The Hacker News

The Hacker News


Most trusted, widely-read independent #cybersecurity news source for everyone; supported by hackers and IT professionals — Contact ?admin@thehackernews.com

586064 followers  •  2144 follow  •    •   https://t.co/tbidM9ew0f

The United States has charged and put highest-ever $5 million bounty on Russian hackers behind Dridex banking #malware . Read ➤ Using Dridex (aka Bugat or Cridex), they stole more than $100 million from victims across the globe over a period of 10 years.

tweet picture

The duo, Maksim Yakubets, the leader of 'Evil Corp' hacking group, and his co-conspirator Igor Turashev, has also been charged with conspiracy to commit bank fraud in connection with the infamous #Zeus  banking malware that stole $70 million from victims' bank accounts.

Facebook has sued a Chinese advertising company for abusing its platform to: ➡️ distribute #malware , ➡️ compromising its users, and ➡️ then using those hacked accounts to run deceptive #Facebook  ads to promote counterfeit goods and diet pills. #technews 

tweet picture

Important 👉 A new unpatched #vulnerability  (CVE-2019-14899) could let network attackers hijack encrypted VPN connections. Details: Most and Unix-like operati #Linuxg  systems are vulnerable, including , Debian, OpenBSD, , i #UbuntuS , and . #macOS  #Android 

tweet picture

Since the flaw resides in the networking stack of various operating systems, not on the VPN technology used, the attack works against widely implemented virtual private network protocols like #OpenVPN  , WireGuard, IKEv2/IPSec, and more.

Using this attack, a network adjacent attacker can: ➡️ determine virtual IP of a victim assigned by the VPN server, ➡️ determine if there is an active connection to a given site, ➡️ determine the exact seq and ack numbers, and ➡️ inject data into IPv4 and IPv6 TCP streams.

Loading
Loading

🔥 CVE-2019-14287 A flaw in Sudo—that comes installed on almost every #Linux  OS—could let users run commands as "root" even when they're restricted. Details ➤ How? Just by specifying user ID "-1" or "4294967295" in the command instead of the root.

tweet picture

🎃 0-Day Alert! #Google  is warning Windows, Mac, #Linux  users to update their #Chrome  browser (to 78.0.3904.87) immediately due to a security vulnerability (CVE-2019-13720) that attackers are actively exploiting in the wild to hijack computers. #infosec 

tweet picture

This is interesting... Hackers can covertly inject inaudible commands into voice controlled devices—Google Home, Alexa, Apple Siri—by shining a laser at them from several meters away. Read ➤ ✅ OK Google, open the garage door ✅ Hey Siri, unlock my car

tweet picture

WARNING 😱 Hidden malware found in the highly popular — CamScanner#Android  app that has more than 100 million users. has removed it from i #Googles  Play Store. To be safe, users are also recommended to uninstall immediately. #CamScanner 

tweet picture

That's so much frustrating. has permanently banned all of our accounts without mentioning any reason and hold wallet funds wrongly for 180 days. Upon asking, also refused to share any details.

Loading
Loading