Search the Portal

Recent Articles

JAN26
N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches

Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development. The internet giant's Threat...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Enhancing Email Security with MTA-STS and SMTP TLS Reporting

In 1982, when SMTP was first specified, it did not contain any mechanism for providing security at the transport level to secure communications between mail transfer agents. Later, in 1999, the STARTTLS command was added to SMTP that in turn...

The Hacker News by noreply@blogger.com (The Hacker News)
JAN26
Beware — A New Wormable Android Malware Spreading Through WhatsApp

A newly discovered Android malware has been found to propagate itself through WhatsApp messages to other contacts in order to expand what appears to be an adware campaign. "This malware spreads via victim's WhatsApp by automatically replying to...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Pen Testing By Numbers: Tracking Pen Testing Trends and Challenges

Over the years, penetration testing has had to change and adapt alongside the IT environments and technology that need to be assessed. Broad cybersecurity issues often influence the strategy and growth of pen-testing. In such a fast-paced field...

The Hacker News by noreply@blogger.com (The Hacker News)
JAN26
Experts Detail A Recent Remotely Exploitable Windows Vulnerability

More details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager (NTLM) that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month. The flaw, tracked as CVE-2021-1678 (CVSS...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Beware! Fully-Functional Exploit Released Online for SAP Solution Manager Flaw

Cybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product

SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems. The San Jose-based company said the attacks leveraged zero-day...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Sharing eBook With Your Kindle Could Have Let Hackers Hijack Your Account

Amazon has addressed a number of flaws in its Kindle e-reader platform that could have allowed an attacker to take control of victims' devices by simply sending them a malicious e-book. Dubbed "KindleDrip," the exploit chain takes advantage of a...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Missing Link in a 'Zero Trust' Security Model—The Device You're Connecting With!

Like it or not, 2020 was the year that proved that teams could work from literally anywhere. While terms like "flex work" and "WFH" were thrown around before COVID-19 came around, thanks to the pandemic, remote working has become the defacto way...

The Hacker News by noreply@blogger.com (The Hacker News)
JAN26
MrbMiner Crypto-Mining Malware Links to Iranian Software Company

A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Here's How SolarWinds Hackers Stayed Undetected for Long Enough

Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Importance of Application Security and Customer Data Protection to a Startup

When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security...

The Hacker News by noreply@blogger.com (The Hacker News)
JAN26
Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps

In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)
JAN26
SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company...

The Hacker News by noreply@blogger.com (Ravie Lakshmanan)