🏰 Project Sandcastle </>
😔 Not happy with your expensive iPhone?
😃 Don't worry, you can now run Android on an iPhone.
A new hack gives users freedom to run a different operating system on the iPhone hardware.
Details here ➤ https://thehackernews.com/2020/03/install-android-on-iphone.html
😔 Not happy with your expensive iPhone?
😃 Don't worry, you can now run Android on an iPhone.
A new hack gives users freedom to run a different operating system on the iPhone hardware.
Details here ➤ https://thehackernews.com/2020/03/install-android-on-iphone.html
A massive unprotected, sensitive & real-time U.S. property and demographic database exposes over 200 million records to the Internet.
Read more: https://thehackernews.com/2020/03/us-property-records-database.html
At this moment, it's not known who, or which service, owns this database hosted on the Google Cloud server.
Read more: https://thehackernews.com/2020/03/us-property-records-database.html
At this moment, it's not known who, or which service, owns this database hosted on the Google Cloud server.
Telecom giant T-Mobile recently suffered yet another data breach.
Hackers compromise some of its employees' email accounts and unauthorizedly access information contained in their inboxes, including details of customers and other employees.
https://thehackernews.com/2020/03/hackers-compromise-t-mobile-employees.html
Hackers compromise some of its employees' email accounts and unauthorizedly access information contained in their inboxes, including details of customers and other employees.
https://thehackernews.com/2020/03/hackers-compromise-t-mobile-employees.html
Telecom provider Virgin Media recently suffered a data leak incident exposing personal details of roughly 900,000 customers.
Details — https://thehackernews.com/2020/03/virgin-media-data-breach.html
Details — https://thehackernews.com/2020/03/virgin-media-data-breach.html
A critical unpatchable "Root of Trust'" CSME flaw (CVE-2019-0090) affects all Intel CPUs released in the last 5 years.
https://thehackernews.com/2020/03/intel-csme-vulnerability.html
It could let hackers compromise cryptographic operations for hardware-enabled security technologies, including DRM, fTPM, and IPT.
https://thehackernews.com/2020/03/intel-csme-vulnerability.html
It could let hackers compromise cryptographic operations for hardware-enabled security technologies, including DRM, fTPM, and IPT.
💻 AMD processors manufactured between 2011 and 2019 have been found vulnerable to 2 new side-channel attacks that could let attackers exploit cache-related feature to steal sensitive data.
➡️ Collide+Probe
➡️ Load+Reload
Details here:
https://thehackernews.com/2020/03/amd-processors-vulnerability.html
➡️ Collide+Probe
➡️ Load+Reload
Details here:
https://thehackernews.com/2020/03/amd-processors-vulnerability.html
A judge on Monday declared a mistrial in the case against an ex-CIA employee (Joshua Schulte) who was charged for stealing classified hacking tools (‘Vault 7’) from the agency and leaking it to WikiLeaks.
Read: https://thehackernews.com/2020/03/cia-joshua-schulte-hacking.html
Read: https://thehackernews.com/2020/03/cia-joshua-schulte-hacking.html
LVI Attacks 🔥 CVE-2020-0551
A new hardware vulnerability affecting modern Intel CPUs puts virtual workloads and data centers at risk of hacking.
Read details: https://thehackernews.com/2020/03/intel-load-value-injection.html
It involves reversely exploiting Meltdown and MDS-type flaws to bypass existing defenses.
A new hardware vulnerability affecting modern Intel CPUs puts virtual workloads and data centers at risk of hacking.
Read details: https://thehackernews.com/2020/03/intel-load-value-injection.html
It involves reversely exploiting Meltdown and MDS-type flaws to bypass existing defenses.
In a large-scale coordinated operation, Microsoft successfully disrupted Necurs, one of the largest email-spam botnet malware networks that infected over 9 million computers worldwide.
https://thehackernews.com/2020/03/necurs-botnet-takedown.html
After cracking Necurs’s domain generation algorithm, researchers predicted over 6 million web domains that the malware was supposed to use in the next 25 months; but Microsoft and related authorities hijacked them in advance to seize the malware operation.
https://thehackernews.com/2020/03/necurs-botnet-takedown.html
After cracking Necurs’s domain generation algorithm, researchers predicted over 6 million web domains that the malware was supposed to use in the next 25 months; but Microsoft and related authorities hijacked them in advance to seize the malware operation.
Turns out mitigation against RowHammer attacks added to the latest DDR4 and LPDDR4 DRAM chips are still insufficient, allowing attackers to re-enable the critical bit-flipping vulnerability.
https://thehackernews.com/2020/03/rowhammer-vulnerability-ddr4-dram.html
Bonus: Researchers have also released 'TRRespass,' an open source RowHammer fuzzing tool that can identify sophisticated hammering patterns to mount real-world attacks.
https://thehackernews.com/2020/03/rowhammer-vulnerability-ddr4-dram.html
Bonus: Researchers have also released 'TRRespass,' an open source RowHammer fuzzing tool that can identify sophisticated hammering patterns to mount real-world attacks.
Beware of 'Coronavirus Maps' !!!
