1. New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers
At NDSS Symposium 2019, a group of university researchers revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols.
According to a paper published by the researchers, “Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information,” the new attacks could allow remote attackers to bypass security protections implemented in 4G and 5G, re-enabling IMSI catching devices like “Stingrays” to intercept users’ phone calls and track their location.
2. Hackers Favorite CoinHive Cryptocurrency Mining Service Shutting Down
Coinhive, a notorious in-browser cryptocurrency mining service popular among cybercriminals, has announced that it will discontinue its services on March 8, 2019.
Millions of online users who visited those hacked websites immediately had their computers’ processing power hijacked, also known as cryptojacking, to mine cryptocurrency without users’ knowledge, potentially generating profits for cybercriminals in the background.
3. Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately.
Cybersecurity researchers shared their latest research revealing the existence of a critical remote code execution vulnerability that affects all previous versions of WordPress content management software released in the past 6 years.
The remote code execution attack, discovered and reported to the WordPress security team late last year, can be exploited by a low privileged attacker with at least an “author” account using a combination of two separate vulnerabilities—Path Traversal and Local File Inclusion—that reside in the WordPress core.
4. Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers
It’s not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last week.
They reported about a 19-year-old remote code execution vulnerability disclosedd by Check Point in the UNACEV2.dll library of WinRAR that could allow a maliciously-crafted ACE archive file to execute arbitrary code on a targeted system.
WinRAR is a popular Windows file compression application with 500 million users worldwide, but a critical “Absolute Path Traversal” bug (CVE-2018-20250) in its old third-party library, called UNACEV2.DLL, could allow attackers to extract a compressed executable file from the ACE archive to one of the Windows Startup folders, where the file would automatically run on the next reboot.
5. Hackers Actively Exploiting Latest Drupal RCE Flaw Published Last Week
Cybercriminals have actively started exploiting an already patched security vulnerability in the wild to install cryptocurrency miners on vulnerable Drupal websites that have not yet applied patches and are still vulnerable.
Developers of the popular open-source content management system Drupal patched a critical remote code execution (RCE) vulnerability (CVE-2019-6340) in Drupal Core that could allow attackers to hack affected websites.
Despite releasing no technical details of the security vulnerability, the proof-of-concept (PoC) exploit code for the vulnerability was made publicly available on the Internet just days after the Drupal security team rolled out the patched version of its software.
6. Almost Half A Million Delhi Citizens’ Personal Data Exposed Online
Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens… thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without the password.
In a report shared Bob Diachenko disclosed that two days ago he found a 4.1 GB-sized highly sensitive database online, named “GNCTD,” containing information collected on 458,388 individuals located in Delhi, including their Aadhaar numbers and voter ID numbers.
Though it’s not clear if the exposed database is linked to the Government of National Capital Territory of Delhi (GNCTD), Diachenko found that the database contains references and email addresses with “transerve.com” domain for users registered with “senior supervisor,” and “super admin” designations.
7. Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
Beware Windows users… a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide.
Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the software released in last 19 years.
The flaw resides in the way an old third-party library, called UNACEV2.DLL, used by the software handled the extraction of files compressed in ACE data compression archive file format.
8. LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers
Why would someone bother to hack a so-called “ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls,” when one can simply fetch a copy of the same data from other sources.
French security researcher Baptiste Robert, who goes by the pseudonym “Elliot Alderson” on Twitter, with the help of an Indian researcher, who wants to remain anonymous, discovered that the official website of popular state-owned LPG gas company Indane is leaking personal details of its millions of customers, including their Aadhaar numbers.
This is not the first time when an unprotected third-party database has leaked Aadhaar details of Indian citizens, which is a unique number assigned to each citizen as part of India’s biometric identity programme maintained by the government’s Unique Identification Authority of India (UIDAI).
9. Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale
A hacker who was selling details of nearly 620 million online accounts stolen from 16 popular websites has now put up a second batch of 127 million records originating from 8 other sites for sale on the dark web.
The Hacker News received an email from a Pakistani hacker who claims to have hacked dozens of popular websites (listed below) and selling their stolen databases online.
During an interview the hacker also claimed that many targeted companies have probably no idea that they have been compromised and that their customers’ data have already been sold to multiple cyber criminal groups and individuals.
10. Android Phones Can Get Hacked Just by Looking at a PNG Image
Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps.
Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three newly-discovered critical vulnerabilities that affect millions of devices running recent versions of Google’s mobile operating system, ranging from Android 7.0 Nougat to its current Android 9.0 Pie.
The vulnerabilities, identified as CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988, have been patched in Android Open Source Project (AOSP) by Google as part of its February Android Security Updates.
However, since not every handset manufacturer rolls out security patches every month, it’s difficult to determine if your Android device will get these security patches anytime sooner.
Although Google engineers have not yet revealed any technical details explaining the vulnerabilities, the updates mention fixing “heap buffer overflow flaw,” “errors in SkPngCodec,” and bugs in some components that render PNG images.