The Hacker News

The Hacker News


Most trusted, widely-read independent #cybersecurity news source for everyone; supported by hackers and IT professionals — Contact ?admin@thehackernews.com

587244 followers  •  2153 follow  •    •   https://t.co/tbidM9ew0f

Rambler, a Russian Internet company, claimed it owns the copyright of #Nginx  (—which has now been sold to F5 Networks for $670 million—) as the creator of the software started working on the project while he was working as a sysadmin for the company almost 15 years ago.

A total of 7 critical flaws #Microsoft  patched this month affect: ➡️ Hyper-V: Guest-to-Host Escape ➡️ Git for Visual Studio ➡️ Windows Font Library (Win32k Graphics) #infosec 

PlunderVolt ⚡ CVE-2019-11157 A new attack could allow hackers to compromise the integrity of #Intel  SGX tech on modern processors by tweaking the CPU voltage, resulting in retrieval sensitive data protected by hardware-isolated SGX enclaves. #infosec 

tweet picture

Zeppelin, a new #ransomware  variant of Vega family, is targeting #technology  and health companies across Europe, the US and Canada. However, it doesn't encrypt files if find itself running on systems located in Russia, Ukraine, Belorussia or Kazakhstan.

tweet picture

Here's a video researcher shared, demonstrating how to execute AirDoS attack: —Left (struggling iPhone/iPad victim 🤧) —Right (hacker with the dark terminal 👨‍💻)

👏 Patched in less than 3 hours... A new local privilege escalation vulnerability (CVE-2019-19726) discovered in #OpenBSD  6.5/6.6 that could allow local users or malicious software to gain full root privileges on targeted systems. Details and PoC:

End-to-end client-side field level #encryption  is now generally available in #MongoDB  4.2 release. What's this? >> "Capability to selectively encrypt and decrypt individual document fields in the application before data is sent to the database."

Please excuse the typo! The 1st tweet in this thread should say: Police... "detained employees, ***including*** creator of the #Nginx  and another co-founder. "

🚨 Watch Out! A new critical login bypass #vulnerability  has been discovered in 2 widely installed add-ons for Elementor and Beaver builder that attackers are actively exploiting in the wild to install secret backdoors into #WordPress  sites. #infosec 

tweet picture

Loading
Loading

🔥 CVE-2019-14287 A flaw in Sudo—that comes installed on almost every #Linux  OS—could let users run commands as "root" even when they're restricted. Details ➤ How? Just by specifying user ID "-1" or "4294967295" in the command instead of the root.

tweet picture

🎃 0-Day Alert! #Google  is warning Windows, Mac, #Linux  users to update their #Chrome  browser (to 78.0.3904.87) immediately due to a security vulnerability (CVE-2019-13720) that attackers are actively exploiting in the wild to hijack computers. #infosec 

tweet picture

This is interesting... Hackers can covertly inject inaudible commands into voice controlled devices—Google Home, Alexa, Apple Siri—by shining a laser at them from several meters away. Read ➤ ✅ OK Google, open the garage door ✅ Hey Siri, unlock my car

tweet picture

WARNING 😱 Hidden malware found in the highly popular — CamScanner#Android  app that has more than 100 million users. has removed it from i #Googles  Play Store. To be safe, users are also recommended to uninstall immediately. #CamScanner 

tweet picture

That's so much frustrating. has permanently banned all of our accounts without mentioning any reason and hold wallet funds wrongly for 180 days. Upon asking, also refused to share any details.

Loading
Loading