Search Results for “Swati Khandelwal”


July 16, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Security Flaws in Zoom for macOS Also Affect Two Other Video Conferencing Applications RingCentral and Zhumu

The same security vulnerabilities that create a hidden local web server on users’ computers recently reported in Zoom for macOS affect two other popular video conferencing applications, RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, security researcher, Karan Lyons has demonstrated. RingCentral has already released an updated version (v7.0.151508.0712) of its meeting app for macOS that patches the vulnerabilities by removing the vulnerable web server. Zhumu has not yet released a patch for their software, but users can still uninstall the server following certain terminal commands.

June 11, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Adobe Issues Patch Tuesday Updates to Fix Eleven Security Flaws in Adobe Coldfusion, Flash Player, and Campaign

Adobe issued its Patch Tuesday, June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign. Three of the vulnerabilities affecting ColdFusion are critical in severity and could lead to remote code execution attacks. Adobe patched just one vulnerability (CVE-2019-7845) in its perennially problematic Flash Player software this month. One critical flaw (CVE-2019-7843) in Adobe Campaign was patched, a vulnerability which could allow attackers to execute commands on the affected systems (Windows and Linux) through arbitrary code execution flaw.


April 10, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Highly Sophisticated APT Spyware TajMahal Remained Undetected for Five Years

A highly sophisticated APT spyware framework dubbed TajMahal has been in operation for at least the last 5 years but remained undetected until recently, according to researchers at Kaspersky Lab. The framework is a high-tech modular-based malware toolkit that not only supports a vast number of malicious plugins consisting of at least 80 malicious modules, that allow for a wide range of attack scenarios using various tools but also comprises never-before-seen and obscure tricks. The platform consists of two main parts called Tokyo and Yokohama. Tokyo acts as the main back door and delivers the second-stage malware but remains even after the second stage starts. Yokohama is the second-stage weapon payload that comes with plugins, third-party libraries, and configuration files in order to steal cookies, intercept documents, collect data, record screenshots and VoIP calls and more. The researchers have found only one TajMahal victim so far but assume there are others.

Related: ZDNet Security, Security Affairs, Securelist, OODA Loop, DigitalMunition, Kaspersky Lab official blog, Business Wire Technology News, Security – Computing, Threatpost


May 28, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Nearly One Million Windows Systems Still Unpatched for Dangerous, Wormable BlueKeep RDP Flaw Two Weeks After Microsoft Issued Fix

Two weeks after Microsoft issued a patch to fix the problem, nearly 1 million Windows systems are still unpatched and have been found vulnerable to a recently disclosed critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Protocol (RDP) dubbed BlueKeep, according to Robert Graham, head of offensive security research firm Errata Security. The vulnerability, tracked as CVE-2019-0708, could easily cause the kind of cascading damage created by previous famous worms such as WannaCry and NotPetya. Even though no security researcher has yet publicly published any proof-of-concept exploit code for BlueKeep, a few have confirmed to have successfully developed a working exploit.

Related: SecurityWeek, DataBreachToday.com, PCMag.com, ISC.SANS.edu,Security Affairs, ZDNet Security, The Register – Security


June 21, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Microsoft Issues Fix for Outlook for Android App Flaw That Lets Attackers Execute Malicious Code by Sending Specially Crafted Message

Microsoft issued a security advisory and an updated version of its “Outlook for Android” that addresses and patches a stored cross-site scripting vulnerability (CVE-2019-1105) in its popular Outlook email app that is currently being used over 100 million users. If exploited, the flaw can allow attackers to execute malicious in-app client-side code on the targeted devices just by sending them emails with a specially crafted message.

May 10, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
DHS and FBI Warn About New, Secret Tunneling Malware, ELECTRICFISH, From North Korea’s Hidden Cobra Group

The U.S. Department of Homeland Security (DHS) and the FBI have issued a joint alert about a new piece of malware, ELECTRICFISH, that the prolific North Korean APT hacking group Hidden Cobra (also known as Lazarus Group and Guardians of Peace) has actively been using in the wild. Hidden Cobra has been widely associated with the 2017 WannaCry ransomware scare, the 2014 Sony Pictures hack, and the SWIFT Banking attack in 2016. According to DHS and FBI, ELECTRICFISH has been used for secretly tunneling traffic out of compromised computer systems, making it possible to connect to a system sitting inside of a proxy server, which allows the attackers to bypass the infected system’s required authentication.

Related: BleepingComputer.com, WashingtonExaminer.comUS-CERT Current Activity, US-CERT, Security Affairs, Silicon UK, Security – Computing, THE INQUIRER, SecurityWeek


December 17, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
WhatsApp Patched Software Bug That Allowed Malicious Group Members to Crash Messaging App, Cause Loss of Entire Group Chat History

Popular end-to-end encrypted communications app WhatsApp patched a software bug that could have allowed a malicious group member to crash the messaging app for all members of the same group, triggering a fully-destructive WhatsApp crash-loop and forcing all group members to completely uninstall the app, reinstall it, and remove the group to regain normal function. In the process, group members would lose the entire group chat history, indefinitely, to get rid of it, researchers at Check Point who discovered the flaw say. The flaw resided in WhatsApp’s implementation of the XMPP communication protocol that crashes the app when a member with an invalid phone number drops a message in the group. Check Point reported the problem to WhatsApp in late August, and the company patched the issue with the release of WhatsApp version 2.19.58 in mid-September. WhatsApp also added new controls to prevent people from being added to unwanted groups to avoid communication with untrusted parties altogether.

