Search Results for “Swati Khandelwal”


October 1, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Zynga Warned Users About Data Breach Affecting Words With Friends, Draw Something, Hacker Takes Credit for Breach and Says He Access 218 Million Users’ Data

Popular games giant Zynga reported to users on September 12 that their data from Words With Friends and popular sister title Draw Something had been compromised. A Pakistani hacker who uses the online alias Gnosticplayers, best known for selling on a dark web marketplace almost a billion user records stolen from nearly 45 popular online services, has laid claim to the hack. Gnosticplayers told Hacker News he has hacked “Words With Friends,” a popular Zynga-developed word puzzle game and accessed a massive database of more than 218 million users. The hacker claims his breach affects all Android and iOS game players who installed and signed up for the ‘Words With Friends’ game on and before September 2 this year. The hacker also claims to have hacked Zynga’s Draw Something game and the discontinued OMGPOP game. The hacker said that the data from OMGPOP exposed clear text passwords for more than 7 million users. Gnosticplayers claims the stolen data includes names, email addresses, login IDs, hashed passwords, SHA1 with salt, password reset token (if ever requested), phone numbers (if provided) Facebook ID (if connected) and Zynga account ID.

Related: Security Affairs, Zynga, Gizmodo, Geek News Central, SC Magazine, VentureBeat

Tweets:@gcluley


July 16, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Security Flaws in Zoom for macOS Also Affect Two Other Video Conferencing Applications RingCentral and Zhumu

The same security vulnerabilities that create a hidden local web server on users’ computers recently reported in Zoom for macOS affect two other popular video conferencing applications, RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, security researcher, Karan Lyons has demonstrated. RingCentral has already released an updated version (v7.0.151508.0712) of its meeting app for macOS that patches the vulnerabilities by removing the vulnerable web server. Zhumu has not yet released a patch for their software, but users can still uninstall the server following certain terminal commands.

June 11, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Adobe Issues Patch Tuesday Updates to Fix Eleven Security Flaws in Adobe Coldfusion, Flash Player, and Campaign

Adobe issued its Patch Tuesday, June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign. Three of the vulnerabilities affecting ColdFusion are critical in severity and could lead to remote code execution attacks. Adobe patched just one vulnerability (CVE-2019-7845) in its perennially problematic Flash Player software this month. One critical flaw (CVE-2019-7843) in Adobe Campaign was patched, a vulnerability which could allow attackers to execute commands on the affected systems (Windows and Linux) through arbitrary code execution flaw.


April 10, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Highly Sophisticated APT Spyware TajMahal Remained Undetected for Five Years

A highly sophisticated APT spyware framework dubbed TajMahal has been in operation for at least the last 5 years but remained undetected until recently, according to researchers at Kaspersky Lab. The framework is a high-tech modular-based malware toolkit that not only supports a vast number of malicious plugins consisting of at least 80 malicious modules, that allow for a wide range of attack scenarios using various tools but also comprises never-before-seen and obscure tricks. The platform consists of two main parts called Tokyo and Yokohama. Tokyo acts as the main back door and delivers the second-stage malware but remains even after the second stage starts. Yokohama is the second-stage weapon payload that comes with plugins, third-party libraries, and configuration files in order to steal cookies, intercept documents, collect data, record screenshots and VoIP calls and more. The researchers have found only one TajMahal victim so far but assume there are others.

Related: ZDNet Security, Security Affairs, Securelist, OODA Loop, DigitalMunition, Kaspersky Lab official blog, Business Wire Technology News, Security – Computing, Threatpost


May 10, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
DHS and FBI Warn About New, Secret Tunneling Malware, ELECTRICFISH, From North Korea’s Hidden Cobra Group

The U.S. Department of Homeland Security (DHS) and the FBI have issued a joint alert about a new piece of malware, ELECTRICFISH, that the prolific North Korean APT hacking group Hidden Cobra (also known as Lazarus Group and Guardians of Peace) has actively been using in the wild. Hidden Cobra has been widely associated with the 2017 WannaCry ransomware scare, the 2014 Sony Pictures hack, and the SWIFT Banking attack in 2016. According to DHS and FBI, ELECTRICFISH has been used for secretly tunneling traffic out of compromised computer systems, making it possible to connect to a system sitting inside of a proxy server, which allows the attackers to bypass the infected system’s required authentication.

Related: BleepingComputer.com, WashingtonExaminer.comUS-CERT Current Activity, US-CERT, Security Affairs, Silicon UK, Security – Computing, THE INQUIRER, SecurityWeek


May 28, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Nearly One Million Windows Systems Still Unpatched for Dangerous, Wormable BlueKeep RDP Flaw Two Weeks After Microsoft Issued Fix

Two weeks after Microsoft issued a patch to fix the problem, nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol (RDP) dubbed BlueKeep, according to Robert Graham, head of offensive security research firm Errata Security. The vulnerability, tracked as CVE-2019-0708, could easily cause the kind of cascading damage created by previous famous worms such as WannaCry and NotPetya. Even though no security researcher has yet publicly published any proof-of-concept exploit code for BlueKeep, a few have confirmed to have successfully developed a working exploit.

Related: SecurityWeek, DataBreachToday.com, PCMag.com, ISC.SANS.edu,Security Affairs, ZDNet Security, The Register – Security


June 21, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Microsoft Issues Fix for Outlook for Android App Flaw That Lets Attackers Execute Malicious Code by Sending Specially Crafted Message

Microsoft issued a security advisory and an updated version of its “Outlook for Android” that addresses and patches a stored cross-site scripting vulnerability (CVE-2019-1105) in its popular Outlook email app that is currently being used over 100 million users. If exploited, the flaw can allow attackers to execute malicious in-app client-side code on the targeted devices just by sending them emails with a specially crafted message.