The Hacker News Profile picture
The most trusted, widely read, independent source for breaking news and tech coverage on #cybersecurity, #infosec, #hacking. https://t.co/3jg72A0SDs
NYC Andre Profile picture Ashish Sharma Profile picture Reflectiz Profile picture Taylor Profile picture hideo Profile picture 5 added to My Authors
16 Dec 20
BREAKING 🔥

New evidence suggests #SolarWinds hackers likely compromised the software build infrastructure of Orion platform & added malicious code, which was then eventually delivered within new updates that the company compiled, signed, and delivered.

thehackernews.com/2020/12/new-ev…
SolarWinds attackers mimic the software developers' coding style and naming standards to blend in their malicious code with the rest of the code.
Although first version containing the backdoor was traced to 2019.4.5200.9083, new report says version 2019.4.5200.8890, from October 2019, included an empty .NET class that attackers added to verify if their modifications to the codebase were being delivered into new updates.
Read 6 tweets
14 Dec 20
⚠️URGENT⚠️

Hackers exploit #Solorigate supply-chain backdoor in #SolarWinds enterprise monitoring software to breach US Treasury, Commerce Department, other government agencies, and cybersecurity firm #FireEye.

Details: thehackernews.com/2020/12/us-age…

#infosec #cybersecurity #sysadmin
Citing unnamed sources, media said the latest cyberattacks against #FireEye and U.S. government agencies were the work of Russian state-sponsored #APT29 or Cozy Bear #hacking group.
According to FireEye, attackers tampered with a #software update released by #SolarWinds, which eventually led to the compromise of numerous public and private organizations around the world with #SUNBURST backdoor.

thehackernews.com/2020/12/us-age…

#infosecurity Image
Read 4 tweets
15 Jul 20
🔥 WATCH OUT 🔥

Many popular #cryptocurrency-related verified Twitter accounts got simultaneously compromised and tweeted an identical "Crypto For Health" #SCAM message.

Hacked people and organizations include Gemini, #Binance, Binance's CEO, #Coinbase, CoinDesk, and KuCoin.
Elon Musk's account has also been compromised, tweeting a similar cryptocurrency scam.

Keep an eye on this #Bitcoin address: btc.com/bc1qxy2kgdygjr…

Does someone has found a zero-day bug in @Twitter?

#infosec #cybersecurity
Bill Gates too...

OMG, What's happening!

Don't fall for these SCAMS.

Inform Others.

Hey @Twitter, can you remove all these tweets ASAP?
Read 10 tweets
14 Jul 20
WARNING 🔥 CVE-2020-1350 (CVSS 10)

A critical 17-year-old 'wormable' RCE #vulnerability affects Windows DNS Servers (2013 to 2019 editions) that could let unauthenticated hackers gain 'Domain Admin' privileges on the targeted servers.

Details — thehackernews.com/2020/07/window…

#infosec
Researchers confirm the new #Windows vulnerability, dubbed 'SigRed,' is a wormable bug, allowing attackers to launch #malware attacks that can spread from one vulnerable computer to another without any human interaction.

#cybersecurity #sysadmins #microsoft #informationsecurity
If exploited, #SigRed Windows Server #vulnerability enables hackers to intercept and manipulate users' emails and network traffic, make services unavailable, harvest users' credentials, and eventually compromise an organization's entire IT infrastructure.

thehackernews.com/2020/07/window…
Read 8 tweets
2 Dec 19
Beware #Android Users!

A new unpatched #vulnerability — dubbed Strandhogg — in Android could let malicious apps take extensive control over your device & steal your login credentials.

Details: thehackernews.com/2019/12/strand…

Dozens of apps are already exploiting this flaw in the wild.
@Swati_THN 1) #Phishing Attacks:

#Strandhogg task hijacking vulnerability can be exploited to display a fake user interface (UI) while tricking users into thinking they are using a legitimate app, making it easy for the malware to steal their credentials using spoofed login interfaces.
@Swati_THN 2) Fraudulently Requesting Permissions:

A malicious app can also escalate its capabilities significantly by tricking users into granting sensitive device permissions while posing as a legitimate app.

Read more: thehackernews.com/2019/12/strand…

#infosec #hacking #cybersecurity
Read 4 tweets
4 Jun 19
New Unpatched Bug Could Allow Client-Side Attackers to Bypass #Windows Lock Screen On RDP Sessions

Read more — thehackernews.com/2019/06/rdp-wi…

All the attacker needs to do is… interrupt the network connectivity of a targeted client system and Tadaaaa...! the lock screen will disappear
Starting with Windows 10 1803 and #Windows Server 2019, this flaw exists when login over #RDP requires the clients to authenticate with Network Level Authentication, an option that #Microsoft recently recommended as a workaround against the critical #BlueKeep RDP vulnerability.
Moreover...

"Two-factor authentication systems that integrate with the Windows login screen, such as Duo Security MFA, are also bypassed using this mechanism. Any login banners enforced by an organization will also be bypassed." @wdormann confirmed.
Read 6 tweets
17 Mar 19
EXCLUSIVE — A hacker who previously claimed to have hacked massive databases [millions of records] from multiple websites and then put them online for sale in 3 rounds has now come back with a new set of databases breached from 6 other websites

(story coming shortly, stay tuned)
[ROUND 4] List of breached sites:

1) Youthmanual — Indonesian college and career platform
2) GameSalad — Online learning platform
3) Bukalapak — Online Shopping Site
4) Lifebear — Japanese Online Notebook
5) EstanteVirtual — Online Bookstore
6) Coubic — Appointment Scheduling
[Story] Round 4 — Hacker Puts 26 Million New Accounts Up For Sale On the Dark Web

thehackernews.com/2019/03/data-b…

If you have an account with any of the above-listed sites, you should change your passwords immediately and also on other services if you re-use the same password.
Read 8 tweets