1. Home
  2. Discover
  3. Technology
  4. The Hacker News

Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

The Hacker News Daily Updates
Newsletter
cover

Protecting the Endpoint to Work from Anywhere

As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts.

Download Now Sponsored
LATEST NEWS Dec 30, 2022

Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The flaws "allowed an attacker within wireless proximity to install a 'backdoor' account on the device, enabling them to send commands to it remotely over the internet, access its ...

Read More
Twitter Facebook LinkedIn

CISA Warns of Active exploitation of JasperReports Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two years-old security flaws impacting TIBCO Software's JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), were addressed by TIBCO in April 2018 and March ...

Read More
Twitter Facebook LinkedIn

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), which were addressed by the virtualization services provider on November 8 and December 13, 2022, respectively. While ...

Read More
Twitter Facebook LinkedIn

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software

Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google search results in the form of malicious ads by hijacking searches for ...

Read More
Twitter Facebook LinkedIn

BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies

Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions of its Android app with the goal of stealing users' digital currencies. "With maliciously implanted code, the altered APK led to the leak of user's private keys and enabled the hacker to move funds," BitKeep CEO Kevin Como said, describing it as a ...

Read More
Twitter Facebook LinkedIn

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Microsoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as an initial intrusion ...

Read More
Twitter Facebook LinkedIn

BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web (MotW) protections. This includes the use of optical disk image (.ISO extension) and virtual hard disk (.VHD extension) file formats as part of a novel infection chain, Kaspersky disclosed in a report published today. ...

Read More
Twitter Facebook LinkedIn

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed third-party apps such as those used by Cambridge Analytica to access users' personal information without their consent for ...

Read More
Twitter Facebook LinkedIn
cover

Protecting the Endpoint to Work from Anywhere

As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts.

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

The US Cybersecurity Decentralized multichain crypto wallet Google Home Smart Speakers Citrix Application Delivery Controller Cambridge Analytica Data Leak BitKeep CEO Kevin Como two yearsold security flaws two critical security flaws many threat actors Infrastructure Security Agency virtualization services provider typosquatted domain names Google search results notorious Lazarus Group optical disk image virtual hard disk novel infection chain social media giant Potential Wiretapping Bugs New Malvertising Campaign Known Exploited Vulnerabilities Malicious Excel Addins Initial Intrusion Vector commodity malware families Windows MotW Protection running classaction lawsuit BlueNoroff APT Hackers users digital currencies

Older messages

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thursday, December 29, 2022

The Hacker News Daily Updates Newsletter cover Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans

Go For DevOps ($5.00 Value) FREE for a Limited Time

Wednesday, December 28, 2022

The Hacker News eBook Update Newsletter Go For DevOps ($5.00 Value) FREE for a Limited Time Download For Free With the help of Go for DevOps, you'll learn how to deliver services with ease and

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Wednesday, December 28, 2022

The Hacker News Daily Updates Newsletter cover Moving Past Passwords (At Last!) 7 Key Takeaways to Passwordless Authentication Download Now Sponsored LATEST NEWS Dec 28, 2022 BitKeep Confirms Cyber

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

Tuesday, December 27, 2022

The Hacker News Daily Updates Newsletter cover Data in Motion to Accelerate Your Mission Learn how a cohesive enterprise data strategy that fosters data movement with built-in analytics and AI can help

GuLoader Malware Utilizing New Techniques to Evade Security Software

Monday, December 26, 2022

The Hacker News Daily Updates Newsletter cover Top 10 CMMS Software for 2022--Free Analyst Report Get an expert comparison of the top computerized maintenance management system (CMMS) software.

You Might Also Like

Your Phone’s Other Number 📱

Saturday, April 27, 2024

Let's talk about your phone's IMEI number. Here's a version for your browser. Hunting for the end of the long tail • April 27, 2024 Today in Tedium: As you may know, Tedium is a blog and/or

🕹️ How to Play Retro Games for Free on iPhone — Why I Can't Live Without an eReader

Saturday, April 27, 2024

Also: Anker MagGo (Qi2) Power Bank Review, and More! How-To Geek Logo April 27, 2024 📩 Get expert reviews, the hottest deals, how-to's, breaking news, and more delivered directly to your inbox by

Weekend Reading — The Bob Ross of programming

Saturday, April 27, 2024

This week we use coffee tasting as our design practice, get as close to and as far away from the metal as possible, find an easier way to write documentation, discover why Google Search is getting so

Issue #538: All the Jam entries, Panthera 2, and Tristram

Saturday, April 27, 2024

Weekly newsletter about HTML5 Game Development. Is this email not displaying correctly? View it in your browser. Issue #538 - April 26th 2024 If you have anything you want to share with the HTML5 game

Daily Coding Problem: Problem #1424 [Easy]

Saturday, April 27, 2024

Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Microsoft. Implement a URL shortener with the following methods: shorten(url) , which

Charted | Countries That Became More Happy (or Unhappy) Since 2010 😅

Saturday, April 27, 2024

Which countries had the highest happiness gains since 2010? Which became sadder? View Online | Subscribe Presented by Voronoi: The App Where Data Tells the Story FEATURED STORY Countries With the

Noonification: What Is E-Waste Hacking?

Saturday, April 27, 2024

Top Tech Content sent at Noon! The first AI-powered startup unlocking the “billionaire economy” for your benefit How are you, @newsletterest1? 🪐 What's happening in tech this week: The

TikTok faces a ban in the US, Tesla profits drop and healthcare data leaks

Saturday, April 27, 2024

Plus: Amazon's new delivery subscription and a deep dive on Rippling View this email online in your browser By Kyle Wiggers Saturday, April 27, 2024 Image Credits: TechCrunch Welcome, folks, to

🐍 New Python tutorials on Real Python

Saturday, April 27, 2024

Hey there, There's always something going on over at realpython.com as far as Python tutorials go. Here's what you may have missed this past week: Write Unit Tests for Your Python Code With

Bogus npm Packages Used to Trick Software Developers into Installing Malware

Saturday, April 27, 2024

THN Daily Updates Newsletter cover Webinar -- Uncovering Contemporary DDoS Attack Tactics -- and How to Fight Back Stop DDoS Attacks Before They Stop Your Business... and Make You Headline News.