Finally, Unveiled!
Here's how xHelper — a mysterious piece of Android malware that infected over 45,000 devices — reinstalls itself even after users delete it or factory reset their infected phones.
Learn how to remove it permanently ➤ https://thehackernews.com/2020/04/how-to-remove-xhelper-malware.html
Here's how xHelper — a mysterious piece of Android malware that infected over 45,000 devices — reinstalls itself even after users delete it or factory reset their infected phones.
Learn how to remove it permanently ➤ https://thehackernews.com/2020/04/how-to-remove-xhelper-malware.html
Dark_Nexus — A new emerging IoT botnet malware spotted in the wild, designed to target 12 different CPU architectures.
Read details ➤ https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
Read details ➤ https://thehackernews.com/2020/04/darknexus-iot-ddos-botnet.html
7 ways hackers and scammers are exploiting coronavirus panic for espionage and commercial gain.
— Malicious Apps
— Email Phishing
— SMS Phishing
— Ransomware
— Vulnerable Software
— Face Mask/Hand #Sanitizer Scams
— Discount Scams
Read: https://thehackernews.com/2020/04/cronavirus-hackers.html
— Malicious Apps
— Email Phishing
— SMS Phishing
— Ransomware
— Vulnerable Software
— Face Mask/Hand #Sanitizer Scams
— Discount Scams
Read: https://thehackernews.com/2020/04/cronavirus-hackers.html
Google & Apple are releasing a COVID__19 tracking tool that turns Android / iPhone into "contact-tracking device," aiming to alert people if they have recently been in contact with someone tested positive for coronavirus.
Learn how it works ➤ https://thehackernews.com/2020/04/iphone-android-coronavirus-tracing.html
Learn how it works ➤ https://thehackernews.com/2020/04/iphone-android-coronavirus-tracing.html
With no conscience and empathy, cybercriminals are increasingly attacking critical healthcare, government and research facilities with ransomware and other malware during coronavirus pandemic.
Read details — https://thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html
Read details — https://thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html
Dell releases a new behavior-based threat detection utility — SafeBIOS Events & Indicators of Attack — that alerts users when the BIOS settings of their computers undergo unusual changes indicating advanced persistent threats.
Read more: https://thehackernews.com/2020/04/dell-bios-protection.html
Read more: https://thehackernews.com/2020/04/dell-bios-protection.html
It's April 2020 Patch Tuesday!
Microsoft has released the latest Windows updates to patch a total of 113 new security vulnerabilities — 2 of which were also exploited as 0-day in the wild.
(CVE-2020-1020 and CVE-2020-0938)
Read details: https://thehackernews.com/2020/04/windows-patch-update.html
Microsoft has released the latest Windows updates to patch a total of 113 new security vulnerabilities — 2 of which were also exploited as 0-day in the wild.
(CVE-2020-1020 and CVE-2020-0938)
Read details: https://thehackernews.com/2020/04/windows-patch-update.html
👍1
Watch Out!
Google has removed 49 new Chrome extensions from its official store—masqueraded as cryptocurrency 💰 wallets—after they get caught stealing secret keys 🔑 for users' wallets.
Read details: https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
Google has removed 49 new Chrome extensions from its official store—masqueraded as cryptocurrency 💰 wallets—after they get caught stealing secret keys 🔑 for users' wallets.
Read details: https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
U.S. Govt is now offering rewards of up to $5 MILLION to anyone who can share information on the past or ongoing hacking operations conducted by North Korean hackers.
The latest announcement has been issued as part of a comprehensive guide the U.S. agencies today released to help the international community, industries, and other governments defend against North Korea's illicit cyberspace activities.
the report aims to warn the world about 'significant cyber threat' posed by North Korean hackers to the global financial institutions, hacking which it generates revenue to fund weapons of mass destruction programs.
Read all details: https://thehackernews.com/2020/04/north-korea-hackers.html
The latest announcement has been issued as part of a comprehensive guide the U.S. agencies today released to help the international community, industries, and other governments defend against North Korea's illicit cyberspace activities.
the report aims to warn the world about 'significant cyber threat' posed by North Korean hackers to the global financial institutions, hacking which it generates revenue to fund weapons of mass destruction programs.
Read all details: https://thehackernews.com/2020/04/north-korea-hackers.html
👍1
Typosquatted 💎 Gems ALERT!
To target software developers, supply chain attackers distributed over 700 malicious libraries—written in Ruby #programming language—through the official RubyGems repository using typosquatting gems.
Details ➤ http://thehackernews.com/2020/04/rubygem-typosquatting-malware.html
To target software developers, supply chain attackers distributed over 700 malicious libraries—written in Ruby #programming language—through the official RubyGems repository using typosquatting gems.
Details ➤ http://thehackernews.com/2020/04/rubygem-typosquatting-malware.html
Important:
CISA warns organizations that hackers could still access—and move laterally through—their networks even after if they have patched 'Pulse Secure VPN' #vulnerability (CVE-2019-11510) but didn't change passwords.