Related: The Times of Israel, ZDNet, The Register – Security, Fast Company, The Independent, 9to5Mac, Mobile Cyber Threats | Wandera, Appuals.com, BleepingComputer.com, iPhone Hacks, Ynet News,The Sun, Trusted Reviews, NewsBytes App, MobileSyrup.com, Security Affairs, Wired, Gadgets Now, Spyware news, Silicon Republic, Mashable, GBHackers On Security, SecurityWeek

Tweets:@fs0c131y

The Times of Israel: Check Point finds flaw in WhatsApp that could allow group-chat crash
ZDNet: This WhatsApp bug could allow hackers to crash the app and delete group chats forever
The Register – Security: Destroyed: A method of destroying Whatsapp group chats forever, say infosec bods of vuln patch
Check Point : BreakingApp – WhatsApp Crash & Data Loss Bug
Fast Company: A WhatsApp security flaw could have been exploited by hackers to create ‘mass chaos,’ say researchers
The Independent: WHATSAPP BUG CRASHES APP AND COMPLETELY WIPES OUT GROUP CHATS WITH A SINGLE MESSAGE
9to5Mac: PSA: Update WhatsApp as a single message can wipe out your group chats
Mobile Cyber Threats | Wandera: Newly identified remote exploit exposes WhatsApp private user data | Wandera
Appuals.com: Apple’s iOS 13 Bug Quietly Breaks Notifications For WhatsApp Users
BleepingComputer.com: Bug Sent WhatsApp Into Crash Loop, Caused Chat History Loss
iPhone Hacks: WhatsApp Fixes a Bug That Allowed Hackers to Crash App with a Message in Group Chat
Ynet News : WhatsApp security flaw discovered by Checkpoint
The Sun: WhatsApp bug lets a single text crash your app so hard you need to reinstall it
Trusted Reviews: This WhatsApp bug could crash your group chats
NewsBytes App: This bug crashes WhatsApp for entire groups, deletes chat history
MobileSyrup.com: WhatsApp vulnerability, now fixed, can make group chats unusable
Security Affairs: A WhatsApp bug could have allowed crashing of all group members
Wired : WhatsApp Fixes Yet Another Group Chat Security Gap
Gadgets Now: WhatsApp bug crashes group chat, deletes history forever: Report
Spyware news: WhatsApp bug: one message causes a complete wipeout of group chats
Silicon Republic: WhatsApp flaws lets hackers crash your app with one message
Mashable: Crisis averted: WhatsApp fixed a lethal security flaw
GBHackers On Security: Critical Whatsapp Bug Let Hackers to Crash & Delete Group Messages by Sending a Single Destructive Message
SecurityWeek: Vulnerability in WhatsApp Allows Attackers to Crash Group Chats

@fs0c131y: The @_CPResearch_ team managed to create a crash loop in #WhatsApp. It’s more fun than a real danger but still ?


January 24, 2020
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Russian Crook Who Ran Payment Card Fraud Sites Pleads Guilty in U.S. District Court, Faces Up to 15 Years in Prison

A 29-year-old Russian hacker Aleksei Burkov pleaded guilty before Senior U.S. District Judge T.S. Ellis III to charges related to his operation of two websites devoted to the facilitation of payment card fraud, computer hacking, and other crimes. Burkov operated an online marketplace for buying and selling stolen credit card and debit card numbers called Cardplanet, which roughly hosted 150,000 payment card details between the years 2009 and 2013. He also masterminded a separate invite-only forum website for elite cybercriminals where they advertised stolen personal identity information, malicious software, and other illegal services, like money laundering and hacking services. Burkov was arrested at Israel’s Ben-Gurion Airport in late 2015 and extradited to the United States in November 2019 after he lost his appeal against extradition in the Israeli Supreme Court and the Israeli High Court of Justice. He is facing a prison sentence of up to 15 years, which will be announced by the federal court in Alexandria on 8th May 2020.

December 13, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Outdated WordPress Beaver Builder, Elementor Add-Ons Leave Websites Vulnerable to Critical Authentication Bypass Vulnerability

WordPress websites that are using “Ultimate Addons for Beaver Builder,” or “Ultimate Addons for Elementor” and haven’t recently updated them to the latest available versions are vulnerable to a critical yet easy-to-exploit authentication bypass vulnerability, researchers at web security service MalCare report. The flaw resides in the way both plugins let WordPress account holders, including administrators, authenticate via Facebook and Google login mechanisms. Due to the lack of checks in the authentication method when a user login via Facebook or Google, vulnerable plugins can be tricked into allowing malicious users to login as any other targeted user without requiring any password.

November 22, 2019
Swati Khandelwal / The Hacker News

Swati Khandelwal / The Hacker News  
Russian Hacker Who Created Neverquest Banking Malware Sentenced to Four Years in Prison

A Russian hacker, Stanislav Vitaliyevich Lisov, who created and used Neverquest banking malware to steal money from victims’ bank accounts has been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. Spanish authorities arrested Lisov at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the United States in 2018. He had pleaded guilty to one count of conspiracy to commit computer hacking, involving attempts to steal at least $4.4 million from hundreds of victims using the NeverQuest banking trojan.