Amazing News...

Android's new Bluetooth stack rewrite (Gabeldorsh) is written with Rust 491 by nicoburns | 305 comments on Hacker News.

Inside a viral website 622 by panic | 244 comments on Hacker News.

Unsplash is being acquired by Getty Images 550 by baptlac | 263 comments on Hacker News.

You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution. But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team. More than likely, you noticed that it has its share of detection blind spots and limitations for from The Hacker News https://ift.tt/2PlOpz2 via IFTTT

Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attacks undertaken by APT10 (aka Stone Panda or Cicada) using previously undocumented malware to deliver from The Hacker News https://ift.tt/3rFZWWW via IFTTT

Google collects 20 times more telemetry from Android devices than Apple from iOS 556 by gormandizer | 290 comments on Hacker News.

Let’s fix font size 541 by rhabarba | 208 comments on Hacker News.

'Fake' Amazon workers defend company on Twitter 652 by alexrustic | 319 comments on Hacker News.

Voltswagen of America 534 by throwaway4good | 533 comments on Hacker News.

Ubiquiti starts serving ads in their management interface 607 by andremedeiros | 306 comments on Hacker News.

Gallup: U.S. church membership dips below 50% for first time 683 by cwwc | 1357 comments on Hacker News.

I made an eInk newspaper 537 by graiz | 210 comments on Hacker News.

Whistleblower: Ubiquiti Breach “Catastrophic” 772 by parsecs | 352 comments on Hacker News.

Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes (TB) of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month. The leaked data includes sensitive personal information such as:customer names,hashed passwords,email addresses,residential addresses,GPS from The Hacker News https://ift.tt/3rzufyw via IFTTT

Moderna mRNA sequence released to GitHub [pdf] 723 by aty268 | 231 comments on Hacker News.

The Deno Company 692 by elisee | 354 comments on Hacker News.

Suez Canal says traffic in channel resumes after stranded ship refloated 668 by WJW | 357 comments on Hacker News.

As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units (RTUs) that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service. "Successful exploitation of these vulnerabilities could result in remote code execution, which may cause a denial-of-service condition," the U.S. from The Hacker News https://ift.tt/3rAUmoK via IFTTT

Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. Discovered by Piotr Krysiuk of Symantec's Threat Hunter team, the flaws — tracked as CVE-2020-27170 and CVE-2020-27171 (CVSS from The Hacker News https://ift.tt/3wb0ojF via IFTTT

Email spoofing is a growing problem for an organization's security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as "the forgery of an email address header to make the message appear as if it was sent from a person or location other than the actual sender," it has plagued brands for decades. from The Hacker News https://ift.tt/3tZKBlN via IFTTT

In yet another instance of a software supply chain attack, someone hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code. The two malicious commits were pushed to the self-hosted "php-src" repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the programming from The Hacker News https://ift.tt/3rupZjJ via IFTTT

Female Founder Secrets: Men Clamming Up 563 by femfosec | 749 comments on Hacker News.

In Stockholm there's currently an IT battle underway 535 by div3rs3 | 224 comments on Hacker News.

Employees are happier when led by people with deep expertise (2016) 667 by mgh2 | 193 comments on Hacker News.

Apt Encounters of the Third Kind 663 by lormayna | 142 comments on Hacker News.

Louvre makes its entire collection available online 703 by colinprince | 147 comments on Hacker News.

Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go under names similar to legitimate pieces of software, this sophisticated new malicious app from The Hacker News https://ift.tt/3rAYHsl via IFTTT

Merely weeks after releasing out-of-band patches for iOS, macOS, and watchOS, Apple has released yet another security update for iPhone, iPad, Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild. Tracked as CVE-2021-1879, the vulnerability relates to a WebKit flaw that could enable adversaries to process maliciously crafted web content that may from The Hacker News https://ift.tt/3rrGf56 via IFTTT

Only Google is really allowed to crawl the web 697 by skinkestek | 263 comments on Hacker News.

Permission.site 576 by valand | 147 comments on Hacker News.

