hacking news | Breaking Cybersecurity News | The Hacker News

It's a bad day for Sony yesterday!! Sony appears to be hacked once again by hackers, but this time not its PlayStation , instead its Sony Pictures Entertainment – the company's motion picture, television production and distribution unit. According to multiple reports, the corporate computers of Sony Picture employees in New York and around the world were infiltrated by a hacker, displaying a weird skeleton, a series of URL addresses, and a threatening message that reads: "Hacked By #GOP Warning: We've already warned you, and this is just a beginning. We continue till our request be met. We've obtained all your internal data, including your secrets and top secrets. If you don't obey us, we'll release data shown below to the world. Determine what will you do till November the 24th, 11:00 PM (GMT)." News broke after a user, who claimed to be a former Sony staff, posted allegations of the security breach with the defacement image on Reddit . Hack

Security researchers have discovered thousands of backdoored plugins and themes for the popular content management systems (CMS) that could be used by attackers to compromise web servers on a large scale. The Netherlands-based security firm Fox-IT has published a whitepaper revealing a new Backdoor named "CryptoPHP . " Security researchers have uncovered malicious plugins and themes for WordPress, Joomla and Drupal . However, there is a slight relief for Drupal users, as only themes are found to be infected from CryptoPHP backdoor. In order to victimize site administrators, miscreants makes use of a simple social engineering trick. They often lured site admins to download pirated versions of commercial CMS plugins and themes for free. Once downloaded, the malicious theme or plugin included backdoor installed on the admins' server. "By publishing pirated themes and plug-ins free for anyone to use instead of having to pay for them, the CryptoPHP actor is

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

Researchers have uncovered a highly advanced, sophisticated piece of malware they believe was used to spy on a wide-range of international targets including governments, infrastructure operators and other high-profile individuals since at least 2008. The nasty malware, dubbed "Regin" , is said to be more sophisticated than both Stuxnet and Duqu , according to the researchers at antivirus software maker Symantec Corp. DEVELOPED BY NATION STATE The research showed that the Regin malware is believe to be developed by a wealthy "nation state" and is a primary cyber espionage tool of a nation state because of the financial clout needed to produce code of this complexity with several stealth features to avoid detection. But, the antivirus software maker didn't identify which country was behind it. "It is likely that its development took months, if not years, to complete and its authors have gone to great lengths to cover its tracks. Its capabili

Security researchers have discovered a new type of "Man-in-the-Middle" (MitM) attack in the wild targeting smartphone and tablets users on devices running either iOS or Android around the world. The MitM attack, dubbed DoubleDirect , enables an attacker to redirect a victim's traffic of major websites such as Google, Facebook and Twitter to a device controlled by the attacker. Once done, cyber crooks can steal victims' valuable personal data, such as email IDs, login credentials and banking information as well as can deliver malware to the targeted mobile device. San Francisco-based mobile security firm Zimperium detailed the threat in a Thursday blog post , revealing that the DoubleDirect technique is being used by attackers in the wild in attacks against the users of web giants including Google, Facebook, Hotmail, Live.com and Twitter, across 31 countries, including the U.S., the U.K. and Canada. DoubleDirect makes use of ICMP (Internet Control Message P

Unless we are a human supercomputer, remembering password is not an easy task and that too, if you have a different password for every different site. But luckily to make the whole process easy, there is a growing market for password managers which provides an extra layer of protection. Wait! Wait! Seriously?? Security researchers have discovered a new variant of data-stealing Citadel Trojan program used by cybercriminals to slurp up users' master passwords for a number of password management applications and other authentication programs, which will let you think twice before using one. Citadel Trojan malware program has typically been used to steal online banking credentials and other financial information by masquerading itself as legitimate banking sites when victims open it in their local browser, which is also known as a man-in-the-browser attack . The malware has previously targeted users' credentials stored in the password management applications included

Good news for all Privacy Lovers!! Finally the wildly popular messaging app WhatsApp has made end-to-end encryption a default feature, stepping a way forward for the online privacy of its users around the world. WhatsApp , most popular messaging app with 600 Million users as of October 2014, has partnered with Open Whisper Systems to boost its privacy and security by implementing strong end-to-end encryption on all text messages. The strong end-to-end encryption here means that even Mark Zuckerberg himself can't pry into your conversations, even if asked by law enforcement officials. The app maker describe this move as the " largest deployment of end-to-end encryption ever ." The Open Whisper System is a non-profit software organisation started by security researcher Moxie Marlinspike, who is behind the development of TextSecure app used for encryption. Over the past three years, his team has been in the process of developing a 'modern, open source

