Cyber Attack | Breaking Cybersecurity News | The Hacker News

Yesterday, the most popular RSS reader Feedly was down as a result of a large scale distributed-denial-of service (DDoS) attack carried by the cybercriminals to extort money. On Wednesday, the Feedly was temporarily unavailable for its users. Feedly posted details of the attack at 5:00 AM ET on its blog saying that they were under a Distributed Denial of Service (DDoS) attack and cyber-criminals were demanding money in return for returning the service to its normal operations. " Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop, " Edwin Khodabakchian, founder and CEO of Feedly said in a statement on Wednesday. He also expressed regret, " We want to apologize for the inconvenience. Please know that you data is safe and you will be able to re-access your feedly as soon as the attack is neutralized. " Feedly is a very popular RSS feed service which is available for desktop, iOS and

If you have an eBay Account then you should change your password immediately, because the World's biggest E-commerce company with 128 million active users announced today in a press release that it had been Hacked. eBay revealed that attackers compromised customers' database including emails, physical addresses, encrypted passwords and dates of birth, in a hacking attack between late February and early March, but financial information like credit card numbers, as well as PayPal information were stored separately and were not compromised. ' After conducting extensive tests on its networks ,' They also said they've found no evidence of unauthorized access or activity by registered eBay users, but as precaution, eBay is resetting everyone's passwords that ' will help enhance security for eBay users. ' Why did eBay wait so long to tell everyone? because just two weeks ago they discovered data breach . They conducted a forensic investigation of its compu

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Last year, Just after Snowden leaks, the U.S Government warned that NSA surveillance revelations will make harder to track bad guys trying to harm the United States, as disclosures can be helpful to terrorist groups. In response to the NSA revelations, the terrorists at Al-Qaeda have started using strongest encryption techniques in order to bypass the standard cryptographic protections in its various communications, according to the recent report released by the Threat Intelligence  company, Recorded Future . The analysis carried out by the intelligence firm revealed that the Infamous Terrorist Organizations, Al-Qaeda that attacked civilian and military targets in various countries, has switched to new encryption software for the first time in seven years, following the revelations of the US National Security Agency (NSA) by former contractor Edward Snowden . Al-Qaeda is a global militant Islamist and takfiri organization which operates as a network comprising both a

The Iranian hacking group, which calls itself the " Ajax Security Team ", was quite famous from last few years for websites defacement attacks , and then suddenly they went into dark since past few months. But that doesn't mean that the group was inactive, rather defacing the websites, the group was planning something bigger. The Group of hackers at Ajax Security Team last defaced a website in December 2013 and after that it transitioned to sophisticated malware-based espionage campaigns in order to target U.S. defense organizations and Iranian dissidents, according to the report released by FireEye researchers. " The transition from patriotic hacking to cyber espionage is not an uncommon phenomenon. It typically follows an increasing politicization within the hacking community, particularly around geopolitical events ," researchers Nart Villeneuve, Ned Moran, Thoufique Haq and Mike Scott wrote in the report. " This is followed by increasing links between the hacking

A shortage of computer memory in the $2.4 billion Air Traffic Control System caused a Computer crash that resulted in the System collapse, according to an insider close to the incident. The problems began on 30 April, when a U-2 spy plane flew over southwestern US caused the air traffic control system that manages the airspace around Los Angeles' LAX airport, built by Lockheed Martin, to crash due to which hundreds of flight delayed or cancelled two weeks ago. " In theory, the same vulnerability could have been used by an attacker in a deliberate shut-down, " security experts told Reuters. Now that the " very basic limitation of the system " is known, experts showed concerns about the cyber-attacks . Sources claimed to Reuters that on April 30, 2014 the aircraft traffic failed to obtain the altitude information for a single U-2 spy plane which was flying over the area because a controller entered the altitude of the spook flight into the En Route Automation Moderni

French leading telecommunications company ' Orange ' hit by second major data breach of its kind in a matter of months. Company announced that hackers have stolen personal data of 1.3 million customers of its online portal. ORANGE HACKED SECOND TIME IN THREE MONTHS Hackers have stolen a " limited amount of personal information concerning clients and future customers ", including their first names, Surnames email addresses, phone numbers for both mobiles and fixed lines, dates of birth as well as the names of clients' mobile and Internet operators. " The data recovered could be used to contact those concerned by email, SMS or by phone, particularly for phishing purposes ," company said in an statement . The Incident was detected by the company on April 18, but the company has waited until now to inform customers to determine its full extent and to ensure that the security holes leveraged by the hackers have been patched. BEWARE OF PHISHING ATTAC

An alleged member of the famous amorphous Hacktivist group Anonymous is now facing a total of 44 charges after the filing of the latest superseding Indictment of cyber assaults charges against him with the collective to hack Computer systems of a County Government, a school district and a Newspaper organization in Texas, federal investigators announced on Tuesday. 27-year-old Fidel Salinas of Donna, Texas, charged with several counts of cyber stalking, attempted computer hacking and with intent to harass and intimidate a female victim, making it altogether 44 counts of cyber assaults that could lead him up to 440 years in Jail. Salinas intentionally tried to hack into the computer system of Hidalgo County practically two years earlier, for which he was charged with one count of violating the Computer Fraud and Abuse Act after a grand jury in the United States District Court for the Southern District of Texas found him guilty, last October. It looked like, Salinas wou

