#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

Webroot 'mistakenly' flags Windows as Malware and Facebook as Phishing site

Webroot 'mistakenly' flags Windows as Malware and Facebook as Phishing site

Apr 25, 2017
Popular antivirus service Webroot mistakenly flagged core Windows system files as malicious and even started temporarily removing some of the legit files, trashing user computers around the world. The havoc caused after the company released a bad update on April 24, which was pulled after approximately 15 minutes. But that still hasn't stopped some PCs from receiving it, causing serious issues for not just individuals, but also companies and organizations relying on the software. Webroot even Blocked Facebook According to the reports by many customers on social media and Webroot's forum , hundreds and even thousands of systems were broken down after antivirus software flagged hundreds of benign files needed to run Windows and apps that run on top of the operating system. The faulty update even caused the antivirus to incorrectly block access to Facebook after flagging the social network service as a phishing website, preventing users from accessing the social netw
Atlassian's HipChat Hacked — Users' Data May Have Been Compromised

Atlassian's HipChat Hacked — Users' Data May Have Been Compromised

Apr 25, 2017
Atlassian's group chat platform HipChat is notifying its users of a data breach after some unknown hacker or group of hackers broke into one of its servers over the weekend and stole a significant amount of data, including group chat logs. What Happened? According to a security notice published on the company's website today, a vulnerability in a "popular third-party" software library used by its HipChat.com service allowed hackers to break into its server and access customer account information. However, HipChat did not say exactly which programming blunder the hackers exploited to get into the HipChat cloud server. What type of Information? Data accessed by the hackers include user account information such as customers' names, email addresses and hashed password information. Besides information, attackers may have obtained metadata from HipChat "rooms" or groups, including room name and room topic. While metadata is not as critical as d
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Learn Practical Hacking Online — Get Training For Just $45!

Learn Practical Hacking Online — Get Training For Just $45!

Apr 24, 2017
Due to recent highly publicised hacks and high-profile data breaches, certified hackers are in huge demand and being hired by almost all industry to help them keep their networks protected. These ethical hackers not only gain reputation in the IT industry but are also one of the most well-paid employees in the IT workforce today. There is a growing number of jobs for people with ethical hacking skills. But if you lack behind in this field, you required a good computer hacking course to sharpen up your skills and knowledge. The good news for you is that this week's THN Deals brings that let you get started regardless of your experience level. Ethical Hacker Bootcamp  is an online training course for beginners seeking practical skills to learn and pass the Ethical Hacker certification exams and get a significant boost in their IT career. Get Lifetime Access to Ethical Hacker Bootcamp for Just $45 If you want to become a hacker, sign-up for this 45 hours of practical
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Leaked NSA Hacking Tools Being Used to Hack Thousands of Vulnerable Windows PCs

Leaked NSA Hacking Tools Being Used to Hack Thousands of Vulnerable Windows PCs

Apr 22, 2017
Script kiddies and online criminals around the world have reportedly started exploiting NSA hacking tools leaked last weekend to compromise hundreds of thousands of vulnerable Windows computers exposed on the Internet. Last week, the mysterious hacking group known as Shadow Brokers leaked a set of Windows hacking tools targeting Windows XP, Windows Server 2003, Windows 7 and 8, and Windows 2012, allegedly belonged to the NSA's Equation Group. What's Worse? Microsoft quickly downplayed the security risks by releasing patches for all exploited vulnerabilities , but there are still risks in the wild with unsupported systems as well as with those who haven't yet installed the patches. Multiple security researchers have performed mass Internet scans over the past few days and found tens of thousands of Windows computers worldwide infected with DoublePulsar , a suspected NSA spying implant, as a result of a free tool released on GitHub for anyone to use. Security r
US Court Sentences Russian Lawmaker's Son to 27 Years in Jail for Hacking

US Court Sentences Russian Lawmaker's Son to 27 Years in Jail for Hacking

Apr 22, 2017
The son of a prominent Russian lawmaker was sentenced on Friday by a US federal court to 27 years in prison after being convicted of stealing millions of US credit card numbers and causing some $170 million in damages to businesses and individuals. This sentence is so far the longest sentence ever imposed in the United States for a hacking-related case. Roman Valeryevich Seleznev , 32, the son of a Russian Parliament member of the nationalist Liberal Democratic Party (LDPR), Valery Seleznev, was arrested in 2014 while attempting to board a flight in the Maldives and then extradited to the United States. Upon arrest, federal authorities retrieved a computer that contained over 1.7 million stolen credit card numbers. Seleznev, also went by the moniker 'Track2' online, was convicted in August 2016 of 38 charges related to stolen credit card details, which include: 10 counts of Wire Fraud 9 counts of possession of 15 or more unauthorized access devices 9 counts of o
MasterCard launches Credit Card with Built-In Fingerprint Scanner

MasterCard launches Credit Card with Built-In Fingerprint Scanner

Apr 21, 2017
MasterCard has unveiled its brand new payment card that has a built-in biometric fingerprint scanner, allowing customers to authorize payments with their fingerprint, without requiring a PIN code or a signature. The company is already testing the new biometric payment cards, combined with the on-board chips, in South Africa and says it hopes to roll out the new cards to the rest of the world by the end of 2017. Don't Worry, It Still Supports PIN-based Transactions as Fallback Wait — If you think that this feature would not allow you to share your card with your child and spouse, don't worry — Mastercard has a solution for this issue as well. The company has confirmed that even if the card is configured to expect the fingerprint for authenticating a purchase, but it does still have a PIN as a fallback, in case, for some reason EMV readers fail to read fingerprint or you have yourself handed it to your child for shopping. Stores & Retailers Don't Need New Hardw
Cybersecurity Resources