Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

The Hacker News Daily Updates
Newsletter
cover

Protecting the Endpoint to Work from Anywhere

As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts.

Download Now Sponsored
LATEST NEWS Dec 30, 2022

Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The flaws "allowed an attacker within wireless proximity to install a 'backdoor' account on the device, enabling them to send commands to it remotely over the internet, access its ...

Read More
Twitter Facebook LinkedIn

CISA Warns of Active exploitation of JasperReports Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two years-old security flaws impacting TIBCO Software's JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), were addressed by TIBCO in April 2018 and March ...

Read More
Twitter Facebook LinkedIn

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), which were addressed by the virtualization services provider on November 8 and December 13, 2022, respectively. While ...

Read More
Twitter Facebook LinkedIn

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software

Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google search results in the form of malicious ads by hijacking searches for ...

Read More
Twitter Facebook LinkedIn

BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies

Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users' digital currencies. "With maliciously implanted code, the altered APK led to the leak of user's private keys and enabled the hacker to move funds," BitKeep CEO Kevin Como said, describing it as a ...

Read More
Twitter Facebook LinkedIn

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Microsoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as an initial intrusion ...

Read More
Twitter Facebook LinkedIn

BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain, Kaspersky disclosed in a report published today. ...

Read More
Twitter Facebook LinkedIn

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed third-party apps such as those used by Cambridge Analytica to access users' personal information without their consent for ...

Read More
Twitter Facebook LinkedIn
cover

Protecting the Endpoint to Work from Anywhere

As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts.

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Older messages

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thursday, December 29, 2022

The Hacker News Daily Updates Newsletter cover Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans

Go For DevOps ($5.00 Value) FREE for a Limited Time

Wednesday, December 28, 2022

The Hacker News eBook Update Newsletter Go For DevOps ($5.00 Value) FREE for a Limited Time Download For Free With the help of Go for DevOps, you'll learn how to deliver services with ease and

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Wednesday, December 28, 2022

The Hacker News Daily Updates Newsletter cover Moving Past Passwords (At Last!) 7 Key Takeaways to Passwordless Authentication Download Now Sponsored LATEST NEWS Dec 28, 2022 BitKeep Confirms Cyber

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Tuesday, December 27, 2022

The Hacker News Daily Updates Newsletter cover Data in Motion to Accelerate Your Mission Learn how a cohesive enterprise data strategy that fosters data movement with built-in analytics and AI can help

GuLoader Malware Utilizing New Techniques to Evade Security Software

Monday, December 26, 2022

The Hacker News Daily Updates Newsletter cover Top 10 CMMS Software for 2022--Free Analyst Report Get an expert comparison of the top computerized maintenance management system (CMMS) software.

You Might Also Like

Data Science Weekly - Issue 579

Thursday, December 26, 2024

Curated news, articles and jobs related to Data Science, AI, & Machine Learning ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

💎 Issue 449 - JRuby with JBang

Thursday, December 26, 2024

This week's Awesome Ruby Newsletter Read this email on the Web The Awesome Ruby Newsletter Issue » 449 Release Date Dec 26, 2024 Your weekly report of the most popular Ruby news, articles and

💻 Issue 449 - JavaScript Benchmarking Is a Mess

Thursday, December 26, 2024

This week's Awesome JavaScript Weekly Read this email on the Web The Awesome JavaScript Weekly Issue » 449 Release Date Dec 26, 2024 Your weekly report of the most popular JavaScript news, articles

📱 Issue 443 - EU asks for views on plan to force Apple to open up iOS

Thursday, December 26, 2024

This week's Awesome iOS Weekly Read this email on the Web The Awesome iOS Weekly Issue » 443 Release Date Dec 26, 2024 Your weekly report of the most popular iOS news, articles and projects Popular

💻 Issue 442 - SOLID: The Liskov Substitution Principle (LSP) in C#

Thursday, December 26, 2024

This week's Awesome .NET Weekly Read this email on the Web The Awesome .NET Weekly Issue » 442 Release Date Dec 26, 2024 Your weekly report of the most popular .NET news, articles and projects

Daily Coding Problem: Problem #1649 [Easy]

Thursday, December 26, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Dropbox. Spreadsheets often use this alphabetical encoding for its columns: "A

JSK Daily for Dec 26, 2024

Thursday, December 26, 2024

JSK Daily for Dec 26, 2024 View this email in your browser A community curated daily e-mail of JavaScript news Performance Optimization in React Pivot Table with Data Compression The Syncfusion React

📱 Issue 446 - Fatbobman's Swift Weekly #063

Thursday, December 26, 2024

This week's Awesome Swift Weekly Read this email on the Web The Awesome Swift Weekly Issue » 446 Release Date Dec 26, 2024 Your weekly report of the most popular Swift news, articles and projects

💻 Issue 444 - Four limitations of Rust’s borrow checker

Thursday, December 26, 2024

This week's Awesome Rust Weekly Read this email on the Web The Awesome Rust Weekly Issue » 444 Release Date Dec 26, 2024 Your weekly report of the most popular Rust news, articles and projects

💻 Issue 367 - React 19: A New Era of Web Development

Thursday, December 26, 2024

This week's Awesome React Weekly Read this email on the Web The Awesome React Weekly Issue » 367 Release Date Dec 26, 2024 Your weekly report of the most popular React news, articles and projects