Read Details — https://thehackernews.com/2020/04/pulse-secure-vpn-vulnerability.html
CISA warns organizations that hackers could still access—and move laterally through—their networks even after if they have patched 'Pulse Secure VPN' #vulnerability (CVE-2019-11510) but didn't change passwords.
Read Details — https://thehackernews.com/2020/04/pulse-secure-vpn-vulnerability.html
An unknown group of attackers has been found using coronavirus-themed lures to target Governments and SCADA sectors with PoetRAT malware—capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam.
Read details: https://thehackernews.com/2020/04/coronavirus-scada-malware.html
Read details: https://thehackernews.com/2020/04/coronavirus-scada-malware.html
⭐ StarBleed Bug
Researchers uncover a new unpatchable hardware vulnerability in Xilinx FPGA chips that could expose critical devices—powering consumer electronics, data centers, aerospace, automotive & more—to remote hackers.
Details: https://thehackernews.com/2020/04/fpga-chip-vulnerability.html
Researchers uncover a new unpatchable hardware vulnerability in Xilinx FPGA chips that could expose critical devices—powering consumer electronics, data centers, aerospace, automotive & more—to remote hackers.
Details: https://thehackernews.com/2020/04/fpga-chip-vulnerability.html
Researcher discloses 4 unpatched 0-DAY bugs affecting IBM Data Risk Manager—enterprise security software—after company didn't accept responsible disclosure.
Details + PoC ➤ https://thehackernews.com/2020/04/ibm-data-risk-manager-vulnerabilities.html
✅Auth bypass
✅Command Exec.
✅Insecure default password
✅Any file download
Details + PoC ➤ https://thehackernews.com/2020/04/ibm-data-risk-manager-vulnerabilities.html
✅Auth bypass
✅Command Exec.
✅Insecure default password
✅Any file download
⚠️ WARNING !!!
It's possible to hack iPhones / iPads just by sending an email to targeted users.
Hackers have been exploiting critical 0-click + 0-day RCE vulnerability in the default mail app installed on millions of Apple devices.
Details — https://thehackernews.com/2020/04/zero-day-warning-its-possible-to-hack.html
It's possible to hack iPhones / iPads just by sending an email to targeted users.
Hackers have been exploiting critical 0-click + 0-day RCE vulnerability in the default mail app installed on millions of Apple devices.
Details — https://thehackernews.com/2020/04/zero-day-warning-its-possible-to-hack.html
(NEW) Chinese hackers found using a new iPhone hack to target Uyghurs Muslims with an iOS spyware program—capable of stealing contacts, location data, and plaintext messages from secure messaging and email clients, including Signal and ProtonMail.
https://thehackernews.com/2020/04/iphone-zero-day-exploit.html
https://thehackernews.com/2020/04/iphone-zero-day-exploit.html
Hackers behind a recent BEC attack tricked 3 British Private Equity firms into wire-transferring them $1.3 million — while the victimized executives thought they closed an investment deal with some startups.
Details: https://thehackernews.com/2020/04/bec-scam-wire-transfer-money.html
Details: https://thehackernews.com/2020/04/bec-scam-wire-transfer-money.html
Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet
Read Details — https://thehackernews.com/2020/04/usb-drive-botnet-malware.html
Read Details — https://thehackernews.com/2020/04/usb-drive-botnet-malware.html
Wormable BUG!
Just by sending an innocent-looking image, remote attackers could've taken over an organization's entire roster of 'Microsoft Teams' accounts. (Patch Released)
Read details — https://thehackernews.com/2020/04/microsoft-teams-vulnerability.html
Just by sending an innocent-looking image, remote attackers could've taken over an organization's entire roster of 'Microsoft Teams' accounts. (Patch Released)
Read details — https://thehackernews.com/2020/04/microsoft-teams-vulnerability.html
Nowhere to hide!
Researchers uncover a potential new method of profiling users in the crowd by de-anonymizing their smart device IDs (e.g., MAC addresses) to their biometrics (e.g., face, voice, gait).
Details ➤ https://thehackernews.com/2020/04/deanonymize-device-biometrics.html
Researchers uncover a potential new method of profiling users in the crowd by de-anonymizing their smart device IDs (e.g., MAC addresses) to their biometrics (e.g., face, voice, gait).
Details ➤ https://thehackernews.com/2020/04/deanonymize-device-biometrics.html
</> Patch 'em all </>
Adobe today released security patches for over a dozen newly-discovered critical vulnerabilities affecting 3 of its popular software:
✅ Magento CMS
✅ Adobe Illustrator
✅ Adobe Bridge
Read details — https://thehackernews.com/2020/04/adobe-software-updates.html
Adobe today released security patches for over a dozen newly-discovered critical vulnerabilities affecting 3 of its popular software:
✅ Magento CMS
✅ Adobe Illustrator
✅ Adobe Bridge
Read details — https://thehackernews.com/2020/04/adobe-software-updates.html