Microsoft today released an " out-of-band " security updates to fix a critical vulnerability in all supported versions of its Windows Server software that cyber criminals are exploiting to compromise whole networks of computers. The Emergency patch release comes just one week after Microsoft provided its monthly security patch updates. The November 2014 Patch Tuesday updates included 16 security patches, five of which were rated by Redmond as "critical." The security update (MS14-068) addresses a vulnerability in the Windows component called Microsoft Windows Kerberos KBC , authentication system used by default in the operating system. The flaw allows an attacker to elevate domain user account privileges and access rights to that of a domain administrator account. As a result, if users unknowingly or accidentally run a malicious software on their system, it could therefore be used to compromise the entire network, which could be more dangerous for those who

Tor has always been a tough target for law enforcement for years and FBI has spent millions of dollars to de-anonymize the identity of Tor users, but a latest research suggests that more than 81% of Tor clients can be "de-anonymised" by exploiting the traffic analysis software 'Netflow' technology that Cisco has built into its router protocols. NetFlow is a network protocol designed to collect and monitor network traffic. It exchanged data in network flows, which can correspond to TCP connections or other IP packets sharing common characteristics, such UDP packets sharing source and destination IP addresses, port numbers, and other information. The research was conducted for six years by professor Sambuddho Chakravarty , a former researcher at Columbia University's Network Security Lab and now researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology in Delhi. Chakravarty used a technique, in order to determine the Tor

The malicious Russian Tor exit node , which was claimed to be patching binary files, is actually distributing a malware program to launch cyber-espionage attacks against European government agencies. The group behind the rogue Tor exit node had likely been infecting files for more than a year, causing victims to download and install a backdoor file that gave hackers full control of their systems. Last month Josh Pitts of Leviathan Security Group uncovered a malicious Tor exit node that wraps Windows executable files inside a second, malicious Windows executable. But when Artturi Lehtiö of F-Secure carried out an in-depth research, he found that the exit node was actually linked to the notorious Russian APT family MiniDuke . " MiniDuke " previously infected government agencies and organizations in more than 20 countries via a modified Adobe PDF email attachment . MiniDuke malware is written in assembly language with its tiny file size (20KB), and uses hijacke

Cyber criminals are using new malware variants by exploiting GNU Bash vulnerability referred to as ShellShock ( CVE-2014-6271 ) in order to infect embedded devices running BusyBox software, according to a researcher. A new variant of " Bashlite " malware targeting devices running BusyBox software was spotted by the researchers at Trend Micro shortly after the public disclosure of the ShellShock vulnerability. BusyBox provides set of command line utilities that are specifically designed to run in constrained embedded environments. At compile time, different capabilities can be left out, reducing the size of the binaries, and efforts are made to make them memory efficient. This makes the software an excellent candidate for use in consumer electronics devices, which seem to have been the items of interest in this case. The malware variant, detected as ELF_BASHLITE.A (ELF_FLOODER.W) , when executed on victim's machine, scans compromised networks for device

A seven-year-old cyber espionage campaign has targeted senior level executives from large global companies by using a specialized Advanced Persistent Threat (APT) , zero-day exploits, and well-developed keyloggers to extract information from them when they stay in luxury hotels during their business trips. The researchers at Moscow-based security firm Kaspersky Lab dubbed the threat as " DarkHotel APT ," appear to have the ability to know in advance when a targeted executive checks in and checks out of a hotel. The group has been operating in Asia since from 2009 but there have been infections recorded in the United States, South Korea, Singapore, Germany, Ireland and many others, as well. It uses hotel Wi-Fi networks to target elite executives at organisations in manufacturing, defense, investment capital, private equity, automotive and other industries. The group has access to zero day vulnerabilities and exploits, and it used them to infect victims. Threa

Microsoft has this time quite a big pile of security patches in its November 2014 Patch Tuesday , which will address almost 60 non-security updates for its Windows OS along with 16 security updates . The software giant released Advance Notification for 16 security bulletins, the most in more than three years, which will be addressed as of tomorrow, 11 November, 2014. Five of the bulletins have been marked as " critical ", nine are " importan t" in severity, while two were labeled " moderate ." The updates will patch vulnerabilities in Microsoft's various software including Internet Explorer (IE), Windows, Office, Exchange Server, SharePoint Server and the .NET framework as well. Five critical vulnerabilities affect specific versions of Microsoft Windows, including Windows 7, Windows 8, Windows RT, and Windows Server. One of them also affects Internet Explorer versions 7 through 11 as well. Four of the five critical bugs are said to al

