The Hacker News
Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals.
- Severe Bugs Reported in EtherNet/IP Stack for Industrial Systemsby firstname.lastname@example.org (Ravie Lakshmanan) on April 16, 2021 at 9:06 am
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service (DoS) attacks, data leaks, and remote code execution. All OpENer commits and versions prior to February 10, 2021, are affected, although there are no known public exploits that
- US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattackby email@example.com (Ravie Lakshmanan) on April 16, 2021 at 6:47 am
The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with “high confidence” to government operatives working for Russia’s Foreign Intelligence Service (SVR). “Russia’s pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive operations of their intelligence services
- 1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Themby firstname.lastname@example.org (Ravie Lakshmanan) on April 15, 2021 at 3:42 pm
Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark, and Mumble.
- Malware Variants: More Sophisticated, Prevalent and Evolving in 2021by email@example.com (The Hacker News) on April 15, 2021 at 10:27 am
A malicious program intended to cause havoc with IT systems—malware—is becoming more and more sophisticated every year. The year 2021 is no exception, as recent trends indicate that several new variants of malware are making their way into the world of cybersecurity. While smarter security solutions are popping up, modern malware still eludes and challenges cybersecurity experts. The evolution
- YIKES! Hackers flood the web with 100,000 pages offering malicious PDFsby firstname.lastname@example.org (Ravie Lakshmanan) on April 15, 2021 at 9:38 am
Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into seemingly legitimate Google sites that install a Remote Access Trojan (RAT) capable of carrying out a wide range of attacks. The attack works by leveraging searches for business forms such as invoices, templates, questionnaires, and receipts as a stepping stone toward infiltrating the systems.
Security magazine provides security industry news and trends on video surveillance, cyber security, physical security, security guards, access management and more for security executives and the security industry.
- Royal Caribbean uses wearables for contact tracing; sees facial recognition as best long-term solutionon April 16, 2021 at 2:21 pm
Wearables provide public health and security teams onboard Royal Caribbean with a solid means of contact tracing, but the future may be in facial recognition.
- Geraldine Hart named Hofstra University’s Director of Public Safetyon April 16, 2021 at 1:55 pm
Geraldine Hart, currently the Suffolk County Police commissioner, will become Hofstra University’s next Director of Public Safety in June.
- President Biden issues sanctions against Russia for cyberattacks, election interferenceon April 16, 2021 at 4:00 am
U.S. President Biden has signed a new executive order imposing new sanctions on Russia for actions by “its government and intelligence services against the U.S. sovereignty and interests.” The administration formally named Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures.
- How do you define the value of security?on April 16, 2021 at 4:00 am
Benchmarking your security program against others in your sector can prove extremely valuable for your organization and key stakeholders.
- Russian foreign intelligence service exploiting five publicly known vulnerabilities to compromise U.S. and allied networkson April 16, 2021 at 4:00 am
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. This advisory is being released alongside the U.S. government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.
The first stop for security news.
- Mandiant Front Lines: How to Tackle Exchange Exploitsby Matt Bromiley on April 16, 2021 at 2:02 pm
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
- Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Periodby Elizabeth Montalbano on April 16, 2021 at 12:57 pm
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
- Biden Races to Shore Up Power Grid Against Hacksby Becky Bracken on April 15, 2021 at 8:09 pm
A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said.
- Gafgyt Botnet Lifts DDoS Tricks from Miraiby Tara Seals on April 15, 2021 at 4:35 pm
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices.
- Attackers Target ProxyLogon Exploit to Install Cryptojackerby Elizabeth Montalbano on April 15, 2021 at 12:19 pm
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.
Connecting the Security Industry with the Security Community
- Using the ATT&CK Matrix in real-time to understand threats and attacksby Adrian Sanabria on March 16, 2021 at 5:38 pm
The MITRE ATT&CK Framework is widely recognized as instrumental in providing a common language and framework for describing attack techniques and effectively sharing information across organizations. However, we’re just starting to see the potential benefits this matrix can provide when integrated directly into security tools. Uptycs recently announced a major release of its product that The post Using the ATT&CK Matrix in real-time to understand threats and attacks appeared first on Security Weekly.
- How to Defend Linux from Attacksby Matt Alderman on February 25, 2021 at 7:37 pm
Although Linux is still a fraction of the market share of Microsoft Windows and Mac OS X, its growth continues to accelerate. Linux will continue to grow at compounded annual growth rate (CAGR) of 19.2% through 2027. Some of the primary factors for this growth include: Cloud computing infrastructure, Containerization of applications, and Microsoft’s support The post How to Defend Linux from Attacks appeared first on Security Weekly.
- Reading the Application Security Tea Leaves – How to Interpret the Analyst Reportsby Matt Alderman on February 16, 2021 at 4:52 pm
There are a number of industry analyst reports on application security. Each analyst firm and report takes its own slice of the market to analyze and report on vendors within that market. For example, the Forrester Wave focuses on Static Application Security Testing, the Gartner Magic Quadrant focuses on Application Security Testing as a whole, The post Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports appeared first on Security Weekly.
- How Behavioral Detections Actually Discovered the SolarWinds Orion SUNBURST Attackby Matt Alderman on February 8, 2021 at 9:31 pm
The Solarwinds Orion SUNBURST attack has been in the news for weeks. We’re starting to get great details into the actual attack, especially after FireEye released the initial set of indicators of compromise. But the question I want answered is why didn’t anyone discover this attack before the breach. What defenses are we missing to The post How Behavioral Detections Actually Discovered the SolarWinds Orion SUNBURST Attack appeared first on Security Weekly.
- Selecting the Right Brain for Your Sensorsby Matt Alderman on January 12, 2021 at 2:32 pm
Last fall we discussed what security data do I really need to collect and analyze. We know we don’t need it all, but this was only the sensor part of the discussion. Now that we have that data identified and those sensors in place, what brain do I need to collect and analyze it? There The post Selecting the Right Brain for Your Sensors appeared first on Security Weekly.