The maintainers of OpenSSL have released a fix for two high-severity security flaws in its software that could be exploited to carry out denial-of-service (DoS) attacks and bypass certificate verification. Tracked as CVE-2021-3449 and CVE-2021-3450, both the vulnerabilities have been resolved in an update (version OpenSSL 1.1.1k) released on Thursday. While CVE-2021-3449 affects all OpenSSL from The Hacker News https://ift.tt/3dbj0Ho via IFTTT

The Drivers Cooperative 550 by pasquinelli | 226 comments on Hacker News.

Phones and apps reduce your ability to focus even when they don’t distract you 500 by wgoto | 197 comments on Hacker News.

New research into 5G architecture has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network. AdaptiveMobile shared its findings with the GSM Association (GSMA) on February 4, 2021, following which the weaknesses were from The Hacker News https://ift.tt/3u12d0F via IFTTT

IT infrastructure management provider SolarWinds on Thursday released a new update to its Orion networking monitoring tool with fixes for four security vulnerabilities, counting two weaknesses that could be exploited by an authenticated attacker to achieve remote code execution (RCE). Chief among them is a JSON deserialization flaw that allows an authenticated user to execute arbitrary code via from The Hacker News https://ift.tt/3tXYOQi via IFTTT

Is that ship still stuck? 539 by ColinWright | 552 comments on Hacker News.

All my servers have an 8 GB empty file on disk 602 by sonicrocketman | 370 comments on Hacker News.

Do you really want Linux phones 490 by JetSpiegel | 523 comments on Hacker News.

RIP Google Reader 555 by mrbbk | 307 comments on Hacker News.

SQLite is not a toy database 529 by nalgeon | 194 comments on Hacker News.

More than a week after Microsoft released a one-click mitigation tool to mitigate cyberattacks targeting on-premises Exchange servers, the company disclosed that patches have been applied to 92% of all internet-facing servers affected by the ProxyLogon vulnerabilities. The development, a 43% improvement from the previous week, caps off a whirlwind of espionage and malware campaigns that hit from The Hacker News https://ift.tt/39gMFhn via IFTTT

When your organization invests in a new product or service, it is essential that you take advantage of all the features it has to offer. This will help you to maximize your return on investment (ROI). If you have purchased or are thinking about purchasing a self-service password reset (SSPR) tool, one of the most important things you will need to do is make sure that 100% of users are registered from The Hacker News https://ift.tt/39vTg7R via IFTTT

Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a from The Hacker News https://ift.tt/39erU5K via IFTTT

Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey, from The Hacker News https://ift.tt/3rnZkFg via IFTTT

The solution of the Zodiac killer’s 340-character cipher 457 by 0-_-0 | 105 comments on Hacker News.

Show HN: I wrote a book about Go 460 by maximilienandi | 92 comments on Hacker News.

Reddit’s most popular subreddits go private in protest against ‘censorship’ 449 by LordAtlas | 400 comments on Hacker News.

'Do Not Split': A Hong Kong protest film [video] 422 by lawrenceyan | 174 comments on Hacker News.

Microsoft in talks to buy Discord for more than $10B 399 by meibo | 460 comments on Hacker News.

Substack's UI and 1Password temporarily cost me $2k 505 by tomahony | 259 comments on Hacker News.

Early-Retirement Update 434 by dkarp | 426 comments on Hacker News.

Google Removed ClearURLs Extension from Chrome Web Store 628 by URfejk | 271 comments on Hacker News.

Suez canal blocked by a massive ship 663 by tilolebo | 231 comments on Hacker News.

Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities. The ongoing campaign makes use of a "novel spreading technique via indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes," according to  from The Hacker News https://ift.tt/3chsUIl via IFTTT

Chrome’s address bar will use https:// by default 572 by feross | 387 comments on Hacker News.

Reddit is banning any Aimee Challenor mention. UK public figure and Reddit admin 567 by 9387367 | 292 comments on Hacker News.

Plan 9 from Bell Labs in Cyberspace 581 by __d | 133 comments on Hacker News.