Microsoft confirmed a new Zero Day critical vulnerability in its browser Internet Explorer . Flaw affects all versions of Internet Explorer, starting with IE version 6 and including IE version 11. In a Security Advisory ( 2963983 ) released yesterday, Microsoft acknowledges a zero-day Internet Explorer vulnerability ( CVE-2014-177 6) is being used in targeted attacks by APT groups, but the currently active attack campaigns are targeting IE9, IE10 and IE11. INTERNET EXPLORER 0-DAY VULNERABILITY (CVE-2014-1776) According to Advisory, Internet Explorer is vulnerable to Remote Code Execution, which resides ' in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. ' Microsoft said. Microsoft Investigation team is currently working with FireEye Security experts, and dubbed the ongoing targeted campaign as " Operation Clandestine Fox ". In a blogpost , FireEye explained that an attacker c

Reading a 'Note' created by anyone on the Facebook could trick you automatically to do malicious attacks against others unknowingly. A Security researcher Chaman Thapa, also known as chr13 claims that the flaw resides in 'Notes' section of the most popular social networking site - Facebook, that could allow anyone to launch the distributed denial-of-service (DDoS) attack of more than 800 Mbps Bandwidth on any website. A Distributed Denial-of-Service (DDoS) attack is one in which multiple compromised systems attacks a single target system or service to make it unavailable to its intended users. The flood of incoming requests essentially forces the target system or service to shut down, thereby denying service to the system to its legitimate users. While demonstrating the vulnerability on his blog , he explained that Facebook allows its users to include tags inside the post in order to draft a note with beautiful related images from any source. Faceb

The growing threat of cyber-attacks and network hacking has reached the satellite-space sector, posing a growing challenge to the satellite operators. Because the satellite system are the critical components for the Nation to a modern military, they have become an attractive target of cyber attacks . A security firm uncovered a number of critical vulnerabilities, including hardcoded credentials, undocumented and insecure protocols, and backdoors in the widely used satellite communications (SATCOM) terminals, which are often used by the military , government and industrial sectors. By exploiting these vulnerabilities an attacker could intercept, manipulate, block communications, and in some circumstances, could remotely take control of the physical devices used in the mission-critical satellite communication (SATCOM). Once the attacker gained the access of the physical devices used to communicate with satellites orbiting in space, he can completely disrupt military ope

It's not so far when Germany confirmed its biggest Data theft in the country's history with the usernames and passwords of some 18 million email accounts stolen and compromised by Hackers, and now German space research center has been reportedly targeted in a cyber attack. The new story broke by the German press, Der Spiegel on Sunday revealing that the German Aerospace Centre ( DLR - Deutsches Zentrum für Luft- und Raumfahrt e. V. ), the country's national center for aerospace, energy and transportation research located in Cologne has been reportedly targeted in a cyber attack out " coordinated and systematic ", apparently launched by a foreign intelligence agency. The systems used by administrators and scientists of the space research center have been found to be infected with Malware and spyware software, and as mention in the report, the attack was " co-ordinated and systematic " with the perfection of Trojan used. SELF-DESTRUCTING MALWARE, WITH LOVE FROM CHI

Year back, one of the largest " Advanced Persistent Threat " ( APT ) hacking groups received widespread attention from the media and from the U.S. government. APT Groups are China's cyber espionage units and they won't stop their espionage operation, despite being exposed last year. Yes, APT hacking groups, APT1 and APT12 , are again making headlines. Without bothering that the world knows about its cyber hacking activities, the two of its major hacking groups have became once again active and have resumed their espionage operation, reports the security firm Mandiant . A timeline of APT1 economic espionage conducted since 2006 and has systematically stolen confidential data from at least 141 organizations across multiple industries. Mandiant, the FireEye owned company, announced in its M-Trend report that over the past year the firm has a close eye on the APT1 group , which it first exposed in February 2013. It's also been monitoring the second Chinese hackers group, APT12 that

Previous articles on The Hacker News have highlighted that How Internet of Things (IoT) opens your home to cyber threats. Recently the security researchers from vulnerability research firm  ReVuln  published a video demonstration shows that Philips Smart TV is prone to cyber attacks by hackers. According to the researchers, some versions of Philips Smart TV with latest firmware update are wide open to hackers and also vulnerable to cookie theft. The fault is in a feature called Miracast , that allows TVs to act as a WiFi access point with a hard-coded password 'Miracast,' and allows devices nearby within the range to connect the device for receiving the screen output. " The main problem is that Miracast uses a fixed password, doesn't show a PIN number to insert and, moreover, doesn't ask permission to allow the incoming connection, " Luigi Auriemma, CEO and security researcher at ReVuln, told SCMagazine . The vulnerability allows an attacker within the device'

So, How do you currently monitor your logs and events, including network, servers, databases, applications, your router, firewall or Windows servers?  Obviously, If you have thousands of machines on your network.. It will become more complicated. Due to the massive boom in the cyber attacks and security breaches that result in financial losses and damages the goodwill of the reputed corporations, the demand for SIEM tools is increasing continuously among the IT security professionals and system administrators. Security Information & Event Management (SIEM) is the best solution, that has evolved over the years to become one of the most trusted and reliable solutions for log management, security, and compliance. SIEM systems provide a holistic view of an organization's Information technology (IT) Security by collecting logs and other security-related documentation for analysis. But SIEM systems are typically expensive to deploy and complex to operate and manage. 

IT Infrastructure of organizations is growing ever more distributed, complex and difficult to manage. To manage such networks, a log management solution is not enough. The AlienVault Unified Security Management™ (USM) platform is the perfect solution to help manage the flood of information and analyze it in real time, to find evidence of security incidents. So, in this article we will introduce you to a security monitoring solution that provides real-time threat detection and speeds incident response. The AlienVault Unified Security Management™ (USM) platform provides all of the essential security controls required for complete security visibility, and is designed to enable any IT or security practitioner to benefit from results on day one. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange™ (OTX ) —the world's largest crowd-sourced threat intelligence exchange—AlienVault USM delivers a unified, simple and affordable solution for threat