The authorities of the U.S. Federal Bureau of Investigation have announced that they have arrested " Silk Road 2.0 " operator Blake Benthall , used the alias " Defcon " in California on Wednesday and charged him with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes. Silk Road 2, an alternative to the notorious online illegal-drug marketplace that went dark in October of 2013, has been seized in a joint action involving the FBI, Department of Homeland Security, and European law enforcement. " As alleged, Blake Benthall attempted to resurrect Silk Road, a secret website that law enforcement seized last year, by running Silk Road 2.0, a nearly identical criminal enterprise, " Manhattan US Attorney Preet Bharara said in a statement . " Let's be clear—this Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will r

Security researchers from Newcastle University in the UK have found a way to steal larger amounts of money from people's pockets using just a mobile phone, due to a security glitch Visa's contactless payment cards. Contactless payment cards use a cryptoprocessor and RFID technology to perform secure transactions without a need to insert the card in a reader, even an NFC-equipped mobile device may also be used as a payment card. But there is a specified limits country-wise. Contactless payment cards are meant to have a limit of £20 per purchase in UK, using which shoppers can buy things by simply tapping their card on a scanner, without having to type in a PIN. But exploiting a flaw in its protocol could allow cyber criminals to manipulate the cards to transfer up to $999,999.99 in foreign currency into a scammer's account. Researchers on Wednesday at the 21st ACM Conference on Computer and Communications Security, detailed the attack which rely on a "rogue POS te

Do you use  TextSecure Private Messenger  for your private conversations? If yes, then Are you sure you are actually using a Secure messaging app? TextSecure , an Android app developed by Open WhisperSystems , is completely open-source and claims to support end-to-end encryption of text messages. The app is free and designed by keeping privacy in mind. However, while conducting the first audit of the software, security researchers from Ruhr University Bochum found that the most popular mobile messaging app is open to an Unknown Key-Share attack . After Edward Snowden revealed state surveillance programs conducted by the National Security Agency, and meanwhile when Facebook acquired WhatsApp , TextSecure came into limelight and became one of the best alternatives for users who want a secure communication. " Since Facebook bought WhatsApp , instant messaging apps with security guarantees became more and more popular ," the team wrote in the paper titled,

Dear THN Readers, ' The Hacker News ' is celebrating its 4th Anniversary today and we would like to thank every single Hacker, Researcher, Journalist, Enthusiast who has contributed to our phenomenal growth. When we began our journey 4 years back as a Small Local Community of few Hackers and Security Researchers, we had a dream of providing the Hacking Community with World's not first but best Hacking and IT Security News Platform. We wanted to gift hacking community members and security researchers their own trusted and an unique News platform, which is run by Hackers and dedicated to Hackers, a platform which is free from Censorship, Conventions, Governments and Borders. Now, we have been Internationally recognized as a leading news source dedicated to promoting awareness for cyber security experts and hackers. We are happy to announce that this project is now Supported and endorsed by thousands of Security Experts, administrators and members of vario

The open-source Wget application which is most widely used on Linux and Unix systems for retrieving files from the web has found vulnerable to a critical flaw. GNU Wget is a command-line utility designed to retrieve files from the Web using HTTP, HTTPS, and FTP, the most widely used Internet protocols. Wget can be easily installed on any Unix-like system and has been ported to many environments, including Microsoft Windows, Mac OS X, OpenVMS, MorphOS and AmigaOS. When a recursive directory fetch over FTP server as the target, it would let an attacker " create arbitrary files, directories or symbolic links " due to a symlink flaw. IMPACT OF SYMLINK ATTACK " It was found that wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP ," developer Vasyl Kaigorodov wrote in a Red Hat Bugzilla comment . A remote unauthentica

China's number one — and the world's 3rd largest — smartphone manufacturer, Xiaomi , which is trying to make inroads into India's booming mobile phone market, was found secretly sending users' personal data , including IMEI numbers, phone numbers and text messages to the web servers back to Beijing in China. INDIA AND TAIWAN vs XIAOMI This issue raised higher concerns across many countries, proactively in India, Singapore and Taiwan. The Indian Air Force (IAF) — among the largest in the world — warned its employees and their belongings that their private information was being shipped over to servers in China, and asked them to avoid using Xiaomi smartphones due to security risk. Taiwanese Government underlined similar concerns before Xiaomi's launch in India. Xiaomi is facing an investigation in Taiwan for alleged cyber security threat, as a result of which last month the Taiwanese government decided to ban the company due to several privacy controversies. When i