The S in IoT is for Security 554 by rauhl | 278 comments on Hacker News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in an advisory from The Hacker News https://ift.tt/3rmpo3T via IFTTT

Crystal 1.0 – What to expect 548 by mfkp | 204 comments on Hacker News.

Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks. Tracked as CVE-2020-11261 (CVSS score 8.4), the flaw concerns an "improper input validation" issue in Qualcomm's Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests from The Hacker News https://ift.tt/3lHDWK2 via IFTTT

Why the Wuhan lab leak theory shouldn't be dismissed 456 by ruaraidh | 434 comments on Hacker News.

The absolute worst scenario happened 499 by logronoide | 449 comments on Hacker News.

Live feed from Iceland erupting volcano [video] 526 by lknik | 134 comments on Hacker News.

Firefox 87 trims HTTP Referrers by default to protect user privacy 576 by twapi | 142 comments on Hacker News.

Cybersecurity researchers on Sunday disclosed multiple critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. "These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious attacker within the same network to gain from The Hacker News https://ift.tt/3f3pjiJ via IFTTT

GPT Neo: open-source GPT model, with pretrained 1.3B & 2.7B weight models 461 by pizza | 104 comments on Hacker News.

Richard Stallman is coming back to the board of the FSF 469 by wrycoder | 398 comments on Hacker News.

The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "unsafe deserialization" as an attack vector to permit from The Hacker News https://ift.tt/3sdDBkH via IFTTT

Backblaze submitting names and sizes of files in B2 buckets to Facebook 447 by celsoazevedo | 172 comments on Hacker News.

The Invention of a New Pasta Shape 431 by dgellow | 175 comments on Hacker News.

Don't End the Week with Nothing (2014) 529 by mooreds | 142 comments on Hacker News.

Nobody designs for small iPhone devices anymore 458 by dirtylowprofile | 255 comments on Hacker News.

Undocumented x86 instructions in Intel CPUs that can modify microcode 429 by BlackLotus89 | 130 comments on Hacker News.

Cookie Consent Speed Running Game 475 by bigdatagirl | 170 comments on Hacker News.

Docker for Mac M1 RC 440 by mikkelam | 334 comments on Hacker News.

Nyxt Browser 508 by wglb | 118 comments on Hacker News.

Demoscene accepted as UNESCO cultural heritage in Germany 618 by quakeguy | 87 comments on Hacker News.

Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation development comes on the heels of a proof-of-concept exploit code that from The Hacker News https://ift.tt/3tG77jy via IFTTT

Click 643 by st_goliath | 180 comments on Hacker News.

Duke Nukem 3D Mirror Universe 574 by tosh | 164 comments on Hacker News.

Young female Japanese biker is 50-year-old man using FaceApp 541 by amrrs | 331 comments on Hacker News.

The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks—a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company. A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S. Department of Justice (DoJ) on Thursday from The Hacker News https://ift.tt/3eXgGXc via IFTTT

We found and fixed a rare race condition in our session handling 495 by todsacerdoti | 153 comments on Hacker News.

Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks. Dubbed "XcodeSpy," the trojanized Xcode project is a tainted version of a legitimate, open-source project available from The Hacker News https://ift.tt/2P5Jm5t via IFTTT

A newly discovered glitch in Zoom's screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings. Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, but only briefly, thereby making it harder to exploit it in the wild. It's worth pointing out from The Hacker News https://ift.tt/3bWXdE2 via IFTTT

Interview with CEO of rsync.net: “no firewalls and no routers” 423 by dmytton | 228 comments on Hacker News.

Show HN: Sorted CSS Colors – Sort the named CSS colors in a nice way 415 by knuptfad | 133 comments on Hacker News.

Indiana Jones and the Last Crusade EGA/VGA Comparison 414 by ingve | 138 comments on Hacker News.

WallStreetBets members adopt 3,500 gorillas in six days 538 by ptype | 234 comments on Hacker News.

A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on February 22, following which it released an from The Hacker News https://ift.tt/3qX6EYb via IFTTT

Focalboard – a self-hosted alternative to Trello, Notion, and Asana 491 by stanislavb | 137 comments on Hacker News.

Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career.Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferation of malware becomes increasingly destructive. Once upon a time, a computer virus might cause from The Hacker News https://ift.tt/38SSOA8 via IFTTT

When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or script that is configured to log into the system using an old password. Perhaps the most easily from The Hacker News https://ift.tt/3tKRgQP via IFTTT

Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. "After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it," the company from The Hacker News https://ift.tt/3cNwpVS via IFTTT

Manim – an animation engine for explanatory math videos 490 by vermilingua | 30 comments on Hacker News.

Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios. The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a tool used to serve cached pages of a WordPress site. According to Wordfence from The Hacker News https://ift.tt/2NucDpZ via IFTTT

Audacity 3.0 442 by app4soft | 80 comments on Hacker News.

Charts.css 426 by pspeter3 | 82 comments on Hacker News.

Milky Way, 12 years, 1250 hours of exposures and 125 x 22 degrees of sky 408 by giuliomagnifico | 83 comments on Hacker News.

Google Play service fee reduced to 15% for the first $1M/year 417 by h43k3r | 276 comments on Hacker News.

Moore's Law for Everything 392 by icey | 495 comments on Hacker News.

Ask HN: What are some “10x” software product innovations you have experienced? 402 by pramodbiligiri | 739 comments on Hacker News. Peter Thiel has written about the "10x rule" for startups, where your innovation has to be 10 times better than the second best option [1]. Have you personally experienced such 10x improvements in your own interactions with software? What were they? [1] - https://ift.tt/2DgSbyH

Java 16 398 by JCWasmx86 | 296 comments on Hacker News.

Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories. "The threat actor did access a subset of email addresses and other contact information and hashed and salted credentials," the company said in a write-up detailing its investigation, adding the from The Hacker News https://ift.tt/2OYXXiU via IFTTT

It's not every day that one of the best-known independent cybersecurity individuals joins a cybersecurity company. The two are generally on opposite sides of the coin, with little crossover. After all, they're usually concerned with different parts of the cybersecurity puzzle – one providing platforms and tools to defend organizations, the other keeping them accountable and looking for blind from The Hacker News https://ift.tt/3loTXEs via IFTTT

GitHub, f ck your name change 626 by leontrolski | 347 comments on Hacker News.

A Florida teen accused of masterminding the hacks of several high-profile Twitter accounts last summer as part of a widespread cryptocurrency scam pled guilty to fraud charges in exchange for a three-year prison sentence. Graham Ivan Clark, 18, will also serve an additional three years on probation. The development comes after the U.S. Department of Justice (DoJ) charged Mason Sheppard (aka from The Hacker News https://ift.tt/38OCtwk via IFTTT

Apple may be changing the way it delivers security patches to its devices running iOS and iPadOS mobile operating systems. According to code spotted in iOS 14.5, the iPhone maker is reportedly working on a method for delivering security fixes independently of other OS updates. The changes were first reported by the 9to5Mac website. <!--adsense--> While Google's Android has had monthly security from The Hacker News https://ift.tt/3eSaIXp via IFTTT

Pangolin – Mobile AMD laptop with Ryzen CPU and Radeon graphics 432 by bananicorn | 398 comments on Hacker News.

We Don’t Use Docker 488 by mundanerality | 489 comments on Hacker News.

HN was down 461 by jontro | 242 comments on Hacker News.

Performance comparison: counting words in Python, Go, C++, C, Awk, Forth, Rust 423 by benhoyt | 292 comments on Hacker News.

The FBI Should Stop Attacking Encryption 429 by KubikPixel | 123 comments on Hacker News.

A hacker got all my texts for $16 499 by pje | 233 comments on Hacker News.

Cybersecurity researchers on Monday disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy Mirai variants on compromised systems. "Upon successful exploitation, the attackers try to download a malicious shell script, which contains further infection behaviors such as downloading and executing Mirai variants and brute-forcers," Palo Alto Networks' Unit 42 Threat from The Hacker News https://ift.tt/3vsZMW4 via IFTTT