Archives

The Hacker News

  • WhatsApp Delays Controversial 'Data-Sharing' Privacy Policy Update By 3 Months
    by [email protected] (Ravie Lakshmanan) on 16 Ocak 2021 at 12:38

    WhatsApp said on Friday that it wouldn't enforce its recently announced controversial data sharing policy update until May 15. Originally set to go into effect next month on February 8, the three-month delay comes following "a lot of misinformation" about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the exact kind of […]

  • NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers
    by [email protected] (Ravie Lakshmanan) on 16 Ocak 2021 at 12:12

    The U.S. National Security Agency (NSA) on Friday said DNS over HTTPS (DoH) — if configured appropriately in enterprise environments — can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used by threat actors. "DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by […]

  • Joker's Stash, The Largest Carding Marketplace, Announces Shutdown
    by [email protected] (Ravie Lakshmanan) on 16 Ocak 2021 at 05:35

    Joker's Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021. In a message board post on a Russian-language underground cybercrime forum, the operator of the site — who goes by the name "JokerStash" — said "it's time for us to leave forever" and that "we will never ever open again," […]

  • Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks
    by [email protected] (Ravie Lakshmanan) on 15 Ocak 2021 at 11:31

    Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware — including a previously undocumented backdoor. Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A […]

  • Experts Uncover Malware Attacks Against Colombian Government and Companies
    by [email protected] (Ravie Lakshmanan) on 14 Ocak 2021 at 09:10

    Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubbed "Operation Spalax" — began in 2020, with the modus operandi sharing some similarities to an APT […]