The Hacker News

  • New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
    by [email protected] (Swati Khandelwal) on 6 Aralık 2019 at 11:26

    A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The vulnerability, tracked as CVE-2019-14899, resides in the networking stack of various operating […]

  • Facebook Sued Hong Kong Firm for Hacking Users and Ad Fraud Scheme
    by [email protected] (Swati Khandelwal) on 6 Aralık 2019 at 09:14

    Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and Ad fraud. Facebook filed the lawsuit on Thursday in the Northern District of California against ILikeAd Media Internationa […]

  • FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware
    by [email protected] (Swati Khandelwal) on 5 Aralık 2019 at 19:16

    The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years. Maksim Yakubets, the leader of 'Evil Corp' hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex — also known as 'Bugat' […]

  • Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD
    by [email protected] (Unknown) on 5 Aralık 2019 at 12:02

    OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework. The other three vulnerabilities are privilege escalation issues that could allow local users or malicious software to gain privileges of an auth group, […]

  • ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector
    by [email protected] (Swati Khandelwal) on 5 Aralık 2019 at 09:07

    Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East. Dubbed ZeroCleare, the data wiper malware has been linked to not one but two Iranian state-sponsored hacking groups—APT34, also known as ITG13 and Oilrig, and Hive0081, […]