Are you tracking the outbreak or leading hackers directly into your computers?
Cybercriminals exploiting users' increased interest in learning about coronavirus to spread password-stealing malware to millions.
https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html
Are you tracking the outbreak or leading hackers directly into your computers?
Cybercriminals exploiting users' increased interest in learning about coronavirus to spread password-stealing malware to millions.
https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html
CVE-2020-0796
Microsoft warning billions of users of a new UNPATCHED "wormable" RCE flaw in SMBv3 protocol—after its existence accidentally got leaked.
Read: https://thehackernews.com/2020/03/smbv3-wormable-vulnerability.html
Disable SMB compression & block SMB (port 137, 139, 445) inbound/outbound to avoid attacks.
Microsoft warning billions of users of a new UNPATCHED "wormable" RCE flaw in SMBv3 protocol—after its existence accidentally got leaked.
Read: https://thehackernews.com/2020/03/smbv3-wormable-vulnerability.html
Disable SMB compression & block SMB (port 137, 139, 445) inbound/outbound to avoid attacks.
⚡ March 2020 Patch Tuesday Edition:
Microsoft releases latest security updates for various versions of Windows OS & related software to patch a total of 115 new vulnerabilities.
—26 Critical
—88 Important
—1 Moderate
Read: https://thehackernews.com/2020/03/microsoft-patch-tuesday-march-2020.html
Microsoft releases latest security updates for various versions of Windows OS & related software to patch a total of 115 new vulnerabilities.
—26 Critical
—88 Important
—1 Moderate
Read: https://thehackernews.com/2020/03/microsoft-patch-tuesday-march-2020.html
⚡ URGENT
Just-In: Microsoft has finally released an update to fix a recently disclosed dangerous wormable RCE vulnerability in SMBv3 protocol — PATCH it ASAP!
https://thehackernews.com/2020/03/patch-wormable-smb-vulnerability.html
This flaw could let hackers launch self-propagating malware attacks.
Just-In: Microsoft has finally released an update to fix a recently disclosed dangerous wormable RCE vulnerability in SMBv3 protocol — PATCH it ASAP!
https://thehackernews.com/2020/03/patch-wormable-smb-vulnerability.html
This flaw could let hackers launch self-propagating malware attacks.
A new Android malware has been found in the wild, stealing authentication cookies 🍪 stored in the browser and other apps—including Chrome & Facebook—on targeted devices to hijack user accounts without requiring their actual login passwords.
https://thehackernews.com/2020/03/android-cookies-malware-hacking.html
https://thehackernews.com/2020/03/android-cookies-malware-hacking.html
26 Cybercriminals BUSTED!
Europol issues warning over the rise in "SIM Swapping" attacks after arresting suspected members of 2 related gangs of fraudsters who stole over $3.5 million in a series of attacks.
Read ➤ https://thehackernews.com/2020/03/sim-swapping-fraud-hacking.html
Europol issues warning over the rise in "SIM Swapping" attacks after arresting suspected members of 2 related gangs of fraudsters who stole over $3.5 million in a series of attacks.
Read ➤ https://thehackernews.com/2020/03/sim-swapping-fraud-hacking.html
Here's a very interesting tale...
Researchers uncover how a Nigerian cybercriminal is pursuing his million-dollar dream.
https://thehackernews.com/2020/03/nigerian-hacker-million-dollars.html
Oh, btw, when he gets angry with his allies from the dark world of hackers, he resolves disputes by reporting them to the Interpol.
Researchers uncover how a Nigerian cybercriminal is pursuing his million-dollar dream.
https://thehackernews.com/2020/03/nigerian-hacker-million-dollars.html
Oh, btw, when he gets angry with his allies from the dark world of hackers, he resolves disputes by reporting them to the Interpol.
Popular guitar tutoring site 'TrueFire' suffered a 'Magecart' style data breach that potentially exposed payment card details—name, address, card number, expiration date, CVV—of its customers to the hackers.
Read details ➤ https://thehackernews.com/2020/03/truefire-guitar-tutoring-data-breach.html
Read details ➤ https://thehackernews.com/2020/03/truefire-guitar-tutoring-data-breach.html
TrickBot authors added a new RDP brute-force module to the banking Trojan that's now leveraging infected computers to target thousands of enterprise systems in telecom & financial sectors of the U.S. & Hong Kong.
Read details ➤ https://thehackernews.com/2020/03/trickbot-malware-rdp-bruteforce.html
Read details ➤ https://thehackernews.com/2020/03/trickbot-malware-rdp-bruteforce.html
Adobe today released CRITICAL patches to fix a total of 41 new vulnerabilities affecting 6 of its software.
—Acrobat and Reader
—Photoshop
—ColdFusion
—Adobe Bridge
—Experience Manager
—Genuine Integrity Service
Read more: https://thehackernews.com/2020/03/adobe-software-update.html
—Acrobat and Reader
—Photoshop
—ColdFusion
—Adobe Bridge
—Experience Manager
—Genuine Integrity Service
Read more: https://thehackernews.com/2020/03/adobe-software-update.html