Category: TheHackerNews

User Location Tracking
02
Jan
2023

Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking

Jan 02, 2023Ravie LakshmananPrivacy / Location Tracking Google has agreed to pay a total of $29.5 million to settle two…

Google Home Smart Speakers
30
Dec
2022

Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

Dec 30, 2022Ravie LakshmananBug Bounty / Privacy A security researcher was awarded a bug bounty of $107,500 for identifying security…

JasperReports Vulnerabilities
30
Dec
2022

CISA Warns of Active exploitation of JasperReports Vulnerabilities

Dec 30, 2022Ravie LakshmananPatch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two-years-old security flaws impacting TIBCO…

Citrix Servers
29
Dec
2022

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Dec 29, 2022Ravie LakshmananServer Security / Citrix Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to…

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
29
Dec
2022

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software

Dec 29, 2022Ravie LakshmananOnline Security / Malvertising Users searching for popular software are being targeted by a new malvertising campaign…

BitKeep Confirms Cyber Attack
28
Dec
2022

BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies

Dec 28, 2022Ravie LakshmananBlockchain / Android Malware Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat…

Malicious Excel Add-ins
28
Dec
2022

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Dec 28, 2022Ravie LakshmananMalware / Windows Security Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for…

Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems
28
Dec
2022

Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems

Dec 15, 2022Ravie LakshmananEmail Security / Endpoint Security Phishing campaigns involving the Qakbot malware are using Scalable Vector Graphics (SVG)…

denial-of-service
28
Dec
2022

FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms

Dec 15, 2022Ravie LakshmananCyber Attack / DDoS-for-Hire The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48…

Open Source Repositories
28
Dec
2022

Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages

Dec 15, 2022Ravie Lakshmanan NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in…

Top 5 Web App Vulnerabilities and How to Find Them
28
Dec
2022

Top 5 Web App Vulnerabilities and How to Find Them

Web applications, often in the form of Software as a Service (SaaS), are now the cornerstone for businesses all over…

Money-Lending Apps
27
Dec
2022

Android Malware Campaign Leverages Money-Lending Apps to Blackmail Victims

A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal…