The Hacker News | #1 Trusted Cybersecurity News Site — Index Page

'Do I really need to give this website so much about me?' That's exactly what I usually think after filling but before submitting a web form online asking for my personal details to continue. I am sure most of you would either close the whole tab or would edit already typed details (or filled up by browser's auto-fill feature) before clicking 'Submit' — Isn't it? But closing the tab or editing your information hardly makes any difference because as soon as you have typed or auto-filled anything into the online form, the website captures it automatically in the background using JavaScript, even if you haven't clicked the Submit button. During an investigation, Gizmodo has discovered that code from NaviStone used by hundreds of websites, invisibly grabs each piece of information as you fill it out in a web form before you could hit 'Send' or 'Submit.' NaviStone is an Ohio-based startup that advertises itself as a service to u

The National Security Agency (NSA) — the United States intelligence agency which is known for its secrecy and working in the dark — has finally joined GitHub and launched an official GitHub page. The NSA employs genius-level coders and brightest mathematicians, who continually work to break codes, gather intelligence on everyone, and develop hacking tools like EternalBlu e that was leaked by the Shadow Brokers in April and abused by the WannaCry ransomware last month to wreak havoc worldwide. The intelligence agency mostly works in secret, but after Edward Snowden leaks in 2013, the NSA has started (slowly) opening itself to the world. It joined Twitter in the same year after Snowden leaks and now opened a Github account. GitHub is an online service designed for sharing code amongst programmers and open source community, and so far, the NSA is sharing 32 different projects as part of the NSA Technology Transfer Program ( TTP ), while some of these are 'coming soon.'

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

It seems Microsoft is planning to build its EMET anti-exploit tool into the kernel of Windows 10 Creator Update (also known as RedStone 3), which is expected to release in September/October 2017. So you may not have to separately download and install EMET in the upcoming version of the Windows 10. If true, this would be the second big change Microsoft is making in its Windows 10 Fall update after planning to remove SMBv1 to enhance its users security. EMET or Enhanced Mitigation Experience Toolkit, currently optional, is a free anti-exploit toolkit for Microsoft's Windows operating systems designed to boost the security of your computer against complex threats such as zero-day vulnerabilities. " EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software ," Microsoft site reads. Basically EMET detects and prevents buffer overflows and memory corruption vulnerabilities,

The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update. The SMBv1 is one of the internet's most ancient networking protocols that allows the operating systems and applications to read and write data to a system and a system to request services from a server. The WannaCry ransomware , which wreaked havoc last month, was also leveraging an NSA's Windows SMB exploit, dubbed EternalBlue , leaked by the Shadow Brokers in its April data dump. The WannaCry ransomware menace shut down hospitals , telecommunication providers, and many businesses worldwide, infecting hundreds of thousands of unpatched Windows servers running SMBv1 in more than 150 countries within just 72 hours on 12th of May. Although Microsoft patched the vulnerability in SMBv1 in March in MS17-010 , the company meanwhile strongly advised us

Update: Find working Exploits and Proof-of-Concepts at the bottom of this article. Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover. Dubbed Stack Clash , the vulnerability ( CVE-2017-1000364 ) has been discovered in the way memory was being allocated on the stack for user space binaries. Exploiting Stack Clash Bug to Gain Root Access The explanation is simple: Each program uses a special memory region called the stack, which is used to store short-term data. It expands and contracts automatically during the execution of any program, depending upon the needs of that program. According to researchers at Qualys, who discovered and reported this bug, a malicious program can attempt to use more memory space than available on the stack,

South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them. According to a blog post published by NAYANA, the web hosting company, this unfortunate event happened on 10th June when ransomware malware hit its hosting servers and attacker demanded 550 bitcoins (over $1.6 million) to unlock the encrypted files. However, the company later negotiated with the cyber criminals and agreed to pay 397.6 bitcoins (around $1.01 million) in three installments to get their files decrypted. The hosting company has already paid two installments at the time of writing and would pay the last installment of ransom after recovering data from two-third of its infected servers. According to the security firm Trend Micro , the ransomware used in the attack was Erebus that was first spotted in September last year and was seen in February this year with Win