong Developers For Over a Year

The security and privacy issues with APIs and third-party app developers are something that's not just Facebook is dealing with. A bug in Twitter's API inadvertently exposed some users' direct messages (DMs) and protected tweets to unauthorized third-party app developers...
The Hacker News

Researcher Discloses New Zero-Day Affecting All Versions of Windows

A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered by Lucas Leong...
The Hacker News

Flaw in 4GEE WiFi Modem Could Leave Your Computer Vulnerable

A high-severity vulnerability has been discovered in 4G-based wireless 4GEE Mini modem sold by mobile operator EE that could allow an attacker to run a malicious program on a targeted computer with the highest level of privileges in the...
The Hacker News

UK Regulator Fines Equifax £500,000 Over 2017 Data Breach

Atlanta-based consumer credit reporting agency Equifax has been issued a £500,000 fine by the UK's privacy watchdog for its last year's massive data breach that exposed personal and financial data of hundreds of millions of its customers. Yes, £500,000—that's the...
The Hacker News

Hackers Steal Customers’ Credit Cards From Newegg Electronics Retailer

The notorious hacking group behind the Ticketmaster and British Airways data breaches has now victimized popular computer hardware and consumer electronics retailer Newegg. Magecart hacking group managed to infiltrate the Newegg website and steal the credit card details of all...
The Hacker News

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the...
The Hacker News

Mirai Botnet Creators Helping FBI Fight Cybercrime to Stay Out of Jail

Three young hackers who were sentenced late last year for creating and spreading the notorious Mirai botnet are now helping the FBI to investigate other "complex" cybercrime cases in return to avoid their lengthy prison terms. Paras Jha, 21 from...
The Hacker News

Western Digital’s My Cloud NAS Devices Turn Out to Be Easily Hacked

Security researchers have discovered an authentication bypass vulnerability in Western Digital's My Cloud NAS devices that potentially allows an unauthenticated attacker to gain admin-level control to the affected devices. Western Digital's My Cloud (WD My Cloud) is one of the...
The Hacker News

Powerful Android and iOS Spyware Found Deployed in 45 Countries

One of the world's most dangerous Android and iPhone spyware program has been found deployed against targets across 45 countries around the world over the last two years, a new report from Citizen Lab revealed. The infamous spyware, dubbed Pegasus,...
The Hacker News

Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off

What just happened would definitely gonna surprise you. Linus Torvalds—father of the Linux open-source operating system—finally admitted his behavior towards other developers in the Linux community was hurting people and Linux. In a surprising move this weekend, Torvalds apologized for insulting...
The Hacker News

Ransomware Attack Takes Down Bristol Airport’s Flight Display Screens

Bristol Airport has blamed a ransomware attack for causing a blackout of flight information screens for two days over the weekend. The airport said that the attack started Friday morning, taking out several computers over the airport network, including its...
The Hacker News

Greece U-Turns — Now Approves Mr. Bitcoin’s Extradition To Russia

Greece just took another U-turn. Mr. Bitcoin a.k.a. Alexander Vinnik is not going to France nor to the United States; instead, he is now possibly going to his homeland Russia. The Supreme Civil and Criminal Court of Greece on Friday has...
The Hacker News

Watch Out! This New Web Exploit Can Crash and Restart Your iPhone

It's 2018, and just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze. Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept (PoC)...
The Hacker News

Russian Hacker Pleads Guilty to Operating Kelihos Botnet

The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov, 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to...
The Hacker News

How To Check If Your Twitter Account Has Been Hacked

Did you ever wonder if your Twitter account has been hacked and who had managed to gain access and when it happened? Twitter now lets you know this. After Google and Facebook, Twitter now lets you see all the devices—laptop, phone,...
The Hacker News

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which...
The Hacker News

Tesla Model S Hack Could Let Thieves Clone Key Fobs to Steal Cars

Despite having proper security measures in place to protect the driving systems of its cars against cyber attacks, a team of security researchers discovered a way to remotely hack a Tesla Model S luxury sedans in less than two...
The Hacker News

Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs

A security researcher has discovered a serious vulnerability that could allow attackers to spoof website addresses in the Microsoft Edge web browser for Windows and Apple Safari for iOS. While Microsoft fixed the address bar URL spoofing vulnerability last month...
The Hacker News

Microsoft Issues Software Updates for 17 Critical Vulnerabilities

Times to gear up your systems and software. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for September 2018, patching a total of 61 security vulnerabilities, 17 of which are rated as critical, 43 are...

Breach at US Retailer SHEIN Hits Over Six Million Users

Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers. The women’s clothing company revealed at the end of last week that...
The Register

Bug? Feature? Power users baffled as BitLocker update switch-off continues

Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
ZDNet

UK issues first-ever GDPR notice in connection to Facebook data scandal

Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
SecurityWeek

Symantec Completes Internal Accounting Investigation

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements. read more

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...